Se connecter / S'enregistrer
Votre question

virus impossible ouvrir sans échec

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
16 Novembre 2008 19:31:45

bonjour
j'ai téléchargé une merde visiblement
qui m'a rendu ccleaner, cleanup, hijackthis, et malwarebyte
inouvrables
y compris avast ne s'ouvre plus

je ne peux pas démarrer en mode sans échec, il reboote automatiquement

comment je peux faire ?
sinon tout le reste fonctionne bien

merci

Autres pages sur : virus impossible ouvrir echec

a c 273 8 Sécurité
16 Novembre 2008 19:36:03

Salut,

Tu as le message "n'est pas une application win32 valide" ?
16 Novembre 2008 22:20:52

oui exactement
Contenus similaires
a c 273 8 Sécurité
16 Novembre 2008 22:33:48

Tu es sous XP ou Vista ?

Tu as une infection Bagle.
16 Novembre 2008 22:55:13

Bonsoir,

Poste pour suivre.

;) 
17 Novembre 2008 00:10:16

sous xp
bagle ???
a c 273 8 Sécurité
17 Novembre 2008 00:41:05

  • Télécharge FindyKill (par Chiquitine29) sur ton Bureau.
  • Lance l'installation avec les paramètres par défaut.
  • Double-clique sur le raccourci FindyKill sur ton Bureau.
  • Au menu principal, choisis l'option 1 (Recherche).
  • Poste le rapport FindyKill.txt

    Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
    17 Novembre 2008 01:49:51

    désolé marche pas
    il me dit accés refusé
    a c 273 8 Sécurité
    17 Novembre 2008 10:43:56

    FindyKill se trouve bien dans C:\Program Files\ ?
    17 Novembre 2008 13:32:26



    ----------------- FindyKill V4.700 ------------------

    * User : Administrateur - IOM-C9EE20FECBE
    * Emplacement : C:\Program Files\FindyKill
    * Outils Mis a jours le 13/11/08 par Chiquitine29
    * Recherche effectuée à 12:07:49 le 17/11/2008
    * Windows XP - Internet Explorer 6.0.2900.5512

    ((((((((((((((((( *** Recherche *** ))))))))))))))))))


    --------------- [ Processus actifs ] ----------------


    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AGI\common\win32\PythonService.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\WINDOWS\system32\mgabg.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\WTLXPan.Exe
    C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Menara\dslmon.exe
    C:\WINDOWS\explorer.exe

    --------------- [ Fichiers/Dossiers infectieux ] ----------------


    »»»» Presence des fichiers dans C:

    Found ! [17/11/2008 00:42] - C:\InfoSat.txt

    »»»» Presence des fichiers dans C:\WINDOWS


    »»»» Presence des fichiers dans C:\WINDOWS\Prefetch

    Found ! - C:\WINDOWS\prefetch\WINFILSE.EXE-17C2CF68.pf
    Found ! - C:\WINDOWS\Prefetch\INSTALL_CRACK.EXE-028E5D95.pf
    Found ! - C:\WINDOWS\Prefetch\INSTALL_CRACK.EXE-028E5D95.pf
    Found ! - C:\WINDOWS\Prefetch\KEYGEN.EXE-07BC1137.pf
    Found ! - C:\WINDOWS\Prefetch\KEYGEN.EXE-07BC1137.pf
    Found ! - C:\WINDOWS\Prefetch\KEY_GENERATOR.EXE-0A0997E9.pf
    Found ! - C:\WINDOWS\Prefetch\REGPATCH.EXE-145E3A43.pf

    »»»» Presence des fichiers dans C:\WINDOWS\system32

    Found ! [17/11/2008 05:30] - C:\WINDOWS\system32\mdelk.exe
    Found ! [17/11/2008 05:30] - C:\WINDOWS\system32\wintems.exe
    Found ! [17/11/2008 08:31] - C:\WINDOWS\system32\ban_list.txt

    »»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

    Found ! [16/11/2008 18:38] - C:\WINDOWS\system32\drivers\srosa.sys
    Found ! [16/11/2008 18:38] - C:\WINDOWS\system32\drivers\srosa2.sys
    Found ! [08/08/2006 08:01] - C:\WINDOWS\system32\drivers\winfilse.exe
    Found ! [17/11/2008 05:32] - "C:\WINDOWS\system32\drivers\downld"
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\10017500.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\10074656.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\10114218.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\24533546.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\24551390.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\24555234.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\24569046.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\24581531.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\24589843.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\24601718.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\24615140.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\24689031.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\24754546.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\24769968.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\279281.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\294953.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\297203.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\348828.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\352984.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\362562.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\39191531.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\39202359.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\39204031.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\39221125.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\39227781.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\39232531.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\39244125.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\39289859.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\39352078.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\39365828.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\439812.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\515078.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\544531.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\9838359.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\9851531.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\9856312.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\9927437.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\9934687.exe
    Found ! [17/11/2008 05:32] C:\WINDOWS\system32\drivers\downld\9948750.exe

    »»»» Presence des fichiers dans C:\Documents and Settings\Administrateur\Application Data

    Found ! [17/11/2008 05:30] - "C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe"
    Found ! [17/11/2008 05:30] - "C:\Documents and Settings\Administrateur\Application Data\m\list.oct"
    Found ! [17/11/2008 05:30] - "C:\Documents and Settings\Administrateur\Application Data\m\data.oct"
    Found ! [17/11/2008 05:30] - "C:\Documents and Settings\Administrateur\Application Data\m\srvlist.oct"
    Found ! [17/11/2008 05:33] - "C:\Documents and Settings\Administrateur\Application Data\m\shared"
    Found ! [17/11/2008 05:30] - "C:\Documents and Settings\Administrateur\Application Data\m"

    »»»» Presence des fichiers dans C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp


    »»»» Presence des fichiers dans C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5

    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\4TIVWLAN\b64_2[1].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\4TIVWLAN\b64_2[2].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\4TIVWLAN\b64_2[3].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\4TIVWLAN\b64_3[1].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\4TIVWLAN\mxd[1].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ECM89KNA\b64[1].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ECM89KNA\b64_1[1].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ECM89KNA\mxd[1].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPE3GHUV\b64[1].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPE3GHUV\b64_1[1].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPE3GHUV\b64_1[2].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPE3GHUV\b64_3[1].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPE3GHUV\b64_3[2].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\STMJO9A3\b64[1].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\STMJO9A3\b64[2].jpg
    Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\STMJO9A3\b64_1[1].jpg

    --------------- [ Registre / Startup ] ----------------


    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    WTLXPan REG_SZ WTLXPan.Exe
    NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
    SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
    KiweeHook REG_SZ "C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe"
    avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
    MSMSGS REG_SZ "C:\Program Files\Messenger\msmsgs.exe" /background
    updateMgr REG_SZ C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
    BitTorrent DNA REG_SZ "C:\Program Files\DNA\btdna.exe"

    --------------- [ Registre / Clés infectieuses ] ----------------


    Found ! - HKEY_USERS\S-1-5-21-1801674531-861567501-1417001333-500\Software\Local AppWizard-Generated Applications\install_crack
    Found ! - HKEY_USERS\S-1-5-21-1801674531-861567501-1417001333-500\Software\Local AppWizard-Generated Applications\winfilse
    Found ! - HKEY_USERS\S-1-5-21-1801674531-861567501-1417001333-500\Software\DateTime4
    Found ! - HKEY_USERS\S-1-5-21-1801674531-861567501-1417001333-500\Software\FFC
    Found ! - HKEY_USERS\S-1-5-21-1801674531-861567501-1417001333-500\Software\FirtR
    Found ! - HKEY_USERS\S-1-5-21-1801674531-861567501-1417001333-500\Software\MuleAppData
    Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\install_crack
    Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
    Found ! - HKEY_CURRENT_USER\Software\DateTime4
    Found ! - HKEY_CURRENT_USER\Software\FirtR
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
    Found ! - HKEY_CURRENT_USER\Software\DateTime4
    Found ! - HKEY_CURRENT_USER\Software\FirtR
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s

    --------------- [ Etat / Services ] ----------------

    Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

    - sans echec non fonctionnel !!

    Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

    - sans echec non fonctionnel !!

    Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

    - sans echec non fonctionnel !!



    +- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

    /!\ Ndisuio - Type de démarrage = 4

    EapHost - Type de démarrage = 3

    /!\ Ip6Fw - Type de démarrage = 4

    SharedAccess - Type de démarrage = 2

    wuauserv - Type de démarrage = 2

    /!\ wscsvc - Type de démarrage = 4



    --------------- [ Recherche dans supports amovibles] ----------------


    +- Informations :

    C: - Lecteur fixe

    D: - Lecteur fixe

    E: - Lecteur fixe

    F: - Lecteur fixe

    G: - Lecteur fixe


    +- Contenu de l'autorun : C:\autorun.inf



    +- Contenu de l'autorun : D:\autorun.inf



    +- Contenu de l'autorun : E:\autorun.inf



    +- Contenu de l'autorun : F:\autorun.inf



    +- Contenu de l'autorun : G:\autorun.inf



    +- presence des fichiers :

    Found ! [21/05/2008 11:54][drahs----] - C:\autorun.inf
    Found ! [21/05/2008 11:54][drahs----] - D:\autorun.inf
    Found ! [21/05/2008 11:54][drahs----] - E:\autorun.inf
    Found ! [21/05/2008 11:54][drahs----] - F:\autorun.inf
    Found ! [21/05/2008 11:54][drahs----] - G:\autorun.inf


    --------------- [ Registre / Mountpoint2 ] ----------------


    -> Not found !


    ------------------- ! Fin du rapport ! --------------------

    17 Novembre 2008 13:33:00

    heureusement j'ai un dual boot, sur ma machine
    car le systeme infecté reboote dès que je met sur le net maintenant
    a c 273 8 Sécurité
    17 Novembre 2008 14:55:38

    Vu la tête du rapport, ça ne m'étonne pas.

    Supprime tes cracks sinon l'infection reviendra !!!

  • Branche tes disques amovibles à ton PC (clefs USB, disque dur externe, etc...) sans les ouvrir.
  • Double-clique sur le raccourci FindyKill sur ton Bureau.
  • Au menu principal, choisis l'option 2 (Suppression).

    /!\ Il y aura 1 redémarrage, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

  • Ensuite, poste le rapport FindyKill.txt

    Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
    17 Novembre 2008 18:39:22



    ----------------- FindyKill V4.700 ------------------

    * User : Administrateur - IOM-C9EE20FECBE
    * executed from : C:\Program Files\FindyKill
    * Update on 13/11/08 par Chiquitine29
    * Start at 17:32:43 the 17/11/2008
    * Windows XP - Internet Explorer 6.0.2900.5512


    ((((((((((((((( *** deleting *** ))))))))))))))))))


    --------------- [ Active Processes ] ----------------


    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AGI\common\win32\PythonService.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\WINDOWS\system32\mgabg.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe

    --------------- [ Infected files / folders ] ----------------


    »»»» Supression files in C:

    Deleted ! - C:\InfoSat.txt

    »»»» Supression files in C:\WINDOWS


    »»»» Supression files in C:\WINDOWS\Prefetch

    Deleted ! - C:\WINDOWS\prefetch\INSTALL_CRACK.EXE-028E5D95.pf
    Deleted ! - C:\WINDOWS\prefetch\KEYGEN.EXE-07BC1137.pf
    Deleted ! - C:\WINDOWS\prefetch\KEY_GENERATOR.EXE-0A0997E9.pf
    Deleted ! - C:\WINDOWS\prefetch\REGPATCH.EXE-145E3A43.pf
    Deleted ! - C:\WINDOWS\prefetch\WINFILSE.EXE-17C2CF68.pf

    »»»» Supression files in C:\WINDOWS\system32

    Deleted ! - C:\WINDOWS\system32\mdelk.exe

    »»»» Supression files in C:\WINDOWS\system32\drivers

    Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys
    Deleted ! - C:\WINDOWS\system32\drivers\winfilse.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\10017500.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\10074656.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\10114218.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\24533546.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\24551390.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\24555234.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\24569046.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\24581531.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\24589843.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\24601718.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\24615140.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\24689031.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\24754546.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\24769968.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\279281.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\294953.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\297203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\348828.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\352984.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\362562.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\39191531.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\39202359.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\39204031.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\39221125.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\39227781.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\39232531.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\39244125.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\39289859.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\39352078.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\39365828.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\439812.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\515078.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\544531.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\9838359.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\9851531.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\9856312.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\9927437.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\9934687.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\9948750.exe
    Deleted ! - "C:\WINDOWS\system32\drivers\downld"

    »»»» Supression files in C:\Documents and Settings\Administrateur\Application Data

    Deleted ! - "C:\Documents and Settings\Administrateur\Application Data\m"

    »»»» Supression files in C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp


    »»»» Supression files in C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5

    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\4TIVWLAN\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\4TIVWLAN\b64_2[2].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\4TIVWLAN\b64_2[3].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\4TIVWLAN\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\4TIVWLAN\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ECM89KNA\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ECM89KNA\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ECM89KNA\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPE3GHUV\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPE3GHUV\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPE3GHUV\b64_1[2].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPE3GHUV\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPE3GHUV\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\STMJO9A3\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\STMJO9A3\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\STMJO9A3\b64_1[1].jpg

    --------------- [ Registry / Infected keys ] ----------------

    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
    Deleted ! - HKEY_CURRENT_USER\Software\FirtR
    Deleted ! - HKEY_CURRENT_USER\Software\FFC
    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
    Deleted ! - HKEY_USERS\S-1-5-21-1801674531-861567501-1417001333-500\Software\Local AppWizard-Generated Applications\install_crack
    Deleted ! - HKEY_USERS\S-1-5-21-1801674531-861567501-1417001333-500\Software\Local AppWizard-Generated Applications\winfilse
    Deleted ! - HKEY_USERS\S-1-5-21-1801674531-861567501-1417001333-500\Software\MuleAppData

    --------------- [ States / Restarting of services ] ----------------



    +- Services : [ Auto=2 / Request=3 / Disable=4 ]

    Ndisuio - Type of startup = 3

    EapHost - Type of startup = 2

    Ip6Fw - Type of startup = 2

    SharedAccess - Type of startup = 2

    wuauserv - Type of startup = 2

    wscsvc - Type of startup = 2


    --------------- [ Cleaning removable drives ] ----------------

    +- Informations :

    C: - Lecteur fixe

    D: - Lecteur fixe

    E: - Lecteur fixe

    F: - Lecteur fixe

    G: - Lecteur fixe


    +- deleting files :

    Not deleted !! - C:\autorun.inf
    Not deleted !! - D:\autorun.inf
    Not deleted !! - E:\autorun.inf
    Not deleted !! - F:\autorun.inf
    Not deleted !! - G:\autorun.inf

    --------------- [ Registry / Moutpoint2 ] ----------------


    -> Not found !


    --------------- [ Searching Cracks / Keygen ] ----------------

    C:\Documents and Settings\Administrateur\Application Data\Ulead Systems\Ulead PhotoImpact\11.0\Ulead.DAT\Recently\inthecrack_Carli_Banks__006.jpg.lnk
    C:\Documents and Settings\Administrateur\Favoris\crack video prot‚g‚ par licence gratuit - T‚l‚chargement logiciels.url
    C:\Documents and Settings\Administrateur\Mes documents\HT.Video.Editor.v6.0-ROR.ShareReactor\keygen.exe


    ---------------- ! End of report ! ------------------


    17 Novembre 2008 18:40:57

    ce qu'il y a d'étrange c'est que je n'ai pas de crack sur ce systeme
    a part le crack que j'avais téléchargé et qui m'a mis la merde
    c'était la keygen de bitdefender
    a la place, j'ai un truc qui s'ouvre, blackbox, pour les avions ??!!!!
    je vois pas le rapport
    mais la fenetre de ce truc s'ouvre a chaque démarrage maintenant
    suite à ce nettoyage findkill
    je fais quoi ?
    a c 273 8 Sécurité
    17 Novembre 2008 19:06:59

    Citation :
    c'était la keygen de bitdefender
    a la place, j'ai un truc qui s'ouvre, blackbox, pour les avions ??!!!!

    ---> Ok, sûrement ça.

  • Réinstalle tes applications infectées (n'est pas une application win32 valide).
  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparait à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
    17 Novembre 2008 20:28:32

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Administrateur at 2008-11-17 19:26:44
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 25 GB (64%) free of 40 GB
    Total RAM: 1023 MB (67% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:27:13, on 17/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\WTLXPan.Exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Menara\dslmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AGI\common\win32\PythonService.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\mgabg.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
    C:\Program Files\trend micro\Administrateur.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
    O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
    O4 - HKLM\..\Run: [WTLXPan] WTLXPan.Exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{3EC5204B-8323-4982-B73D-BF3156A7D40A}: NameServer = 196.217.246.211 212.217.0.13
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
    O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe

    --
    End of file - 5978 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]
    AGSearchHook Class - C:\Program Files\AGI\common\agcutils.dll [2008-10-27 688128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
    Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll [2008-10-27 277648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll [2008-10-27 277648]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "WTLXPan"=C:\WINDOWS\system32\WTLXPan.Exe [2004-08-26 708608]
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
    "KiweeHook"=C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe [2008-10-27 56456]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-12 81000]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2006-08-08 864264]
    "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-10-17 289088]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    DSLMON.lnk - C:\Program Files\Menara\dslmon.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="sockspy.dll"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NBF]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nbf.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProtectedStorage]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sglfb.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tga.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableLUA"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=36
    "NoDriveAutoRun"=FFFFFFFF

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{12ac9bda-2157-11dd-ab4a-4d6564696130}]
    shell\AutoRun\command - J:\LaunchU3.exe -a


    ======File associations======

    .reg - open - regedit.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2008-11-17 19:22:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2008-11-17 19:18:05 ----D---- C:\Program Files\trend micro
    2008-11-17 19:18:04 ----D---- C:\rsit
    2008-11-17 17:32:43 ----A---- C:\FindyKill.txt
    2008-11-17 12:06:38 ----A---- C:\SAFEBOOT_REPAIR.TXT
    2008-11-17 00:43:42 ----D---- C:\Program Files\FindyKill
    2008-11-17 00:42:22 ----A---- C:\TCleaner.txt
    2008-11-16 18:18:09 ----A---- C:\WINDOWS\nircmd.exe
    2008-11-16 18:11:44 ----D---- C:\Program Files\CleanUp!
    2008-11-16 04:01:44 ----D---- C:\WINDOWS\Minidump
    2008-11-15 09:54:50 ----D---- C:\Program Files\Softwin
    2008-11-15 09:53:14 ----D---- C:\Program Files\Fichiers communs\Softwin
    2008-11-14 14:00:31 ----D---- C:\WINDOWS\system32\appmgmt
    2008-11-14 14:00:27 ----D---- C:\WINDOWS\SxsCaPendDel
    2008-11-14 01:39:53 ----D---- C:\Program Files\BitDefender
    2008-11-14 01:39:51 ----SHD---- C:\Config.Msi
    2008-11-14 01:39:17 ----D---- C:\Program Files\Fichiers communs\BitDefender
    2008-11-12 21:06:43 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2008-11-12 21:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
    2008-11-12 21:05:15 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2008-10-31 20:47:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2008-10-31 00:57:32 ----D---- C:\WINDOWS\Prefetch
    2008-10-30 17:09:22 ----A---- C:\WINDOWS\system32\wmpns.dll
    2008-10-30 15:07:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2008-10-30 15:07:38 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-30 15:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-10-30 15:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-30 15:06:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
    2008-10-30 15:06:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-30 15:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2008-10-30 15:05:49 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2008-10-30 15:05:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2008-10-30 15:05:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2008-10-30 15:05:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2008-10-30 15:05:01 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2008-10-30 15:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2008-10-30 14:58:22 ----D---- C:\WINDOWS\system32\fr-fr
    2008-10-30 14:58:20 ----D---- C:\WINDOWS\l2schemas
    2008-10-30 14:58:19 ----D---- C:\WINDOWS\system32\fr
    2008-10-30 14:58:18 ----D---- C:\WINDOWS\system32\bits
    2008-10-30 14:51:41 ----D---- C:\WINDOWS\ServicePackFiles
    2008-10-30 14:47:30 ----D---- C:\WINDOWS\network diagnostic
    2008-10-30 14:40:34 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2008-10-27 13:01:29 ----D---- C:\Program Files\Kiwee Toolbar
    2008-10-27 13:01:19 ----D---- C:\Documents and Settings\All Users\Application Data\Kiwee Toolbar
    2008-10-27 13:01:03 ----D---- C:\Documents and Settings\All Users\Application Data\agi
    2008-10-27 13:01:03 ----D---- C:\Documents and Settings\Administrateur\Application Data\agi
    2008-10-27 13:00:38 ----A---- C:\WINDOWS\system32\pywintypes25.dll
    2008-10-27 13:00:38 ----A---- C:\WINDOWS\system32\pythoncom25.dll
    2008-10-27 13:00:37 ----A---- C:\WINDOWS\system32\python25.dll
    2008-10-27 12:59:59 ----D---- C:\Program Files\AGI
    2008-10-25 01:46:54 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
    2008-10-22 16:14:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
    2008-10-22 16:14:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-22 16:13:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956390_0$
    2008-10-21 02:54:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
    2008-10-21 02:52:32 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
    2008-10-21 02:52:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
    2008-10-18 15:20:13 ----A---- C:\WINDOWS\system32\331bac4a-.txt

    ======List of files/folders modified in the last 1 months======

    2008-11-17 19:24:49 ----D---- C:\WINDOWS\Temp
    2008-11-17 19:23:17 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-11-17 19:23:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\DNA
    2008-11-17 19:22:57 ----HD---- C:\WINDOWS\system32\drivers
    2008-11-17 19:22:54 ----D---- C:\WINDOWS\system32
    2008-11-17 19:18:05 ----RD---- C:\Program Files
    2008-11-17 17:34:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-11-17 17:34:34 ----AD---- C:\autorun.inf
    2008-11-17 17:29:35 ----D---- C:\WINDOWS
    2008-11-17 12:23:02 ----D---- C:\Program Files\Ludi
    2008-11-17 12:17:20 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-16 18:08:32 ----A---- C:\rapport.txt
    2008-11-16 18:05:37 ----A---- C:\WINDOWS\system32\tmp.txt
    2008-11-16 17:46:24 ----SHD---- C:\WINDOWS\Installer
    2008-11-16 17:46:24 ----A---- C:\WINDOWS\win.ini
    2008-11-16 03:59:46 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-11-16 03:57:51 ----D---- C:\Program Files\eMule
    2008-11-15 09:55:19 ----HD---- C:\WINDOWS\inf
    2008-11-15 09:53:14 ----D---- C:\Program Files\Fichiers communs
    2008-11-14 01:40:26 ----D---- C:\WINDOWS\WinSxS
    2008-11-13 13:18:50 ----D---- C:\WINDOWS\Debug
    2008-11-12 21:06:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-11-12 21:06:43 ----HD---- C:\WINDOWS\$hf_mig$
    2008-11-04 00:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-10-31 01:02:35 ----D---- C:\WINDOWS\system32\CatRoot
    2008-10-31 00:57:04 ----D---- C:\WINDOWS\system32\Setup
    2008-10-31 00:57:04 ----D---- C:\WINDOWS\AppPatch
    2008-10-31 00:57:04 ----D---- C:\Program Files\Messenger
    2008-10-31 00:57:03 ----D---- C:\WINDOWS\system32\wbem
    2008-10-31 00:57:03 ----D---- C:\Program Files\Windows Media Player
    2008-10-31 00:57:00 ----RSD---- C:\WINDOWS\Fonts
    2008-10-30 17:56:14 ----D---- C:\WINDOWS\security
    2008-10-30 14:59:08 ----D---- C:\WINDOWS\Help
    2008-10-30 14:58:48 ----D---- C:\WINDOWS\ehome
    2008-10-30 14:58:46 ----D---- C:\WINDOWS\system32\inetsrv
    2008-10-30 14:58:45 ----D---- C:\WINDOWS\ime
    2008-10-30 14:58:22 ----D---- C:\WINDOWS\system32\usmt
    2008-10-30 14:58:21 ----D---- C:\Program Files\Internet Explorer
    2008-10-30 14:58:18 ----D---- C:\WINDOWS\PeerNet
    2008-10-30 14:58:17 ----D---- C:\Program Files\Movie Maker
    2008-10-30 14:51:16 ----D---- C:\WINDOWS\system32\Restore
    2008-10-30 14:51:15 ----D---- C:\WINDOWS\system32\npp
    2008-10-30 14:51:14 ----D---- C:\WINDOWS\msagent
    2008-10-30 14:51:12 ----D---- C:\WINDOWS\srchasst
    2008-10-30 14:51:09 ----D---- C:\Program Files\NetMeeting
    2008-10-30 14:51:07 ----D---- C:\WINDOWS\system32\Com
    2008-10-30 14:51:02 ----D---- C:\Program Files\Windows NT
    2008-10-30 14:51:02 ----D---- C:\Program Files\Outlook Express
    2008-10-30 14:50:58 ----D---- C:\Program Files\Fichiers communs\System
    2008-10-30 14:50:12 ----D---- C:\WINDOWS\system32\oobe
    2008-10-30 14:50:10 ----D---- C:\WINDOWS\system
    2008-10-30 14:46:58 ----RASH---- C:\NTDETECT.COM
    2008-10-30 14:44:53 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2008-10-29 11:43:39 ----D---- C:\Documents and Settings\Administrateur\Application Data\BitTorrent
    2008-10-27 12:59:34 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-10-27 12:43:14 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
    2008-10-27 12:41:48 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
    2008-10-25 18:34:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-12 26944]
    R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-12 110160]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-12 50656]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-12 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-12 94032]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-12 23152]
    R3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 114616]
    R3 G400DH;G400DH; C:\WINDOWS\system32\DRIVERS\g400dhm.sys [2004-09-14 348800]
    R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
    R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
    R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
    R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
    R3 ovt530;Webcam Deluxe; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 WTLX_01;Service for Waveterminal 192-1; C:\WINDOWS\system32\drivers\WTLXwdm.sys [2004-08-26 22528]
    R3 WTLX_02;Service for Waveterminal 192-2; C:\WINDOWS\system32\drivers\WTLXwdm2.sys [2004-08-26 22528]
    R3 WTLX_03;Service for Waveterminal 192-3; C:\WINDOWS\system32\drivers\WTLXwdm3.sys [2004-08-26 22528]
    R3 WTLX_04;Service for Waveterminal 192-4; C:\WINDOWS\system32\drivers\WTLXwdm4.sys [2004-08-26 22528]
    R3 WTLX_05;Service for Waveterminal 192-5; C:\WINDOWS\system32\drivers\WTLXwdm5.sys [2004-08-26 22528]
    R3 WTLX_06;Service for Waveterminal 192 MIDI; C:\WINDOWS\system32\drivers\WTLXwdm6.sys [2004-08-26 22528]
    R3 WTLX_AA;Service for Waveterminal 192 Audio Driver (EWDM); C:\WINDOWS\system32\drivers\WTLX.sys [2004-08-26 51968]
    S1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []
    S2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
    S2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys []
    S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [2006-03-02 63555]
    S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
    S3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2008-10-27 10240]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-12 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-12 155160]
    R2 Diskeeper;Diskeeper; C:\Program Files\Executive Software\Diskeeper\DkService.exe [2003-08-22 426098]
    R2 MGABGEXE;MGABGEXE; C:\WINDOWS\system32\mgabg.exe [2002-01-16 81920]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-12 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-12 352920]
    S2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2008-11-17 380536]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------
    17 Novembre 2008 20:29:40

    sacré tartine !!!!!
    a c 273 8 Sécurité
    17 Novembre 2008 20:40:09

    Il manque le rapport info.txt
    17 Novembre 2008 22:49:39

    info.txt logfile of random's system information tool 1.04 2008-11-17 19:18:09

    ======Uninstall list======

    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
    Alive MP3 WAV Converter version 3.0.2.8-->"C:\Program Files\AliveMedia\MP3 WAV Converter\unins000.exe"
    Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
    Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    a-squared Free 3.5-->"C:\Program Files\a-squared Free\unins000.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Diskeeper Professional Edition-->MsiExec.exe /X{5511D34C-323F-42E0-8C82-0AEB3E920417}
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
    Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
    Hercules Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}\Setup.exe" -l0x40c
    HT Video Editor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{68EA3F21-862F-47F5-8410-556FD3C2CA67}\Setup.exe" -l0x9
    Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Kit de Connexion MENARA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB25E068-C7A2-482F-A3BC-588A5869844D}\setup.exe" -l0x40c ControlPanel
    Kiwee Toolbar-->"C:\Program Files\AGI\common\bootstrapper.exe" -uninstall"\"C:/Program Files/AGI/Python25\pythonw.exe\" \"C:\Program Files\AGI\common\pyagcore\installer.pyc\" -u KiweeToolbar"
    Matrox - Logiciel graphique (désinstaller uniquement)-->C:\WINDOWS\system32\PDesk\PDUninst.exe
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    NVIDIA Gart Driver-->C:\WINDOWS\system32\nvugart.exe Uninstall C:\WINDOWS\system32\Nvgart.nvu,NVIDIA Gart Driver
    OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
    Pilotes NVIDIA nForce pour Windows 2000/XP-->rundll32.exe C:\WINDOWS\system32\NVNFINST.DLL,NvUninstallCrush
    QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
    Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe
    Ulead PhotoImpact 11-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C8550C86-A712-4219-AD4C-038C9FD1D149}\Setup.exe" -l0x40c
    VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    YouTUBE (TM) movie downloader-->MsiExec.exe /X{2F8BE445-D14C-40E2-AF62-E43539FD1500}

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: Bitdefender Antivirus (disabled)
    FW: Bitdefender Firewall (disabled)

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Executive Software\Diskeeper\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 6 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=0602
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip

    -----------------EOF-----------------
    a c 273 8 Sécurité
    18 Novembre 2008 00:56:41

    1/

    ---> Désinstalle les programmes suivants :
    - FindyKill
    - Java 6 Update 6

    ---> Mets à jour Adobe Reader :
    http://www.adobe.com/fr/products/acrobat/readstep2.html


    2/

    On va maintenant devoir modifier le registre. Modifier le registre peut se révéler être très dangereux, c'est pourquoi nous allons créer une sauvegarde du registre avant d'effectuer nos modifications. Ainsi, en cas de souci, il n'y aura qu'à restaurer.

    Merci de procéder EXACTEMENT comme décrit ci-dessous :

    ---> Télécharge ERUNT.
    (ERUNT = Emergency Recovery Utility NT, c'est un programme gratuit qui te permet de conserver une sauvegarde complète de ta base de registre et de la restaurer quand cela s'avère nécessaire)

  • Installe ERUNT en suivant les instructions suivantes :
    (Suis les directives d'installation par défaut, mais dis non quand on te demande d'ajouter ERUNT au startup folder (dossier start up), d'autant plus que si tu le souhaites tu pourras ajouter cette option ultérieurement)
  • Lance ERUNT soit en double-cliquant sur l'icône présente sur ton bureau soit en choisissant de lancer le programme en fin d'installation.
  • Choisis un emplacement pour la sauvegarde (L'emplacement par défaut est : C:\WINDOWS\ERDNT ce qui est acceptable).
  • Assure-toi que les deux premières cases suivantes soient bien cochées !!!
  • Clique sur OK.
  • Clique sur YES pour créer le dossier de sauvegarde.



    3/

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\rsit

    :reg
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{12ac9bda-2157-11dd-ab4a-4d6564696130}]

    :commands
    [emptytemp]
    [start explorer]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log


    4/

  • Relance RSIT et poste les deux rapports.

    /!\ Poste tous les rapports demandés, c'est très important. /!\
    18 Novembre 2008 01:33:38

    mais pourquoi faire tout ça alors que tout semble marcher impeccablement ???

    c'est obligé??

    en tout cas merci beaucoup
    chapeau pour votre efficacité

    a c 273 8 Sécurité
    18 Novembre 2008 01:36:12

    Citation :
    mais pourquoi faire tout ça alors que tout semble marcher impeccablement ???

    c'est obligé??

    ---> Si j'ai fait une procédure, c'est que j'ai vu des choses qui n'allaient pas.
    18 Novembre 2008 02:07:54

    ok ok
    pas le visage !!!
    lol
    18 Novembre 2008 02:19:24

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== FILES ==========
    C:\rsit moved successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm\\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys\\ deleted successfully.
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{12ac9bda-2157-11dd-ab4a-4d6564696130}\\ deleted successfully.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_HrREtABN0AtGoiIyvsHW scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_52c.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\XUL.mfl scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11182008_011041

    Files moved on Reboot...
    File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_HrREtABN0AtGoiIyvsHW not found!
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
    File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
    File move failed. C:\WINDOWS\temp\Perflib_Perfdata_52c.dat scheduled to be moved on reboot.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_001_ moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_002_ moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_003_ moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\urlclassifier3.sqlite moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\XUL.mfl moved successfully.
    18 Novembre 2008 02:19:51

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Administrateur at 2008-11-18 01:14:06
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 25 GB (63%) free of 40 GB
    Total RAM: 1023 MB (70% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:14:24, on 18/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\mgabg.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\WTLXPan.Exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Menara\dslmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Administrateur\Mes documents\RSIT.exe
    C:\Program Files\trend micro\Administrateur.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [WTLXPan] WTLXPan.Exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
    O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe

    --
    End of file - 5133 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "WTLXPan"=C:\WINDOWS\system32\WTLXPan.Exe [2004-08-26 708608]
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-12 81000]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2006-08-08 864264]
    "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 []
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-10-17 289088]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    DSLMON.lnk - C:\Program Files\Menara\dslmon.exe

    C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
    ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="sockspy.dll"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NBF]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nbf.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProtectedStorage]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sglfb.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tga.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableLUA"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=36
    "NoDriveAutoRun"=FFFFFFFF

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    ======File associations======

    .reg - open - regedit.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2008-11-18 01:14:06 ----D---- C:\rsit
    2008-11-18 01:13:45 ----D---- C:\WINDOWS\ERDNT
    2008-11-18 01:10:41 ----D---- C:\_OTMoveIt
    2008-11-18 01:09:31 ----D---- C:\Program Files\ERUNT
    2008-11-18 00:38:44 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-11-18 00:38:27 ----D---- C:\Program Files\Fichiers communs\Adobe
    2008-11-18 00:37:48 ----SHD---- C:\Config.Msi
    2008-11-17 19:32:26 ----D---- C:\Program Files\CCleaner
    2008-11-17 19:22:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2008-11-17 19:18:05 ----D---- C:\Program Files\trend micro
    2008-11-17 17:32:43 ----A---- C:\FindyKill.txt
    2008-11-17 12:06:38 ----A---- C:\SAFEBOOT_REPAIR.TXT
    2008-11-17 00:43:42 ----D---- C:\Program Files\FindyKill
    2008-11-17 00:42:22 ----A---- C:\TCleaner.txt
    2008-11-16 18:18:09 ----A---- C:\WINDOWS\nircmd.exe
    2008-11-16 18:11:44 ----D---- C:\Program Files\CleanUp!
    2008-11-16 04:01:44 ----D---- C:\WINDOWS\Minidump
    2008-11-15 09:54:50 ----D---- C:\Program Files\Softwin
    2008-11-15 09:53:14 ----D---- C:\Program Files\Fichiers communs\Softwin
    2008-11-14 14:00:31 ----D---- C:\WINDOWS\system32\appmgmt
    2008-11-14 14:00:27 ----D---- C:\WINDOWS\SxsCaPendDel
    2008-11-14 01:39:53 ----D---- C:\Program Files\BitDefender
    2008-11-14 01:39:17 ----D---- C:\Program Files\Fichiers communs\BitDefender
    2008-11-12 21:06:43 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2008-11-12 21:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
    2008-11-12 21:05:15 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2008-10-31 20:47:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2008-10-31 00:57:32 ----D---- C:\WINDOWS\Prefetch
    2008-10-30 17:09:22 ----A---- C:\WINDOWS\system32\wmpns.dll
    2008-10-30 15:07:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2008-10-30 15:07:38 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-30 15:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-10-30 15:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-30 15:06:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
    2008-10-30 15:06:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-30 15:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2008-10-30 15:05:49 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2008-10-30 15:05:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2008-10-30 15:05:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2008-10-30 15:05:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2008-10-30 15:05:01 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2008-10-30 15:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2008-10-30 14:58:22 ----D---- C:\WINDOWS\system32\fr-fr
    2008-10-30 14:58:20 ----D---- C:\WINDOWS\l2schemas
    2008-10-30 14:58:19 ----D---- C:\WINDOWS\system32\fr
    2008-10-30 14:58:18 ----D---- C:\WINDOWS\system32\bits
    2008-10-30 14:51:41 ----D---- C:\WINDOWS\ServicePackFiles
    2008-10-30 14:47:30 ----D---- C:\WINDOWS\network diagnostic
    2008-10-30 14:40:34 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2008-10-27 13:01:29 ----D---- C:\Program Files\Kiwee Toolbar
    2008-10-27 13:00:38 ----A---- C:\WINDOWS\system32\pywintypes25.dll
    2008-10-27 13:00:38 ----A---- C:\WINDOWS\system32\pythoncom25.dll
    2008-10-27 13:00:37 ----A---- C:\WINDOWS\system32\python25.dll
    2008-10-25 01:46:54 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
    2008-10-22 16:14:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
    2008-10-22 16:14:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-22 16:13:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956390_0$
    2008-10-21 02:54:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
    2008-10-21 02:52:32 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
    2008-10-21 02:52:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$

    ======List of files/folders modified in the last 1 months======

    2008-11-18 01:13:45 ----D---- C:\WINDOWS
    2008-11-18 01:13:42 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-11-18 01:13:06 ----D---- C:\WINDOWS\Temp
    2008-11-18 01:13:01 ----RD---- C:\Program Files
    2008-11-18 01:11:39 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-11-18 01:11:27 ----D---- C:\Documents and Settings\Administrateur\Application Data\DNA
    2008-11-18 00:45:07 ----D---- C:\WINDOWS\system32
    2008-11-18 00:40:38 ----SHD---- C:\WINDOWS\Installer
    2008-11-18 00:38:27 ----D---- C:\Program Files\Fichiers communs
    2008-11-18 00:38:27 ----D---- C:\Program Files\Adobe
    2008-11-18 00:37:54 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
    2008-11-18 00:36:34 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
    2008-11-18 00:31:21 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-17 19:22:57 ----HD---- C:\WINDOWS\system32\drivers
    2008-11-17 17:34:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-11-17 17:34:34 ----AD---- C:\autorun.inf
    2008-11-17 12:23:02 ----D---- C:\Program Files\Ludi
    2008-11-16 18:08:32 ----A---- C:\rapport.txt
    2008-11-16 18:05:37 ----A---- C:\WINDOWS\system32\tmp.txt
    2008-11-16 17:46:24 ----A---- C:\WINDOWS\win.ini
    2008-11-16 03:57:51 ----D---- C:\Program Files\eMule
    2008-11-15 09:55:19 ----HD---- C:\WINDOWS\inf
    2008-11-14 01:40:26 ----D---- C:\WINDOWS\WinSxS
    2008-11-13 13:18:50 ----D---- C:\WINDOWS\Debug
    2008-11-12 21:06:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-11-12 21:06:43 ----HD---- C:\WINDOWS\$hf_mig$
    2008-11-04 00:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-10-31 01:02:35 ----D---- C:\WINDOWS\system32\CatRoot
    2008-10-31 00:57:04 ----D---- C:\WINDOWS\system32\Setup
    2008-10-31 00:57:04 ----D---- C:\WINDOWS\AppPatch
    2008-10-31 00:57:04 ----D---- C:\Program Files\Messenger
    2008-10-31 00:57:03 ----D---- C:\WINDOWS\system32\wbem
    2008-10-31 00:57:03 ----D---- C:\Program Files\Windows Media Player
    2008-10-31 00:57:00 ----RSD---- C:\WINDOWS\Fonts
    2008-10-30 17:56:14 ----D---- C:\WINDOWS\security
    2008-10-30 14:59:08 ----D---- C:\WINDOWS\Help
    2008-10-30 14:58:48 ----D---- C:\WINDOWS\ehome
    2008-10-30 14:58:46 ----D---- C:\WINDOWS\system32\inetsrv
    2008-10-30 14:58:45 ----D---- C:\WINDOWS\ime
    2008-10-30 14:58:22 ----D---- C:\WINDOWS\system32\usmt
    2008-10-30 14:58:21 ----D---- C:\Program Files\Internet Explorer
    2008-10-30 14:58:18 ----D---- C:\WINDOWS\PeerNet
    2008-10-30 14:58:17 ----D---- C:\Program Files\Movie Maker
    2008-10-30 14:51:16 ----D---- C:\WINDOWS\system32\Restore
    2008-10-30 14:51:15 ----D---- C:\WINDOWS\system32\npp
    2008-10-30 14:51:14 ----D---- C:\WINDOWS\msagent
    2008-10-30 14:51:12 ----D---- C:\WINDOWS\srchasst
    2008-10-30 14:51:09 ----D---- C:\Program Files\NetMeeting
    2008-10-30 14:51:07 ----D---- C:\WINDOWS\system32\Com
    2008-10-30 14:51:02 ----D---- C:\Program Files\Windows NT
    2008-10-30 14:51:02 ----D---- C:\Program Files\Outlook Express
    2008-10-30 14:50:58 ----D---- C:\Program Files\Fichiers communs\System
    2008-10-30 14:50:12 ----D---- C:\WINDOWS\system32\oobe
    2008-10-30 14:50:10 ----D---- C:\WINDOWS\system
    2008-10-30 14:46:58 ----RASH---- C:\NTDETECT.COM
    2008-10-30 14:44:53 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2008-10-29 11:43:39 ----D---- C:\Documents and Settings\Administrateur\Application Data\BitTorrent
    2008-10-27 12:59:34 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-10-25 18:34:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe
    2008-10-19 01:53:34 ----A---- C:\WINDOWS\system32\331bac4a-.txt

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-12 26944]
    R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-12 110160]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-12 50656]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-12 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-12 94032]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-12 23152]
    R3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 114616]
    R3 G400DH;G400DH; C:\WINDOWS\system32\DRIVERS\g400dhm.sys [2004-09-14 348800]
    R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
    R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
    R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
    R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
    R3 ovt530;Webcam Deluxe; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 WTLX_01;Service for Waveterminal 192-1; C:\WINDOWS\system32\drivers\WTLXwdm.sys [2004-08-26 22528]
    R3 WTLX_02;Service for Waveterminal 192-2; C:\WINDOWS\system32\drivers\WTLXwdm2.sys [2004-08-26 22528]
    R3 WTLX_03;Service for Waveterminal 192-3; C:\WINDOWS\system32\drivers\WTLXwdm3.sys [2004-08-26 22528]
    R3 WTLX_04;Service for Waveterminal 192-4; C:\WINDOWS\system32\drivers\WTLXwdm4.sys [2004-08-26 22528]
    R3 WTLX_05;Service for Waveterminal 192-5; C:\WINDOWS\system32\drivers\WTLXwdm5.sys [2004-08-26 22528]
    R3 WTLX_06;Service for Waveterminal 192 MIDI; C:\WINDOWS\system32\drivers\WTLXwdm6.sys [2004-08-26 22528]
    R3 WTLX_AA;Service for Waveterminal 192 Audio Driver (EWDM); C:\WINDOWS\system32\drivers\WTLX.sys [2004-08-26 51968]
    S1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []
    S2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
    S2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys []
    S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [2006-03-02 63555]
    S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
    S3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-12 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-12 155160]
    R2 Diskeeper;Diskeeper; C:\Program Files\Executive Software\Diskeeper\DkService.exe [2003-08-22 426098]
    R2 MGABGEXE;MGABGEXE; C:\WINDOWS\system32\mgabg.exe [2002-01-16 81920]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-12 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-12 352920]
    S2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2008-11-17 380536]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------
    18 Novembre 2008 02:41:56

    info.txt logfile of random's system information tool 1.04 2008-11-18 01:14:30

    ======Uninstall list======

    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
    Alive MP3 WAV Converter version 3.0.2.8-->"C:\Program Files\AliveMedia\MP3 WAV Converter\unins000.exe"
    Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
    Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    a-squared Free 3.5-->"C:\Program Files\a-squared Free\unins000.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    CleanUp!-->C:\Program Files\CleanUp!\uninstall.exe
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Diskeeper Professional Edition-->MsiExec.exe /X{5511D34C-323F-42E0-8C82-0AEB3E920417}
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
    Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
    Hercules Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}\Setup.exe" -l0x40c
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    HT Video Editor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{68EA3F21-862F-47F5-8410-556FD3C2CA67}\Setup.exe" -l0x9
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Kit de Connexion MENARA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB25E068-C7A2-482F-A3BC-588A5869844D}\setup.exe" -l0x40c ControlPanel
    Matrox - Logiciel graphique (désinstaller uniquement)-->C:\WINDOWS\system32\PDesk\PDUninst.exe
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    NVIDIA Gart Driver-->C:\WINDOWS\system32\nvugart.exe Uninstall C:\WINDOWS\system32\Nvgart.nvu,NVIDIA Gart Driver
    OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
    Pilotes NVIDIA nForce pour Windows 2000/XP-->rundll32.exe C:\WINDOWS\system32\NVNFINST.DLL,NvUninstallCrush
    QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
    Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe
    Ulead PhotoImpact 11-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C8550C86-A712-4219-AD4C-038C9FD1D149}\Setup.exe" -l0x40c
    VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    YouTUBE (TM) movie downloader-->MsiExec.exe /X{2F8BE445-D14C-40E2-AF62-E43539FD1500}

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: Bitdefender Antivirus (disabled)
    AV: avast! antivirus 4.8.1282 [VPS 081117-0]
    FW: Bitdefender Firewall (disabled)

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Executive Software\Diskeeper\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 6 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=0602
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip

    -----------------EOF-----------------
    a c 273 8 Sécurité
    18 Novembre 2008 13:01:51

    - Fais un scan en ligne ici : http://webscanner.kaspersky.fr/ (Avec Internet Explorer)

    - En bas à droite, clique sur Démarrer Online-scanner.

    - Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte.

    - Accepte les Contrôles ActiveX.

    - Choisis Poste de travail pour le scan.

    - Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport.

    - Pour t'aider à utiliser le scan en ligne : Tutoriel

    Note : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.

    - Lis ceci en cas de problème d'installation du Contrôle ActiveX : Tutoriel
    18 Novembre 2008 20:11:36

    désolé mais j'y arrive pas
    ça marche pas

    18 Novembre 2008 20:12:31

    de plus j'ai l'erreur 734 , protocole de controle ppp arrété
    ce qui fait que je me connecte, et puis au bout de deux minutes je n'ai plus de navigation
    je suis obligé de me reconnecter
    donc pour les scan en ligne, pas facile
    a c 273 8 Sécurité
    18 Novembre 2008 20:34:03

    Depuis quand as-tu cette erreur ?
    19 Novembre 2008 01:24:06

    depuis 3 ou 4 jours
    avant que je télécharge cette daube
    a c 273 8 Sécurité
    19 Novembre 2008 01:48:18

    Tu as bien désinstallé BitDefender ?

  • Supprime le dossier RSIT situé dans C:\
  • Relance le scan RSIT mais choisis 3 months à l'écran Disclaimer puis poste les deux rapports.
    19 Novembre 2008 04:36:48

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Administrateur at 2008-11-19 03:35:33
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 24 GB (59%) free of 40 GB
    Total RAM: 1023 MB (53% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 03:35:53, on 19/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\WTLXPan.Exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Menara\dslmon.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\mgabg.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Administrateur\Mes documents\prog protection\RSIT.exe
    C:\Program Files\trend micro\Administrateur.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [WTLXPan] WTLXPan.Exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{3EC5204B-8323-4982-B73D-BF3156A7D40A}: NameServer = 196.217.246.211 212.217.0.13
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
    O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe

    --
    End of file - 5041 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "WTLXPan"=C:\WINDOWS\system32\WTLXPan.Exe [2004-08-26 708608]
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-12 81000]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe /background []
    "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 []
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-10-17 289088]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    DSLMON.lnk - C:\Program Files\Menara\dslmon.exe

    C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
    ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="sockspy.dll"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NBF]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nbf.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProtectedStorage]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sglfb.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tga.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableLUA"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=36
    "NoDriveAutoRun"=FFFFFFFF

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    ======File associations======

    .reg - open - regedit.exe "%1" %*

    ======List of files/folders created in the last 3 months======

    2008-11-19 03:34:19 ----D---- C:\rsit
    2008-11-18 01:13:45 ----D---- C:\WINDOWS\ERDNT
    2008-11-18 01:09:31 ----D---- C:\Program Files\ERUNT
    2008-11-18 00:38:44 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-11-18 00:38:27 ----D---- C:\Program Files\Fichiers communs\Adobe
    2008-11-18 00:37:48 ----SHD---- C:\Config.Msi
    2008-11-17 19:32:26 ----D---- C:\Program Files\CCleaner
    2008-11-17 19:22:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2008-11-17 19:18:05 ----D---- C:\Program Files\trend micro
    2008-11-17 00:43:42 ----D---- C:\Program Files\FindyKill
    2008-11-16 18:18:09 ----A---- C:\WINDOWS\nircmd.exe
    2008-11-16 18:11:44 ----D---- C:\Program Files\CleanUp!
    2008-11-16 04:01:44 ----D---- C:\WINDOWS\Minidump
    2008-11-15 09:54:50 ----D---- C:\Program Files\Softwin
    2008-11-15 09:53:14 ----D---- C:\Program Files\Fichiers communs\Softwin
    2008-11-14 14:00:31 ----D---- C:\WINDOWS\system32\appmgmt
    2008-11-14 14:00:27 ----D---- C:\WINDOWS\SxsCaPendDel
    2008-11-14 01:39:53 ----D---- C:\Program Files\BitDefender
    2008-11-14 01:39:17 ----D---- C:\Program Files\Fichiers communs\BitDefender
    2008-11-12 21:06:43 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2008-11-12 21:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
    2008-11-12 21:05:15 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2008-10-31 20:47:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2008-10-31 00:57:32 ----D---- C:\WINDOWS\Prefetch
    2008-10-30 17:09:22 ----A---- C:\WINDOWS\system32\wmpns.dll
    2008-10-30 15:07:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2008-10-30 15:07:38 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-30 15:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-10-30 15:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-30 15:06:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
    2008-10-30 15:06:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-30 15:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2008-10-30 15:05:49 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2008-10-30 15:05:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2008-10-30 15:05:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2008-10-30 15:05:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2008-10-30 15:05:01 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2008-10-30 15:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2008-10-30 14:58:22 ----D---- C:\WINDOWS\system32\fr-fr
    2008-10-30 14:58:20 ----D---- C:\WINDOWS\l2schemas
    2008-10-30 14:58:19 ----D---- C:\WINDOWS\system32\fr
    2008-10-30 14:58:18 ----D---- C:\WINDOWS\system32\bits
    2008-10-30 14:51:41 ----D---- C:\WINDOWS\ServicePackFiles
    2008-10-30 14:47:30 ----D---- C:\WINDOWS\network diagnostic
    2008-10-30 14:40:34 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2008-10-27 13:01:29 ----D---- C:\Program Files\Kiwee Toolbar
    2008-10-27 13:00:38 ----A---- C:\WINDOWS\system32\pywintypes25.dll
    2008-10-27 13:00:38 ----A---- C:\WINDOWS\system32\pythoncom25.dll
    2008-10-27 13:00:37 ----A---- C:\WINDOWS\system32\python25.dll
    2008-10-25 01:46:54 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
    2008-10-22 16:14:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
    2008-10-22 16:14:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-22 16:13:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956390_0$
    2008-10-21 02:54:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
    2008-10-21 02:52:32 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
    2008-10-21 02:52:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
    2008-10-18 15:20:13 ----A---- C:\WINDOWS\system32\331bac4a-.txt
    2008-10-17 18:56:17 ----D---- C:\Documents and Settings\Administrateur\Application Data\BitTorrent
    2008-10-17 18:56:08 ----D---- C:\Program Files\DNA
    2008-10-17 18:56:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\DNA
    2008-10-17 18:56:07 ----D---- C:\Program Files\BitTorrent
    2008-09-18 18:22:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
    2008-09-18 18:19:51 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
    2008-09-14 05:59:25 ----A---- C:\WINDOWS\Bbt97.INI
    2008-09-14 05:47:58 ----D---- C:\Program Files\Ludi
    2008-09-11 04:11:58 ----D---- C:\WINDOWS\Applian FLV Player
    2008-09-11 04:11:58 ----D---- C:\Program Files\FLV Player
    2008-09-11 03:37:34 ----D---- C:\Program Files\YouTUBE (TM) movie downloader
    2008-09-08 16:25:05 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-08-30 04:43:16 ----D---- C:\Program Files\Download
    2008-08-30 04:43:12 ----A---- C:\WINDOWS\system32\DCUninstall.exe
    2008-08-29 21:39:01 ----D---- C:\Program Files\AC3Filter
    2008-08-29 21:32:58 ----D---- C:\Program Files\DivX
    2008-08-24 23:54:00 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2008-08-24 23:53:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

    ======List of files/folders modified in the last 3 months======

    2008-11-19 02:34:14 ----D---- C:\Program Files\eMule
    2008-11-19 00:23:32 ----D---- C:\WINDOWS\Temp
    2008-11-18 20:10:26 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-18 15:21:38 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-11-18 14:11:47 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-11-18 14:11:45 ----D---- C:\WINDOWS
    2008-11-18 14:10:59 ----D---- C:\WINDOWS\system32
    2008-11-18 13:35:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
    2008-11-18 13:14:51 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
    2008-11-18 11:16:33 ----HD---- C:\WINDOWS\inf
    2008-11-18 11:16:33 ----D---- C:\WINDOWS\Help
    2008-11-18 11:13:33 ----D---- C:\Program Files\Messenger
    2008-11-18 01:13:01 ----RD---- C:\Program Files
    2008-11-18 00:40:38 ----SHD---- C:\WINDOWS\Installer
    2008-11-18 00:38:27 ----D---- C:\Program Files\Fichiers communs
    2008-11-18 00:38:27 ----D---- C:\Program Files\Adobe
    2008-11-17 19:22:57 ----HD---- C:\WINDOWS\system32\drivers
    2008-11-17 17:34:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-11-17 17:34:34 ----AD---- C:\autorun.inf
    2008-11-16 18:05:37 ----A---- C:\WINDOWS\system32\tmp.txt
    2008-11-16 17:46:24 ----A---- C:\WINDOWS\win.ini
    2008-11-14 01:40:26 ----D---- C:\WINDOWS\WinSxS
    2008-11-13 13:18:50 ----D---- C:\WINDOWS\Debug
    2008-11-12 21:06:43 ----HD---- C:\WINDOWS\$hf_mig$
    2008-11-04 00:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-10-31 01:02:35 ----D---- C:\WINDOWS\system32\CatRoot
    2008-10-31 00:57:04 ----D---- C:\WINDOWS\system32\Setup
    2008-10-31 00:57:04 ----D---- C:\WINDOWS\AppPatch
    2008-10-31 00:57:03 ----D---- C:\WINDOWS\system32\wbem
    2008-10-31 00:57:03 ----D---- C:\Program Files\Windows Media Player
    2008-10-31 00:57:00 ----RSD---- C:\WINDOWS\Fonts
    2008-10-30 17:56:14 ----D---- C:\WINDOWS\security
    2008-10-30 14:58:48 ----D---- C:\WINDOWS\ehome
    2008-10-30 14:58:46 ----D---- C:\WINDOWS\system32\inetsrv
    2008-10-30 14:58:45 ----D---- C:\WINDOWS\ime
    2008-10-30 14:58:22 ----D---- C:\WINDOWS\system32\usmt
    2008-10-30 14:58:21 ----D---- C:\Program Files\Internet Explorer
    2008-10-30 14:58:18 ----D---- C:\WINDOWS\PeerNet
    2008-10-30 14:58:17 ----D---- C:\Program Files\Movie Maker
    2008-10-30 14:51:16 ----D---- C:\WINDOWS\system32\Restore
    2008-10-30 14:51:15 ----D---- C:\WINDOWS\system32\npp
    2008-10-30 14:51:14 ----D---- C:\WINDOWS\msagent
    2008-10-30 14:51:12 ----D---- C:\WINDOWS\srchasst
    2008-10-30 14:51:09 ----D---- C:\Program Files\NetMeeting
    2008-10-30 14:51:07 ----D---- C:\WINDOWS\system32\Com
    2008-10-30 14:51:02 ----D---- C:\Program Files\Windows NT
    2008-10-30 14:51:02 ----D---- C:\Program Files\Outlook Express
    2008-10-30 14:50:58 ----D---- C:\Program Files\Fichiers communs\System
    2008-10-30 14:50:12 ----D---- C:\WINDOWS\system32\oobe
    2008-10-30 14:50:10 ----D---- C:\WINDOWS\system
    2008-10-30 14:46:58 ----RASH---- C:\NTDETECT.COM
    2008-10-30 14:44:53 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2008-10-27 12:59:34 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-10-25 18:34:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe
    2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
    2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
    2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
    2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
    2008-10-16 14:08:06 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
    2008-10-16 14:07:32 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
    2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\muweb.dll
    2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll
    2008-10-16 14:06:40 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
    2008-10-15 16:35:43 ----A---- C:\WINDOWS\system32\netapi32.dll
    2008-10-13 00:49:12 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-10-13 00:49:11 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-09-18 18:21:04 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2008-09-11 03:46:03 ----D---- C:\Program Files\Skype
    2008-09-10 01:15:15 ----N---- C:\WINDOWS\system32\msxml6.dll
    2008-09-07 19:37:07 ----D---- C:\Program Files\a-squared Free
    2008-09-04 17:16:10 ----A---- C:\WINDOWS\system32\msxml3.dll
    2008-09-03 04:15:34 ----D---- C:\Program Files\SuperCopier2
    2008-09-03 04:13:29 ----D---- C:\Documents and Settings\Administrateur\Application Data\AdobeUM
    2008-08-29 21:39:14 ----D---- C:\Program Files\SLD Codec Pack
    2008-08-29 21:31:51 ----D---- C:\Program Files\HT Video Editor 6.0
    2008-08-29 21:27:33 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-08-20 05:10:12 ----A---- C:\WINDOWS\system32\mshtml.dll
    2008-08-20 05:10:11 ----A---- C:\WINDOWS\system32\wininet.dll
    2008-08-20 05:10:11 ----A---- C:\WINDOWS\system32\urlmon.dll
    2008-08-20 05:10:11 ----A---- C:\WINDOWS\system32\shdocvw.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-12 26944]
    R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-12 110160]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-12 50656]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-12 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-12 94032]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-12 23152]
    R3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 114616]
    R3 G400DH;G400DH; C:\WINDOWS\system32\DRIVERS\g400dhm.sys [2004-09-14 348800]
    R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
    R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
    R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
    R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
    R3 ovt530;Webcam Deluxe; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 WTLX_01;Service for Waveterminal 192-1; C:\WINDOWS\system32\drivers\WTLXwdm.sys [2004-08-26 22528]
    R3 WTLX_02;Service for Waveterminal 192-2; C:\WINDOWS\system32\drivers\WTLXwdm2.sys [2004-08-26 22528]
    R3 WTLX_03;Service for Waveterminal 192-3; C:\WINDOWS\system32\drivers\WTLXwdm3.sys [2004-08-26 22528]
    R3 WTLX_04;Service for Waveterminal 192-4; C:\WINDOWS\system32\drivers\WTLXwdm4.sys [2004-08-26 22528]
    R3 WTLX_05;Service for Waveterminal 192-5; C:\WINDOWS\system32\drivers\WTLXwdm5.sys [2004-08-26 22528]
    R3 WTLX_06;Service for Waveterminal 192 MIDI; C:\WINDOWS\system32\drivers\WTLXwdm6.sys [2004-08-26 22528]
    R3 WTLX_AA;Service for Waveterminal 192 Audio Driver (EWDM); C:\WINDOWS\system32\drivers\WTLX.sys [2004-08-26 51968]
    S1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []
    S2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
    S2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys []
    S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [2006-03-02 63555]
    S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
    S3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-12 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-12 155160]
    R2 Diskeeper;Diskeeper; C:\Program Files\Executive Software\Diskeeper\DkService.exe [2003-08-22 426098]
    R2 MGABGEXE;MGABGEXE; C:\WINDOWS\system32\mgabg.exe [2002-01-16 81920]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-12 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-12 352920]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2008-11-17 380536]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------
    19 Novembre 2008 04:37:35

    info.txt logfile of random's system information tool 1.04 2008-11-19 03:34:53

    ======Uninstall list======

    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
    Alive MP3 WAV Converter version 3.0.2.8-->"C:\Program Files\AliveMedia\MP3 WAV Converter\unins000.exe"
    Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
    Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    a-squared Free 3.5-->"C:\Program Files\a-squared Free\unins000.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    CleanUp!-->C:\Program Files\CleanUp!\uninstall.exe
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Diskeeper Professional Edition-->MsiExec.exe /X{5511D34C-323F-42E0-8C82-0AEB3E920417}
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
    Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
    Hercules Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}\Setup.exe" -l0x40c
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    HT Video Editor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{68EA3F21-862F-47F5-8410-556FD3C2CA67}\Setup.exe" -l0x9
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Kit de Connexion MENARA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB25E068-C7A2-482F-A3BC-588A5869844D}\setup.exe" -l0x40c ControlPanel
    Matrox - Logiciel graphique (désinstaller uniquement)-->C:\WINDOWS\system32\PDesk\PDUninst.exe
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    NVIDIA Gart Driver-->C:\WINDOWS\system32\nvugart.exe Uninstall C:\WINDOWS\system32\Nvgart.nvu,NVIDIA Gart Driver
    OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
    Pilotes NVIDIA nForce pour Windows 2000/XP-->rundll32.exe C:\WINDOWS\system32\NVNFINST.DLL,NvUninstallCrush
    QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
    Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe
    Ulead PhotoImpact 11-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C8550C86-A712-4219-AD4C-038C9FD1D149}\Setup.exe" -l0x40c
    VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    YouTUBE (TM) movie downloader-->MsiExec.exe /X{2F8BE445-D14C-40E2-AF62-E43539FD1500}

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: Bitdefender Antivirus (disabled)
    AV: avast! antivirus 4.8.1282 [VPS 081118-0]
    FW: Bitdefender Firewall (disabled)

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Executive Software\Diskeeper\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 6 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=0602
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip

    -----------------EOF-----------------
    a c 273 8 Sécurité
    19 Novembre 2008 11:18:58

    Et pour ma question ?
    19 Novembre 2008 14:16:20

    oui oui
    tout est désinstallé
    j'ai fait comme tu as dit
    19 Novembre 2008 18:49:10

    c'est bon ?
    a ton avis pourquoi j'ai ce message de protocole liaison ppp arrété ?

    ça vient de leur réseau non ?

    dis moi , toi qui est surdoué
    j'ai un problème sur ma page myspace, mon lecteur audio a disparu
    et pourtant l'admin me dit qu'il y est
    t'as la solution ?

    merci beaucoup en tout cas
    tu m'as enlevé une fière chandelle du pied
    20 Novembre 2008 13:04:45

    apparemment je n'ai plus problème ppp
    cela venait d'un paramétrage du réseau
    mais par contre j'ai des coupures intempestives
    c'est à dire, j'ai la connexion, mais je ne peux plus naviguer

    je pense que ça vient aussi du réseau
    a c 273 8 Sécurité
    20 Novembre 2008 13:30:11

    1/

  • eMule
  • BitTorrent DNA

    Je te conseille de désinstaller et de supprimer tous tes logiciels de p2p : 50% de ce que tu télécharges via p2p est piégé. Le p2p est le premier vecteur d'infection de nos jours.
    Plus d'informations disponibles en cliquant sur le lien suivant : Cracks / P2P


    2/

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\WINDOWS\system32\331bac4a-.txt

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    :commands
    [purity]
    [emptytemp]
    [start explorer]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log


    3/

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen complet.
  • Clique sur Rechercher.
  • L'analyse démarre, le scan est relativement long, c'est normal.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    20 Novembre 2008 17:00:49

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== FILES ==========
    C:\WINDOWS\system32\331bac4a-.txt moved successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\\ deleted successfully.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_yOkauvCTJbPoVpmjpxNy scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_50c.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\XUL.mfl scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11202008_124730

    Files moved on Reboot...
    File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_yOkauvCTJbPoVpmjpxNy not found!
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
    File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
    C:\WINDOWS\temp\Perflib_Perfdata_50c.dat moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_001_ moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_002_ moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_003_ moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\urlclassifier3.sqlite moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\h4tcat13.default\XUL.mfl moved successfully.
    20 Novembre 2008 17:01:26

    pour malware, je l'ai déja fait juste avant
    et en mode sans echec il n'y avait rien
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS