Se connecter / S'enregistrer
Votre question

Infecté par Virtumonde !

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
6 Octobre 2008 02:41:30

Bonjour / bonsoir à tous ! :hello: 

Je rencontre depuis quelques semaines des problèmes pour naviguer sur internet (certains sites ne se chargent pas, d'autres mettent un temps certain, des publicités s'affichent alors qu'elles ne le faisaient pas par le passé ...).

Je peux éliminer ce problème temporairement à l'aide de Spybot, qui trouve et corrige toujours les mêmes problèmes : virtumonde.dll, virtumonde.prx et parfois encore un autre virtumonde.jenesaisplusquoi me semble-t-il. Bref après correction, tout fonctionne normalement mais, comme vous vous en doutez certainement, les mêmes problèmes reviennent encore et toujours, Spybot ne semble pas pouvoir les éliminer définitivement.

J'ai donc fait quelques recherches sur ce virus (je ne sais pas si c'est le bon terme) et sur les techniques à employer pour l'éradiquer. Malheureusement j'ai trouvé des dizaines de méthodes différentes qui nécessitent toutes des manipulations qui me semblent assez complexes (pour moi en tout cas, je suis assez loin d'être un expert en informatique :pfff:  ) et qui de plus ne sont pas forcément adaptées à mon cas!

Donc plutôt que de me lancer dans des choses que je ne maitrise pas et qui risquent d'aggraver l'état de mon ordinateur plus qu'autre chose, je préfère m'en remettre à la générosité des experts de ce forum!

Je suis donc à vos ordres, prêt à me laisser guider sur le chemin d'un PC débarrassé de ce virtumonde de malheur (voir de ses autres petits amis virus si vous en découvrez d'autres en route).

Un énorme merci d'avance ! Et à bientôt ! :hello: 

Autres pages sur : infecte virtumonde

6 Octobre 2008 15:55:20

Bonjour,

Citation :
Donc plutôt que de me lancer dans des choses que je ne maitrise pas et qui risquent d'aggraver l'état de mon ordinateur plus qu'autre chose, je préfère m'en remettre à la générosité des experts de ce forum!


Tu as bien fait ;) 

Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

  • Double clique sur HJTInstall.exe pour lancer l'installation.
  • Clique sur Install.
  • Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
  • Accepte la licence en cliquant sur Yes.
  • Clique sur "Do a system scan and save a logfile".
  • Poste ici[ le rapport généré.

    Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log

    Aide : Comment utiliser HijackThis.

    ;) 
    6 Octobre 2008 23:20:48

    Bonsoir, voila pour le rapport demandé !


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:18:34, on 06/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - (no file)
    O4 - HKLM\..\Run: [tempreg] regsvr32 /s "C:\Program Files\s300\s300_1202966199.dll"
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [BM2b76f54f] Rundll32.exe "C:\WINDOWS\system32\vgsrayfn.dll",s
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O20 - AppInit_DLLs: cmrwvo.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

    --
    End of file - 10850 bytes



    :hello: 
    Contenus similaires
    6 Octobre 2008 23:54:36

    Re,

    Télécharge Lop S&D.exe (d’ Eric 71 & Angeldark) sur ton bureau.

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau


    ;) 
    7 Octobre 2008 04:17:28

    Et voilà ! :) 




    --------------------\\ Lop S&D 4.2.4-5 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
    BIOS : Default System BIOS
    USER : utilisateur ( Administrator )
    BOOT : Normal boot
    Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated)
    Firewall : Norton Internet Security 2005 (Activated)
    C:\ (Local Disk) - NTFS - Total : 54 Go Free : 13 Go
    D:\ (Local Disk) - FAT32 - Total : 36 Go Free : 30 Go
    E:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go

    "C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
    Option : [1] ( 07/10/2008| 4:01 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [06/10/2008|00:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [22/10/2007|02:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [22/10/2007|02:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [03/10/2008|01:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [08/01/2008|05:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
    [18/03/2008|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
    [13/03/2008|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
    [13/03/2008|23:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
    [04/02/2008|16:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
    [06/05/2005|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
    [07/01/2008|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [09/11/2007|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [18/09/2008|00:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [04/02/2008|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
    [17/10/2007|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
    [16/01/2008|02:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
    [06/05/2005|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [06/10/2008|23:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [06/05/2005|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [18/09/2008|00:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [15/02/2008|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio
    [26/05/2008|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
    [16/09/2008|06:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [11/10/2007|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

    [06/05/2005|20:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [06/05/2005|20:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
    [06/05/2005|20:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
    [06/05/2005|20:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [06/05/2005|19:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [06/05/2005|20:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [06/05/2005|19:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [06/05/2005|19:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [06/10/2008|00:25] C:\DOCUME~1\UTILIS~1\APPLIC~1\Adobe
    [12/02/2008|19:09] C:\DOCUME~1\UTILIS~1\APPLIC~1\Corel
    [15/01/2008|05:26] C:\DOCUME~1\UTILIS~1\APPLIC~1\DAEMON Tools
    [29/05/2008|05:19] C:\DOCUME~1\UTILIS~1\APPLIC~1\DivX
    [30/05/2008|03:47] C:\DOCUME~1\UTILIS~1\APPLIC~1\dvdcss
    [18/12/2007|12:55] C:\DOCUME~1\UTILIS~1\APPLIC~1\Help
    [06/05/2005|20:01] C:\DOCUME~1\UTILIS~1\APPLIC~1\Identities
    [12/02/2008|18:50] C:\DOCUME~1\UTILIS~1\APPLIC~1\InstallShield
    [06/05/2005|20:21] C:\DOCUME~1\UTILIS~1\APPLIC~1\Intel
    [06/05/2005|20:07] C:\DOCUME~1\UTILIS~1\APPLIC~1\InterTrust
    [02/03/2008|21:55] C:\DOCUME~1\UTILIS~1\APPLIC~1\Macromedia
    [04/12/2007|16:13] C:\DOCUME~1\UTILIS~1\APPLIC~1\Media Player Classic
    [06/05/2005|19:52] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft
    [21/10/2007|19:54] C:\DOCUME~1\UTILIS~1\APPLIC~1\Mozilla
    [04/02/2008|16:44] C:\DOCUME~1\UTILIS~1\APPLIC~1\Nokia
    [04/02/2008|16:25] C:\DOCUME~1\UTILIS~1\APPLIC~1\Nokia Multimedia Player
    [29/04/2008|18:51] C:\DOCUME~1\UTILIS~1\APPLIC~1\Nvu
    [28/04/2008|22:04] C:\DOCUME~1\UTILIS~1\APPLIC~1\OpenOffice.org2
    [04/02/2008|16:18] C:\DOCUME~1\UTILIS~1\APPLIC~1\PC Suite
    [15/01/2008|05:38] C:\DOCUME~1\UTILIS~1\APPLIC~1\SecuROM
    [14/11/2007|12:22] C:\DOCUME~1\UTILIS~1\APPLIC~1\SopCast
    [15/01/2008|05:39] C:\DOCUME~1\UTILIS~1\APPLIC~1\Sports Interactive
    [22/10/2007|04:01] C:\DOCUME~1\UTILIS~1\APPLIC~1\Sun
    [06/05/2005|20:13] C:\DOCUME~1\UTILIS~1\APPLIC~1\Symantec
    [30/04/2008|02:33] C:\DOCUME~1\UTILIS~1\APPLIC~1\SystemRequirementsLab
    [21/10/2007|19:54] C:\DOCUME~1\UTILIS~1\APPLIC~1\Talkback
    [14/11/2007|06:26] C:\DOCUME~1\UTILIS~1\APPLIC~1\Tenebril
    [12/11/2007|13:53] C:\DOCUME~1\UTILIS~1\APPLIC~1\TVU Networks
    [11/02/2008|22:25] C:\DOCUME~1\UTILIS~1\APPLIC~1\Ulead Systems
    [07/10/2008|03:33] C:\DOCUME~1\UTILIS~1\APPLIC~1\uTorrent
    [17/09/2008|02:49] C:\DOCUME~1\UTILIS~1\APPLIC~1\vlc
    [23/11/2007|02:21] C:\DOCUME~1\UTILIS~1\APPLIC~1\WinRAR

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [23/09/2008 19:37][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [06/10/2008 22:37][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [06/10/2008|01:06] C:\Program Files\Adobe
    [07/01/2008|20:24] C:\Program Files\Alwil Software
    [22/10/2007|02:51] C:\Program Files\Apple Software Update
    [06/05/2005|20:08] C:\Program Files\ASUS
    [06/05/2005|20:12] C:\Program Files\ATI Technologies
    [03/10/2008|01:47] C:\Program Files\Avira
    [03/10/2008|03:12] C:\Program Files\Bluetack
    [04/02/2008|02:25] C:\Program Files\Bullfrog
    [20/05/2008|13:57] C:\Program Files\CCleaner
    [06/05/2005|19:54] C:\Program Files\CONEXANT
    [06/10/2008|01:24] C:\Program Files\Corel
    [16/01/2008|01:52] C:\Program Files\DIFX
    [27/05/2008|16:45] C:\Program Files\DivX
    [03/02/2008|23:38] C:\Program Files\DOSBox-0.72
    [19/05/2008|20:44] C:\Program Files\Eidos
    [06/10/2008|22:39] C:\Program Files\Fichiers communs
    [21/05/2008|17:10] C:\Program Files\Firaxis Games
    [17/01/2008|08:50] C:\Program Files\FM Modifier 2.2
    [21/10/2007|19:45] C:\Program Files\Free.fr
    [04/12/2007|05:17] C:\Program Files\Game Cam v1.4
    [18/09/2008|00:21] C:\Program Files\InstallShield Installation Information
    [06/05/2005|20:12] C:\Program Files\Intel
    [10/04/2008|03:08] C:\Program Files\Internet Explorer
    [15/09/2008|17:52] C:\Program Files\Java
    [07/01/2008|20:32] C:\Program Files\Lavasoft
    [18/03/2008|13:33] C:\Program Files\MagicISO
    [06/10/2008|01:36] C:\Program Files\Mario Forever
    [06/05/2005|19:58] C:\Program Files\Messenger
    [15/09/2008|13:03] C:\Program Files\Messenger Plus! Live
    [06/05/2005|20:01] C:\Program Files\microsoft frontpage
    [13/05/2008|17:34] C:\Program Files\Microsoft Games
    [11/02/2008|18:57] C:\Program Files\Microsoft GIF Animator
    [17/10/2007|19:57] C:\Program Files\Microsoft Office
    [17/10/2007|19:59] C:\Program Files\Microsoft Visual Studio
    [17/10/2007|19:59] C:\Program Files\Microsoft Works
    [17/10/2007|19:57] C:\Program Files\Microsoft.NET
    [06/05/2005|19:59] C:\Program Files\Movie Maker
    [07/10/2008|01:58] C:\Program Files\Mozilla Firefox
    [17/10/2007|19:00] C:\Program Files\MSBuild
    [06/05/2005|19:57] C:\Program Files\MSN
    [06/05/2005|19:58] C:\Program Files\MSN Gaming Zone
    [29/09/2008|12:11] C:\Program Files\MSN Messenger
    [11/10/2007|17:28] C:\Program Files\MSXML 4.0
    [06/05/2005|19:59] C:\Program Files\NetMeeting
    [04/02/2008|16:37] C:\Program Files\Nokia
    [06/05/2005|20:14] C:\Program Files\Norton Internet Security
    [18/09/2008|00:32] C:\Program Files\Nvu
    [06/05/2005|19:58] C:\Program Files\Online Services
    [22/01/2008|16:12] C:\Program Files\OpenOffice.org 2.3
    [06/05/2005|19:59] C:\Program Files\Outlook Express
    [16/01/2008|01:51] C:\Program Files\PC Connectivity Solution
    [02/10/2008|03:12] C:\Program Files\Power Tab Software
    [22/10/2007|02:51] C:\Program Files\QuickTime
    [14/05/2008|16:31] C:\Program Files\RayV
    [17/10/2007|18:57] C:\Program Files\Reference Assemblies
    [18/09/2008|00:30] C:\Program Files\RiseofAtlantis_at
    [22/09/2008|06:56] C:\Program Files\s300
    [18/12/2007|13:08] C:\Program Files\SAGEM
    [06/05/2005|19:59] C:\Program Files\Services en ligne
    [14/11/2007|12:22] C:\Program Files\SopCast
    [15/01/2008|05:35] C:\Program Files\Sports Interactive
    [06/10/2008|23:35] C:\Program Files\Spybot - Search & Destroy
    [03/10/2008|03:20] C:\Program Files\SpywareBlaster
    [06/10/2008|22:43] C:\Program Files\Steam
    [06/05/2005|20:13] C:\Program Files\Symantec
    [12/10/2007|09:02] C:\Program Files\SymNetDrv
    [06/05/2005|20:10] C:\Program Files\Synaptics
    [30/04/2008|02:33] C:\Program Files\SystemRequirementsLab
    [04/05/2008|22:56] C:\Program Files\TmNationsForever
    [06/10/2008|18:33] C:\Program Files\Trend Micro
    [21/10/2007|19:43] C:\Program Files\Trust
    [12/11/2007|13:55] C:\Program Files\TVUPlayer
    [11/02/2008|22:20] C:\Program Files\Ulead Systems
    [06/05/2005|20:18] C:\Program Files\Uninstall Information
    [20/09/2008|07:38] C:\Program Files\uTorrent
    [11/02/2008|21:54] C:\Program Files\Video-AVI to GIF-JPEG
    [08/11/2007|08:21] C:\Program Files\VideoLAN
    [07/11/2007|19:48] C:\Program Files\Windows Live
    [17/10/2007|18:54] C:\Program Files\Windows Media Connect 2
    [06/05/2005|19:58] C:\Program Files\Windows Media Player
    [06/05/2005|19:57] C:\Program Files\Windows NT
    [06/05/2005|19:59] C:\Program Files\WindowsUpdate
    [24/01/2008|20:50] C:\Program Files\WinLemm
    [23/11/2007|02:20] C:\Program Files\WinRAR
    [19/09/2008|23:06] C:\Program Files\World of Warcraft
    [17/11/2007|08:24] C:\Program Files\WowCartographe
    [06/05/2005|20:01] C:\Program Files\xerox
    [15/01/2008|05:37] C:\Program Files\Zero G Registry

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [06/10/2008|01:10] C:\Program Files\Fichiers communs\Adobe
    [21/10/2007|15:05] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [17/10/2007|19:59] C:\Program Files\Fichiers communs\DESIGNER
    [06/05/2005|20:07] C:\Program Files\Fichiers communs\InstallShield
    [15/09/2008|17:50] C:\Program Files\Fichiers communs\Java
    [04/02/2008|16:33] C:\Program Files\Fichiers communs\Microsoft Shared
    [06/05/2005|19:59] C:\Program Files\Fichiers communs\MSSoap
    [04/02/2008|16:34] C:\Program Files\Fichiers communs\Nokia
    [06/05/2005|19:53] C:\Program Files\Fichiers communs\ODBC
    [16/01/2008|01:52] C:\Program Files\Fichiers communs\PCSuite
    [06/05/2005|19:59] C:\Program Files\Fichiers communs\Services
    [06/05/2005|19:53] C:\Program Files\Fichiers communs\SpeechEngines
    [06/10/2008|23:34] C:\Program Files\Fichiers communs\Symantec Shared
    [06/05/2005|19:59] C:\Program Files\Fichiers communs\System
    [01/10/2008|00:24] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 67 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\UTILIS~1\Cookies\utilisateur@adopt.euroclick[2].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-07 04:09:55
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    C:\DOCUME~1\UTILIS~1\LOCALS~1\APPLIC~1\kuosg.dat 5415 bytes
    C:\DOCUME~1\UTILIS~1\LOCALS~1\APPLIC~1\kuosg.exe 294912 bytes executable
    C:\DOCUME~1\UTILIS~1\LOCALS~1\APPLIC~1\kuosg_nav.dat 280584 bytes
    C:\DOCUME~1\UTILIS~1\LOCALS~1\APPLIC~1\kuosg_navps.dat 334 bytes
    scan completed successfully
    hidden processes: 0
    hidden files: 37

    --------------------\\ Recherche d'autres infections


    C:\DOCUME~1\UTILIS~1\LOCALS~1\APPLIC~1\kuosg.dat
    C:\DOCUME~1\UTILIS~1\LOCALS~1\APPLIC~1\kuosg.exe
    C:\DOCUME~1\UTILIS~1\LOCALS~1\APPLIC~1\kuosg_nav.dat
    C:\DOCUME~1\UTILIS~1\LOCALS~1\APPLIC~1\kuosg_navps.dat
    C:\DOCUME~1\UTILIS~1\LOCALS~1\APPLIC~1\oesmi.dat
    C:\DOCUME~1\UTILIS~1\LOCALS~1\APPLIC~1\oesmi.exe
    C:\DOCUME~1\UTILIS~1\LOCALS~1\APPLIC~1\oesmi_nav.dat
    C:\DOCUME~1\UTILIS~1\LOCALS~1\APPLIC~1\oesmi_navps.dat
    ==> EGDACCESS <==

    C:\WINDOWS\system32\IPstAGgh.ini
    C:\WINDOWS\system32\IPstAGgh.ini2
    ==> VUNDO <==



    [F:19][D:13]-> C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp
    [F:44][D:0]-> C:\DOCUME~1\UTILIS~1\Cookies
    [F:964][D:4]-> C:\DOCUME~1\UTILIS~1\LOCALS~1\TEMPOR~1\content.IE5
    [F:2][D:0]-> C:\Recycled

    1 - "C:\Lop SD\LopR_1.txt" - 07/10/2008| 4:14 - Option : [1]

    --------------------\\ Fin du rapport a 4:14:39



    :hello: 
    7 Octobre 2008 09:36:56

    Re,

    Télécharge Navilog (de Il-Mafioso)

    Enregistre-le sur ton Bureau.
    Installe-le en double cliquant sur navilog.exe.
    Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
    (Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

    Une fois l'installation terminée, fais un clic droit sur le raccourci navilog1 puis choisis "Exécuter en tant qu'administrateur". ( Pour Vista)

    Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
    ! N'utilise pas l'option 2,3 et 4 sans notre accord !
    Patiente jusqu'à l'apparition de ce message :
    "*** Analyse Termine le ..... ***"
    Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.

    Le rapport se trouve ici :C:\fixnavi.txt

    ;) 
    7 Octobre 2008 13:31:51

    Bonjour ! :) 


    Voila le nouveau rapport :



    Search Navipromo version 3.6.6 commencé le 07/10/2008 à 13:13:57,84

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Session actuelle : "utilisateur"

    Mise à jour le 29.09.2008 à 17h30 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.13
    Système de fichiers : NTFS

    Recherche executé en mode normal

    *** Recherche Programmes installés ***


    *** Recherche dossiers dans "C:\WINDOWS" ***


    *** Recherche dossiers dans "C:\Program Files" ***


    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudÉ~1\progra~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudÉ~1" ***


    *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\utilisateur\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\utilisateur\locals~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\utilisateur\menud+~1\progra~1" ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans "C:\WINDOWS\system32" *

    Fichiers trouvés :

    lszzwlgivo.exe trouvé !
    wyalqfq.exe trouvé !

    * Recherche dans "C:\Documents and Settings\utilisateur\locals~1\applic~1" *



    *** Recherche fichiers ***



    *** Recherche clés spécifiques dans le Registre ***

    HKEY_CURRENT_USER\Software\Lanconfig trouvé !

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans "C:\WINDOWS\system32" :


    * Dans "C:\Documents and Settings\utilisateur\locals~1\applic~1" :

    oesmi.dat trouvé !
    oesmi.exe trouvé !
    oesmi_nav.dat trouvé !
    oesmi_navps.dat trouvé !

    3)Recherche Certificats :

    Certificat Egroup trouvé !
    Certificat Electronic-Group trouvé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit trouvé !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche fichiers connus :

    C:\WINDOWS\system32\IPstAGgh.ini2 trouvé ! infection Vundo possible non traitée par cet outil !


    *** Analyse terminée le 07/10/2008 à 13:30:14,46 ***


    :hello: 
    7 Octobre 2008 15:33:42

    Re,

    Double clique sur le raccourci de navilog1.
    Option 2 puis valide. (entrée)
    Laisse toi guider.
    Ton ordinateur va redémarrer, sinon fais le manuellement.

    Ton bureau va disparaître.

    Patiente jusqu'à l'apparition de ce message :
    "*** Nettoyage Termine le ..... ***"

    Appuie sur une touche comme demandé, le Bloc-notes va s'ouvrir.
    Sauvegarde le rapport.
    Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau


    Démarrer -> panneau de configuration -> options internet
    Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

    Montorgueil ; VIP

    ~~> Supprime-les si présents ! (pas les autres) <~~

    Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
    Ainsi qu'un nouveau rapport Hijackthis.

    +++++++++++

    Les programmes suivants installent cette infection :

    * Favorit
    * Go-astro
    * GoRecord
    * HotTVPlayer
    * MailSkinner
    * Messenger Skinner
    * Instant Access
    * InternetGameBox
    * sudoplanet
    * Webmediaplayer : sauf celui provenant du site suivant > http://www.azertysite.new.fr/
    * Sur le site www.games-desktop.com (Ne pas aller dessus!)

    ;) 
    7 Octobre 2008 19:30:01

    Je n'ai pas trouvé de Montorgueil ou VIP, je ne sais pas si c'est normal ou pas (dans la liste des programmes je vois MessengerSkinner que j'avais effectivement installé et désinstallé depuis)


    Voila les deux rapports :



    Clean Navipromo version 3.6.6 commencé le 07/10/2008 à 19:02:56,67

    Outil exécuté depuis C:\Program Files\navilog1
    Session actuelle : "utilisateur"

    Mise à jour le 29.09.2008 à 17h30 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.13
    Système de fichiers : NTFS

    Mode suppression automatique
    avec prise en charge résultats Catchme et GNS


    Nettoyage exécuté au redémarrage de l'ordinateur


    *** fsbl1.txt non trouvé ***
    (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans "C:\WINDOWS\System32" *


    lszzwlgivo.exe trouvé !
    Copie lszzwlgivo.exe réalisée avec succès !
    lszzwlgivo.exe supprimé !

    wyalqfq.exe trouvé !
    Copie wyalqfq.exe réalisée avec succès !
    wyalqfq.exe supprimé !


    * Suppression dans "C:\Documents and Settings\utilisateur\locals~1\applic~1" *




    *** Suppression dossiers dans "C:\WINDOWS" ***


    *** Suppression dossiers dans "C:\Program Files" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudÉ~1\progra~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudÉ~1" ***


    *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\utilisateur\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\utilisateur\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\utilisateur\menud+~1\progra~1" ***



    *** Suppression fichiers ***


    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\utilisateur\locals~1\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :


    * Dans "C:\WINDOWS\system32" *


    * Dans "C:\Documents and Settings\utilisateur\locals~1\applic~1" *


    kuosg.exe trouvé !
    Copie kuosg.exe réalisée avec succès !
    kuosg.exe supprimé !

    kuosg.dat trouvé !
    Copie kuosg.dat réalisée avec succès !
    kuosg.dat supprimé !

    kuosg_nav.dat trouvé !
    Copie kuosg_nav.dat réalisée avec succès !
    kuosg_nav.dat supprimé !

    kuosg_navps.dat trouvé !
    Copie kuosg_navps.dat réalisée avec succès !
    kuosg_navps.dat supprimé !

    C:\WINDOWS\prefetch\kuosg*.pf trouvé !
    Copie C:\WINDOWS\prefetch\kuosg*.pf réalisée avec succès !
    C:\WINDOWS\prefetch\kuosg*.pf supprimé !

    oesmi.exe trouvé !
    Copie oesmi.exe réalisée avec succès !
    oesmi.exe supprimé !

    oesmi.dat trouvé !
    Copie oesmi.dat réalisée avec succès !
    oesmi.dat supprimé !

    oesmi_nav.dat trouvé !
    Copie oesmi_nav.dat réalisée avec succès !
    oesmi_nav.dat supprimé !

    oesmi_navps.dat trouvé !
    Copie oesmi_navps.dat réalisée avec succès !
    oesmi_navps.dat supprimé !

    C:\WINDOWS\prefetch\oesmi*.pf trouvé !
    Copie C:\WINDOWS\prefetch\oesmi*.pf réalisée avec succès !
    C:\WINDOWS\prefetch\oesmi*.pf supprimé !


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok


    *** Certificats ***

    Certificat Egroup supprimé !
    Certificat Electronic-Group supprimé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit supprimé !
    Certificat Sunny-Day-Design-Ltdt absent !

    *** Nettoyage terminé le 07/10/2008 à 19:14:30,82 ***






    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:27:16, on 07/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\NOTEPAD.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - (no file)
    O4 - HKLM\..\Run: [tempreg] regsvr32 /s "C:\Program Files\s300\s300_1202966199.dll"
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [BM2b76f54f] Rundll32.exe "C:\WINDOWS\system32\vgsrayfn.dll",s
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O20 - AppInit_DLLs: cmrwvo.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

    --
    End of file - 11181 bytes
    8 Octobre 2008 09:37:08

    Re,

    C'est normal ;) 

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    ;) 
    8 Octobre 2008 18:27:45

    Bien le bonjour ! :) 


    Voila le rapport de MalwareByte's Anti-Malware :



    Malwarebytes' Anti-Malware 1.28
    Version de la base de données: 1241
    Windows 5.1.2600 Service Pack 2

    08/10/2008 18:16:09
    mbam-log-2008-10-08 (18-16-09).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 139401
    Temps écoulé: 1 hour(s), 50 minute(s), 10 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 2
    Clé(s) du Registre infectée(s): 15
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 71

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\hgGAtsPI.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\uebogk.dll (Trojan.Vundo) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98d714df-8e1b-460a-a6a5-66e2afd4cdd6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{98d714df-8e1b-460a-a6a5-66e2afd4cdd6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5054c48-b751-489d-9ece-f0156ff790b6} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{c5054c48-b751-489d-9ece-f0156ff790b6} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\s300.s300mgr (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\s300.s300mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm2b76f54f (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\hggatspi -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\hggatspi -> Delete on reboot.

    Dossier(s) infecté(s):
    C:\Program Files\s300 (Trojan.BHO) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\uebogk.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\hgGAtsPI.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\IPstAGgh.ini (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\IPstAGgh.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ftruavlg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\glvaurtf.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hhjuwpmc.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\cmpwujhh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\iajlqpty.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ytpqljai.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\jlnowxgf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\fgxwonlj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\qgpxosfs.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sfsoxpgq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sfbmquuk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\kuuqmbfs.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ulkihokb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bkohiklu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\vhrxlbde.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\edblxrhv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wxbmuksi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\iskumbxw.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\4IAO0NNC\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\NDXDLN81\nd82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\utilisateur\Local Settings\Temporary Internet Files\Content.IE5\YMWOCE13\kb678031[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001162.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001163.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001164.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001165.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001166.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001167.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001169.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001170.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001171.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001172.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001173.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001174.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001176.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001178.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001179.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001180.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001181.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{457BC0D9-E5D6-435E-80B9-A32C77394B1F}\RP5\A0001182.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\abgavy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\acgyscpp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ajnsttie.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ajxqsm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bgnkzg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\btxgffjk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\cdwvbdgm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\cmrwvo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\fhptnt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hduhettv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hirqvowx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hyftyt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\irrvibbe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\lysohjqt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\nhyqvfob.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\nixpbydc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ochgrhua.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\oorlvu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\pmsshrqi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\psmtmg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sbpdmw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\teeoxipk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\uhukwijp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\BM2b76f54f.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\BM2b76f54f.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.


    :hello: 
    9 Octobre 2008 10:06:21

    Bonjour,

    On continue :) 

    Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.

    ;) 
    9 Octobre 2008 19:52:51

    Bonjour, voila les deux nouveaux rapports :




    Logfile of random's system information tool 1.04 (written by random/random)
    Run by utilisateur at 2008-10-09 19:49:27
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive C: has 14 GB (24%) free of 56 GB
    Total RAM: 767 MB (22% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:49:34, on 09/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\utilisateur\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\utilisateur.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {036371A5-B1C3-44AD-B8C4-5EE36A1CB180} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {2D7210C4-686D-4691-B370-7D5775EA9230} - (no file)
    O2 - BHO: (no name) - {4E8126E1-FB11-4A3C-979D-7C72EABAB1E3} - (no file)
    O2 - BHO: (no name) - {530dc8af-ff87-44e2-848e-1f9bf6a932a6} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {75B001FD-1270-4656-9D5F-882F9552F370} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {9d5f27ea-4b24-4539-a49f-88f85ec89a0d} - (no file)
    O2 - BHO: (no name) - {A20854FD-DDB5-4931-8F76-D11EA2364D94} - (no file)
    O2 - BHO: (no name) - {A26F0EEC-3FBB-4177-8791-CC23CC27223E} - (no file)
    O2 - BHO: (no name) - {baca1d50-ccb3-4a19-bfdf-922e09490604} - (no file)
    O2 - BHO: (no name) - {BBD0E43A-1DEE-4241-B140-53E5AD96B342} - (no file)
    O2 - BHO: (no name) - {BCBA2385-F533-4E16-8D7F-F1B103F7D404} - (no file)
    O2 - BHO: (no name) - {BF4C3097-35EB-41CC-BCA5-FE18554A8F4D} - (no file)
    O2 - BHO: (no name) - {C8BEBA79-ED8B-4204-A042-A945C2BAB845} - (no file)
    O2 - BHO: (no name) - {D868C9E0-7BAE-4B42-94A2-A0E37E30D1E0} - (no file)
    O2 - BHO: (no name) - {E47A633F-8359-4971-9166-10EF6E9AA907} - (no file)
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - (no file)
    O4 - HKLM\..\Run: [tempreg] regsvr32 /s "C:\Program Files\s300\s300_1202966199.dll"
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [BM2b76f54f] Rundll32.exe "C:\WINDOWS\system32\vgsrayfn.dll",s
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O20 - AppInit_DLLs: uebogk.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

    --
    End of file - 12802 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{036371A5-B1C3-44AD-B8C4-5EE36A1CB180}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2D7210C4-686D-4691-B370-7D5775EA9230}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E8126E1-FB11-4A3C-979D-7C72EABAB1E3}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{530dc8af-ff87-44e2-848e-1f9bf6a932a6}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-07-07 1562448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75B001FD-1270-4656-9D5F-882F9552F370}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9d5f27ea-4b24-4539-a49f-88f85ec89a0d}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A20854FD-DDB5-4931-8F76-D11EA2364D94}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A26F0EEC-3FBB-4177-8791-CC23CC27223E}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{baca1d50-ccb3-4a19-bfdf-922e09490604}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBD0E43A-1DEE-4241-B140-53E5AD96B342}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BCBA2385-F533-4E16-8D7F-F1B103F7D404}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF4C3097-35EB-41CC-BCA5-FE18554A8F4D}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C8BEBA79-ED8B-4204-A042-A945C2BAB845}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D868C9E0-7BAE-4B42-94A2-A0E37E30D1E0}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E47A633F-8359-4971-9166-10EF6E9AA907}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - Norton Internet Security - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll [2004-08-30 103568]
    {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll [2005-10-19 218736]
    {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7}

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "tempreg"=regsvr32 /s C:\Program Files\s300\s300_1202966199.dll []
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-16 98394]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-12-16 688218]
    "Symantec NetDriver Monitor"=C:\PROGRA~1\SYMNET~1\SNDMon.exe [2007-10-12 100056]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "SSC_UserPrompt"=c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe [2004-11-02 218240]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-12-16 73728]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
    "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2004-09-21 81920]
    "PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
    "NB Probe"=C:\Program Files\ASUS\NB Probe\NBProbe.exe [2004-12-08 765952]
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-08-06 385024]
    "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2004-11-03 94208]
    "FLMOFFICE4DMOUSE"=C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe [2007-10-21 370176]
    "EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2004-08-06 356352]
    "ccApp"=c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-01-09 58984]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-11-30 344064]
    "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032]
    ""= []
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "BM2b76f54f"=C:\WINDOWS\system32\vgsrayfn.dll []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "Steam"=c:\program files\steam\steam.exe [2008-10-08 1410296]
    "MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-07-07 2156368]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="uebogk.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2004-12-16 94208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2004-08-06 110592]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{32341E7E-C319-46DE-91D0-E30BB1A3CABA}"= []

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:*:Enabled:Football Manager 2008"
    "C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:D isabled:Flashget"
    "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:D isabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:D isabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:D isabled:IncrediMail"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
    shell\AutoRun\command - E:\autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{92a2df4e-7802-11dc-8be4-806d6172696f}]
    shell\AutoRun\command - E:\autorun.exe


    ======List of files/folders created in the last 1 months======

    2008-10-09 19:49:27 ----D---- C:\rsit
    2008-10-08 12:11:23 ----D---- C:\Documents and Settings\utilisateur\Application Data\Malwarebytes
    2008-10-08 12:10:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-08 12:10:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-07 19:02:56 ----A---- C:\cleannavi.txt
    2008-10-07 13:13:57 ----A---- C:\fixnavi.txt
    2008-10-07 13:09:38 ----D---- C:\Program Files\Navilog1
    2008-10-07 04:00:46 ----D---- C:\Lop SD
    2008-10-07 03:08:40 ----A---- C:\lopR.txt
    2008-10-06 23:34:42 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-10-06 18:33:32 ----D---- C:\Program Files\Trend Micro
    2008-10-03 03:15:39 ----D---- C:\Program Files\SpywareBlaster
    2008-10-03 03:12:41 ----D---- C:\Program Files\Bluetack
    2008-10-03 03:12:03 ----D---- C:\WINDOWS\Downloaded Installations
    2008-10-03 01:47:07 ----D---- C:\Program Files\Avira
    2008-10-03 01:47:07 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2008-10-02 16:03:37 ----A---- C:\WINDOWS\system32\gitnhk.dll
    2008-10-02 16:03:37 ----A---- C:\WINDOWS\system32\ckksvjny.dll
    2008-10-02 03:12:47 ----D---- C:\Program Files\Power Tab Software
    2008-10-01 16:05:38 ----SH---- C:\WINDOWS\system32\ngiqgryh.ini
    2008-10-01 16:02:41 ----A---- C:\WINDOWS\system32\bvooii.dll
    2008-10-01 16:02:39 ----A---- C:\WINDOWS\system32\tdioelcu.dll
    2008-09-30 23:07:19 ----D---- C:\WINDOWS\pss
    2008-09-30 22:55:47 ----A---- C:\WINDOWS\ntbtlog.txt
    2008-09-29 23:33:31 ----SH---- C:\WINDOWS\system32\laamsmwf.ini
    2008-09-25 01:29:45 ----SH---- C:\WINDOWS\system32\umfecoiw.ini
    2008-09-23 22:16:33 ----SH---- C:\WINDOWS\system32\snrhdpna.ini
    2008-09-21 22:08:59 ----SH---- C:\WINDOWS\system32\pmvnlqyn.ini
    2008-09-19 13:02:06 ----SH---- C:\WINDOWS\system32\mwtmjsyo.ini
    2008-09-18 22:04:01 ----SH---- C:\WINDOWS\system32\nagynrdh.ini
    2008-09-18 01:20:15 ----A---- C:\WINDOWS\resetlog.txt
    2008-09-17 13:01:41 ----SH---- C:\WINDOWS\system32\ptnkqkvq.ini
    2008-09-16 06:27:49 ----A---- C:\WINDOWS\wininit.ini
    2008-09-16 04:55:16 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-09-15 17:52:40 ----A---- C:\WINDOWS\system32\REN163.tmp
    2008-09-15 17:52:39 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-09-15 17:52:39 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-09-15 17:52:39 ----A---- C:\WINDOWS\system32\java.exe
    2008-09-15 17:50:04 ----D---- C:\Program Files\Fichiers communs\Java
    2008-09-15 17:14:01 ----A---- C:\WINDOWS\system32\RENB1.tmp
    2008-09-15 17:10:12 ----A---- C:\WINDOWS\system32\REN9F.tmp
    2008-09-15 12:58:16 ----SH---- C:\WINDOWS\system32\jnmqmgkl.ini

    ======List of files/folders modified in the last 1 months======

    2008-10-09 19:49:10 ----D---- C:\WINDOWS\Prefetch
    2008-10-09 19:44:39 ----D---- C:\WINDOWS\Temp
    2008-10-09 19:40:17 ----D---- C:\Program Files\Mozilla Firefox
    2008-10-09 19:36:56 ----D---- C:\Program Files\Steam
    2008-10-09 19:36:41 ----RD---- C:\Program Files
    2008-10-09 19:36:41 ----D---- C:\Program Files\Fichiers communs
    2008-10-09 18:04:55 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
    2008-10-08 18:20:21 ----D---- C:\WINDOWS\system32
    2008-10-08 18:20:20 ----D---- C:\WINDOWS\system32\drivers
    2008-10-08 18:20:20 ----D---- C:\WINDOWS
    2008-10-08 03:35:02 ----D---- C:\Documents and Settings\utilisateur\Application Data\OpenOffice.org2
    2008-10-07 22:45:55 ----D---- C:\Program Files\World of Warcraft
    2008-10-07 20:49:55 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-10-07 19:09:10 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-10-07 03:33:26 ----D---- C:\Documents and Settings\utilisateur\Application Data\uTorrent
    2008-10-06 01:36:08 ----D---- C:\Program Files\Mario Forever
    2008-10-06 01:25:30 ----SHD---- C:\WINDOWS\Installer
    2008-10-06 01:24:58 ----D---- C:\Program Files\Corel
    2008-10-06 01:10:53 ----D---- C:\Program Files\Fichiers communs\Adobe
    2008-10-06 01:06:42 ----D---- C:\Program Files\Adobe
    2008-10-06 00:25:04 ----D---- C:\Documents and Settings\utilisateur\Application Data\Adobe
    2008-10-06 00:19:29 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-10-03 03:12:44 ----RSD---- C:\WINDOWS\Fonts
    2008-10-03 02:15:36 ----D---- C:\WINDOWS\Minidump
    2008-10-02 03:12:48 ----D---- C:\WINDOWS\Help
    2008-10-01 15:16:10 ----SHD---- C:\System Volume Information
    2008-10-01 15:16:10 ----D---- C:\WINDOWS\system32\Restore
    2008-10-01 14:39:41 ----RASH---- C:\boot.ini
    2008-10-01 14:39:41 ----A---- C:\WINDOWS\win.ini
    2008-10-01 14:39:41 ----A---- C:\WINDOWS\system.ini
    2008-10-01 00:24:46 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-09-29 12:19:44 ----D---- C:\WINDOWS\system32\CatRoot
    2008-09-29 12:11:17 ----D---- C:\Program Files\MSN Messenger
    2008-09-29 12:11:15 ----HD---- C:\WINDOWS\inf
    2008-09-20 07:38:23 ----D---- C:\Program Files\uTorrent
    2008-09-18 00:32:05 ----D---- C:\Program Files\Nvu
    2008-09-18 00:30:43 ----D---- C:\Program Files\RiseofAtlantis_at
    2008-09-18 00:28:58 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2008-09-18 00:21:18 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-09-18 00:18:33 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2008-09-17 02:49:50 ----D---- C:\Documents and Settings\utilisateur\Application Data\vlc
    2008-09-16 06:43:49 ----D---- C:\Documents and Settings\All Users\Application Data\Ulead Systems
    2008-09-15 17:52:25 ----D---- C:\Program Files\Java
    2008-09-15 13:03:28 ----D---- C:\Program Files\Messenger Plus! Live
    2008-09-15 12:57:17 ----SH---- C:\WINDOWS\system32\gfyvyyxr.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2004-07-20 20096]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
    R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-03-28 266552]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.0.1; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-05-06 17056]
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-09-14 13059]
    R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-08-06 11354]
    R2 SAVRTPEL;SAVRTPEL; \??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS []
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-12-16 2284864]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-12-16 873984]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 Cam5603C;BisonCam, USB2.0; C:\WINDOWS\System32\Drivers\Bs350u2.sys [2005-01-27 633728]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
    R3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-09-14 1041536]
    R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-09-14 200064]
    R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
    R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-28 5760]
    R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20071010.023\NAVENG.Sys []
    R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20071010.023\NavEx15.Sys []
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-09-14 70144]
    R3 SAVRT;SAVRT; \??\c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS []
    R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-03-28 11480]
    R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
    R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-03-28 171928]
    R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-03-28 37016]
    R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20071011.001\symidsco.sys []
    R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-03-28 47192]
    R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-03-28 18904]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-12-16 185824]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D.sys [2004-07-06 44544]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-08-07 3210496]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-09-14 685056]
    S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys []
    S3 catchme;catchme; \??\C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
    S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
    S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
    S3 ser2pl;SAGEM USB-Serial; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2005-07-25 48640]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-07-06 561152]
    R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-12-16 425984]
    R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2004-07-20 90112]
    R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-07-25 100032]
    R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe [2007-01-09 198248]
    R2 ccProxy;Symantec Network Proxy; c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2006-06-14 235168]
    R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe [2007-01-09 181864]
    R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-08-06 86016]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
    R2 ISSVC;ISSvc; c:\Program Files\Norton Internet Security\ISSVC.exe [2005-04-18 83584]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 navapsvc;Norton AntiVirus Auto-Protect Service; c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe [2005-10-19 177264]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2004-08-06 98304]
    R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
    R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-08-06 139264]
    R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-08-06 360521]
    R2 SNDSrvc;Symantec Network Drivers Service; c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe [2007-03-28 206552]
    R2 SPBBCSvc;Symantec SPBBCSvc; c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe [2004-07-21 173160]
    R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2004-02-04 106496]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
    R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
    S2 SBService;ScriptBlocking Service; C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe [2005-10-19 67184]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 ccPwdSvc;Symantec Password Validation; c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe [2007-01-09 79464]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-07-25 2119360]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 SAVScan;SAVScan; c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe [2005-03-07 198368]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

    -----------------EOF-----------------







    info.txt logfile of random's system information tool 1.04 2008-10-09 19:49:37

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Ad-Aware 2007-->MsiExec.exe /X{E31C348B-63A9-4CBF-8D7F-D932ABB63244}
    Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Age of Mythology-->"C:\Program Files\Microsoft Games\Age of Mythology\UNINSTAL.EXE" /runtemp /addremove
    Apple Software Update-->MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Asus ChkMail-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Asus\Asus ChkMail\Uninst.isu"
    ASUS Enhanced Display Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\SETUP.EXE" -l0x9
    ASUS GameFace Live-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{68D8533B-9EE7-46AB-B8B2-D643F888C5DF}
    ASUS Live Update-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\ASUS Live Update\Uninst.isu" -c"C:\Program Files\ASUS\ASUS Live Update\Uninst.dll"
    ASUS Video Security-->c:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{169E414A-37C7-434E-9021-27A03AE087CD}
    Asus_A6_ScreenSaver-->C:\WINDOWS\Asus_A6_ScreenSaver.scr /u
    ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    B.I.S.S. Hosts Manager-->MsiExec.exe /I{A931C76A-8189-4485-A686-53A91658CD30}
    BisonCam, USB2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9E3ACAB-1A3B-4B67-A653-916F250ABAD4}\SETUP.EXE" -l0x40c
    CC_ccProxyExt-->MsiExec.exe /I{DA42FDCA-7C5A-43EF-9A05-CCE148ADF919}
    ccCommon-->MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    ccPxyCore-->MsiExec.exe /I{FC08587A-4F01-4188-819F-F55880022917}
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
    Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    FM Modifier 2.22-->MsiExec.exe /I{AE86AE81-CD7F-496F-A39F-0210C985E71B}
    Football Manager 2008-->"C:\Program Files\Sports Interactive\Football Manager 2008\Uninstall_Football Manager 2008\Uninstall Football Manager 2008.exe"
    Free - Kit de connexion-->C:\Program Files\Free.fr\uninstall.exe
    Game Cam v1.4-->MsiExec.exe /I{EBE7050B-7988-4BC3-BBFD-5C6828859483}
    HijackThis 2.0.2-->"C:\Documents and Settings\utilisateur\Bureau\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Lemmings for Windows 95-->C:\Program Files\WinLemm\wlvsun10.exe uninstall
    LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VCSetup.exe /REMOVE
    LiveUpdate 3.0 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
    Magic ISO Maker v5.4 (build 0256)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    mCore-->MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
    mDriver-->MsiExec.exe /I{28DA872A-0848-48CF-B749-19A198157A2A}
    mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
    mEoU.msi-->MsiExec.exe /I{B502B428-3386-40A9-98DB-079AAB72E64F}
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
    Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
    Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft GIF Animator-->C:\Program Files\Microsoft GIF Animator\setup\GifACME.exe
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB939653)-->"C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB920342)-->"C:\WINDOWS\$NtUninstallKB920342$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB925876)-->"C:\WINDOWS\$NtUninstallKB925876$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
    mIWCA-->MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}
    mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
    mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
    Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
    mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
    mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
    MSRedist-->MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
    mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
    mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
    My Pictures And Sounds 7.15-->C:\Program Files\SAGEM\My Pictures And Sounds\Uninstall.exe
    mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
    Navilog1 3.6.6-->"C:\Program Files\Navilog1\unins000.exe"
    NB Probe v3.0.0005-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\NB Probe\Uninst.isu" -c"C:\Program Files\ASUS\NB Probe\installDLL.dll"
    Nokia Connectivity Cable Driver-->MsiExec.exe /X{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}
    Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Nokia_PC_Suite_6_84_10_3_EA.exe
    Nokia PC Suite-->MsiExec.exe /I{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}
    Nokia Software Updater-->MsiExec.exe /X{3741689E-584D-40C9-B011-373A0371846D}
    Norton AntiSpam-->MsiExec.exe /I{3B29A786-5803-4e9e-9B58-3014A5B4E519}
    Norton AntiSpam-->MsiExec.exe /I{5677563D-0CB1-485f-9E18-C5025306BB3F}
    Norton AntiVirus 2005-->MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
    Norton Internet Security 2005 (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe /X
    Norton Internet Security-->MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125}
    Norton Internet Security-->MsiExec.exe /I{449F3A9E-9903-4a0d-A209-08030D45A935}
    Norton Internet Security-->MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
    Norton Internet Security-->MsiExec.exe /I{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}
    Norton Internet Security-->MsiExec.exe /I{A93C9E60-29B6-49da-BA21-F70AC6AADE20}
    Norton Internet Security-->MsiExec.exe /I{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF}
    Norton Internet Security-->MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
    Norton Internet Security-->MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
    Norton Internet Security-->MsiExec.exe /I{FC2C0536-583C-46c0-844A-62CECAE01F22}
    Norton WMI Update-->MsiExec.exe /X{E85FA9A1-C241-4698-893B-DD99509B8DB0}
    Norton WMI Update-->MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
    OpenOffice.org 2.3-->MsiExec.exe /I{B087B0C3-F595-485A-B86B-73326BA8693A}
    Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
    Package de pilotes Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_044C8712DB44F83D9DE6C376991EE9254E0A69E4\pccswpddriver.inf
    Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
    Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
    Package de pilotes Windows - Nokia Modem (05/24/2007 6.84.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
    PC Connectivity Solution-->MsiExec.exe /I{99A40651-0BC2-4095-8F9A-A40FAB224FEF}
    Power Tab Editor 1.7-->MsiExec.exe /I{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}
    Power4 Gear-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4462AD13-F2AA-4CBD-9F95-293C38EED870}\setup.exe" -l0x9
    QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
    SAGEM USB-Serial v2.0.2.1-->"C:\Program Files\SAGEM\USBSerial\Drivers\uninstall.exe" /ID=USBSerial_x86
    SimCity 2000® Collection CD-->C:\WINDOWS\unin040c.exe -f"C:\Fichiers programmes\Maxis\SimCity 2000\DeIsL1.isu"
    SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_18261043\HXFSETUP.EXE -U -Iaus1826k.inf
    SopCast 1.1.2-->C:\Program Files\SopCast\uninst.exe
    SPBBC-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
    Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    Symantec Script Blocking Installer-->MsiExec.exe /I{D327AFC9-7BAA-473A-8319-6EB7A0D40138}
    SymNet-->MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    Theme Hospital-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\Bullfrog\Hospital\DeIsL1.isu"
    TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
    TRUST MI-4550XP WIRELESS OPTICAL MINI MOUSE-->C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\uninst00.exe
    TVUPlayer 2.3.3.2-->C:\Program Files\TVUPlayer\uninst.exe
    Update FMC V4.5 Vf-->"C:\Program Files\Sports Interactive\Football Manager 2008\data\db\unins000.exe"
    VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
    Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
    Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
    Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
    WINFLASH V2.15-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\WINFLASH\Uninst.isu"
    World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
    Worms World Party-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~
    10 Octobre 2008 20:24:00

    Bonsoir,

    Merci de visiter ce lien pour savoir comment installer et exécuter ComboFix :

    http://www.bleepingcomputer.com/combofix/fr/comment-uti...

    Cela inclut l'installation de la console de récupération windows si jamais elle n'est pas déjà été installée sur le PC. Il est vivement recommandé d'installer la console de récupération windows, car elle permet d'avoir accès à un très grand nombre de fonctionnalités dans le cas où le PC ne redémarrerait plus. C'est une sécurité supplémentaire en quelque sorte.

    Une fois la console de récupération installée, vous aurez le choix au démarrage entre votre windows habituel et la console de récupération. Lancez votre windows habituel, puisque nous n'avons pas besoin d'utiliser la console de récupération, qui ne sert qu'en cas de problèmes. Par défaut, votre OS est sélectionné et il se lance automatiquement au bout de deux secondes. C'est normal :) 

    Merci de me poster dans ta prochaine réponse le rapport de combofix accompagné d'un nouveau rapport HijackThis.

    ;) 
    10 Octobre 2008 21:53:32

    Bonsoir !


    Les deux nouveaux rapports :




    ComboFix 08-10-10.01 - utilisateur 2008-10-10 21:35:30.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.381 [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\utilisateur\Bureau\ComboFix.exe
    Commutateurs utilisés :: C:\Documents and Settings\utilisateur\Bureau\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
    * Un nouveau point de restauration a été créé
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\config.ini
    C:\WINDOWS\system32\baicqurp.ini
    C:\WINDOWS\system32\bvooii.dll
    C:\WINDOWS\system32\ckksvjny.dll
    C:\WINDOWS\system32\gfyvyyxr.ini
    C:\WINDOWS\system32\gitnhk.dll
    C:\WINDOWS\system32\gvualqyk.ini
    C:\WINDOWS\system32\jnmqmgkl.ini
    C:\WINDOWS\system32\laamsmwf.ini
    C:\WINDOWS\system32\mwtmjsyo.ini
    C:\WINDOWS\system32\nagynrdh.ini
    C:\WINDOWS\system32\ngiqgryh.ini
    C:\WINDOWS\system32\pmvnlqyn.ini
    C:\WINDOWS\system32\ptnkqkvq.ini
    C:\WINDOWS\system32\snrhdpna.ini
    C:\WINDOWS\system32\tdioelcu.dll
    C:\WINDOWS\system32\umfecoiw.ini
    C:\WINDOWS\system32\welhmcfr.ini

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-10 au 2008-10-10 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-10 20:58 . 2008-10-10 20:58 <REP> d-------- C:\ERDNT
    2008-10-09 19:49 . 2008-10-09 19:49 <REP> d-------- C:\rsit
    2008-10-08 12:11 . 2008-10-08 12:11 <REP> d-------- C:\Documents and Settings\utilisateur\Application Data\Malwarebytes
    2008-10-08 12:11 . 2008-09-10 00:08 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-08 12:10 . 2008-10-08 12:11 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-08 12:10 . 2008-10-08 12:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-08 12:10 . 2008-09-10 00:08 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-07 13:09 . 2008-10-07 19:14 <REP> d-------- C:\Program Files\Navilog1
    2008-10-07 04:00 . 2008-10-07 04:14 <REP> d-------- C:\Lop SD
    2008-10-06 23:34 . 2008-10-06 23:35 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-10-06 18:33 . 2008-10-06 18:33 <REP> d-------- C:\Program Files\Trend Micro
    2008-10-03 03:15 . 2008-10-03 03:20 <REP> d-------- C:\Program Files\SpywareBlaster
    2008-10-03 03:12 . 2008-10-03 03:12 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2008-10-03 03:12 . 2008-10-03 03:12 <REP> d-------- C:\Program Files\Bluetack
    2008-10-03 01:47 . 2008-10-03 01:47 <REP> d-------- C:\Program Files\Avira
    2008-10-03 01:47 . 2008-10-03 01:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-10-02 23:36 . 2008-10-10 12:50 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-10-02 23:36 . 2008-10-02 23:36 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-10-02 03:12 . 2008-10-02 03:12 <REP> d-------- C:\Program Files\Power Tab Software
    2008-09-16 06:27 . 2008-10-06 00:17 3,580 --a------ C:\WINDOWS\wininit.ini
    2008-09-16 04:55 . 2008-10-06 23:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-09-15 17:52 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\REN163.tmp
    2008-09-15 17:50 . 2008-09-15 17:50 <REP> d-------- C:\Program Files\Fichiers communs\Java
    2008-09-15 17:14 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\RENB1.tmp
    2008-09-15 17:10 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\REN9F.tmp

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-10 19:39 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2008-10-09 23:02 --------- d-----w C:\Program Files\Steam
    2008-10-08 01:35 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\OpenOffice.org2
    2008-10-07 20:45 --------- d-----w C:\Program Files\World of Warcraft
    2008-10-07 01:33 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\uTorrent
    2008-10-05 23:36 --------- d-----w C:\Program Files\Mario Forever
    2008-10-05 23:24 --------- d-----w C:\Program Files\Corel
    2008-10-05 23:10 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-09-30 22:24 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-09-29 10:11 --------- d-----w C:\Program Files\MSN Messenger
    2008-09-20 05:38 --------- d-----w C:\Program Files\uTorrent
    2008-09-17 22:32 --------- d-----w C:\Program Files\Nvu
    2008-09-17 22:30 --------- d-----w C:\Program Files\RiseofAtlantis_at
    2008-09-17 22:28 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-09-17 22:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-17 00:49 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\vlc
    2008-09-16 04:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
    2008-09-15 15:52 --------- d-----w C:\Program Files\Java
    2008-09-15 11:03 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-02-12 18:50 168 --sh--r C:\WINDOWS\system32\88DB2A202A.sys
    2008-03-26 13:13 6,266 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
    "Steam"="c:\program files\steam\steam.exe" [2008-10-08 1410296]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 2156368]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-12-16 98394]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-12-16 688218]
    "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-10-12 100056]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "SSC_UserPrompt"="c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-11-02 218240]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 286720]
    "Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2004-09-21 81920]
    "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
    "NB Probe"="C:\Program Files\ASUS\NB Probe\NBProbe.exe" [2004-12-08 765952]
    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-08-06 385024]
    "HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2004-11-03 94208]
    "FLMOFFICE4DMOUSE"="C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe" [2007-10-21 370176]
    "EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [2004-08-06 356352]
    "ccApp"="c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-01-09 58984]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-30 344064]
    "ASUS Live Update"="C:\Program Files\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 172032]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
    "SoundMan"="SOUNDMAN.EXE" [2004-12-16 C:\WINDOWS\SOUNDMAN.EXE]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]
    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe [2005-05-06 32768]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
    2004-08-06 16:48 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=uebogk.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "vidc.asv2"= asusasv2.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=

    R0 rmedia;Ricoh MediaCard Driver;C:\WINDOWS\system32\DRIVERS\rmedia.sys [2004-09-14 67456]
    R3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
    R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D.sys [2004-07-06 44544]
    S3 Asushwio;Asushwio;C:\WINDOWS\system32\drivers\Asushwio.sys [2000-03-29 5824]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
    \Shell\AutoRun\command - E:\autorun.exe

    *Newly Created Service* - PROCEXP90
    *Newly Created Service* - RMEDIA
    .
    Contenu du dossier 'Tâches planifiées'

    2008-10-07 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 13:42]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    BHO-{036371A5-B1C3-44AD-B8C4-5EE36A1CB180} - (no file)
    BHO-{2D7210C4-686D-4691-B370-7D5775EA9230} - (no file)
    BHO-{4E8126E1-FB11-4A3C-979D-7C72EABAB1E3} - (no file)
    BHO-{530dc8af-ff87-44e2-848e-1f9bf6a932a6} - (no file)
    BHO-{75B001FD-1270-4656-9D5F-882F9552F370} - (no file)
    BHO-{9d5f27ea-4b24-4539-a49f-88f85ec89a0d} - (no file)
    BHO-{A26F0EEC-3FBB-4177-8791-CC23CC27223E} - (no file)
    BHO-{baca1d50-ccb3-4a19-bfdf-922e09490604} - (no file)
    BHO-{BBD0E43A-1DEE-4241-B140-53E5AD96B342} - (no file)
    BHO-{BCBA2385-F533-4E16-8D7F-F1B103F7D404} - (no file)
    BHO-{BF4C3097-35EB-41CC-BCA5-FE18554A8F4D} - (no file)
    BHO-{C8BEBA79-ED8B-4204-A042-A945C2BAB845} - (no file)
    BHO-{D868C9E0-7BAE-4B42-94A2-A0E37E30D1E0} - (no file)
    BHO-{E47A633F-8359-4971-9166-10EF6E9AA907} - (no file)
    HKLM-Run-BM2b76f54f - C:\WINDOWS\system32\vgsrayfn.dll


    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Documents and Settings\utilisateur\Application Data\Mozilla\Firefox\Profiles\tieua13g.default\
    FF -: plugin - C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
    FF -: plugin - C:\Program Files\Adobe\Acrobat 5.0\Reader\browser\nppdf32.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-10 21:39:28
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-10-10 21:42:00

    Avant-CF: 13,962,179,584 octets libres
    Après-CF: 13,949,012,480 octets libres

    WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
    [operating systems]
    C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

    189 --- E O F --- 2008-05-16 12:38:18






    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:52:31, on 10/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {036371A5-B1C3-44AD-B8C4-5EE36A1CB180} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {2D7210C4-686D-4691-B370-7D5775EA9230} - (no file)
    O2 - BHO: (no name) - {4E8126E1-FB11-4A3C-979D-7C72EABAB1E3} - (no file)
    O2 - BHO: (no name) - {530dc8af-ff87-44e2-848e-1f9bf6a932a6} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {75B001FD-1270-4656-9D5F-882F9552F370} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {9d5f27ea-4b24-4539-a49f-88f85ec89a0d} - (no file)
    O2 - BHO: (no name) - {A20854FD-DDB5-4931-8F76-D11EA2364D94} - (no file)
    O2 - BHO: (no name) - {A26F0EEC-3FBB-4177-8791-CC23CC27223E} - (no file)
    O2 - BHO: (no name) - {baca1d50-ccb3-4a19-bfdf-922e09490604} - (no file)
    O2 - BHO: (no name) - {BBD0E43A-1DEE-4241-B140-53E5AD96B342} - (no file)
    O2 - BHO: (no name) - {BCBA2385-F533-4E16-8D7F-F1B103F7D404} - (no file)
    O2 - BHO: (no name) - {BF4C3097-35EB-41CC-BCA5-FE18554A8F4D} - (no file)
    O2 - BHO: (no name) - {C8BEBA79-ED8B-4204-A042-A945C2BAB845} - (no file)
    O2 - BHO: (no name) - {D868C9E0-7BAE-4B42-94A2-A0E37E30D1E0} - (no file)
    O2 - BHO: (no name) - {E47A633F-8359-4971-9166-10EF6E9AA907} - (no file)
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - (no file)
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [tempreg] regsvr32 /s "C:\Program Files\s300\s300_1202966199.dll"
    O4 - HKLM\..\Run: [BM2b76f54f] Rundll32.exe "C:\WINDOWS\system32\vgsrayfn.dll",s
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O20 - AppInit_DLLs: uebogk.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

    --
    End of file - 12339 bytes




    :) 
    11 Octobre 2008 19:02:32

    Re,

    Désactive toute protection résidente ( antivirus…) ! <------- Pense-y !

    Copie le texte se situant dans le cadre ci-dessous : ( Ctrl + C )

    Registry::
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=""


    => Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes

    - Colles y le texte (CTRL + V)
    - Enregistre ce fichier dans : Bureau
    - Nom du fichier : CFScript
    - Type du fichier : tous les fichiers !!
    - Clique sur Enregistrer
    - Quitte le Bloc Notes

    Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :



    * Cela va relancer Combofix : au message qui apparaît ( Type 1 to continue, or 2 to abort), tape 1 puis valide.
    * Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
    * Ne touche à rien tant que le scan n'est pas terminé.
    * Une fois le scan achevé, un rapport va s'afficher : Copie/Colle son contenue sur le forum.
    Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt
    * Poste un nouveau rapport hijackthis.

    ;) 
    15 Octobre 2008 01:01:13

    Bonsoir !


    Voila les nouveaux rapports :



    ComboFix 08-10-14.03 - utilisateur 2008-10-15 0:28:58.3 - NTFSx86
    Lancé depuis: C:\Documents and Settings\utilisateur\Bureau\ComboFix.exe
    Commutateurs utilisés :: C:\Documents and Settings\utilisateur\Bureau\CFScript.txt
    * Un nouveau point de restauration a été créé
    .

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-14 au 2008-10-14 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-14 01:52 . 2008-10-14 01:52 <REP> d-------- C:\Program Files\X'nBeep 1.1
    2008-10-13 03:00 . 2008-10-13 03:03 1,393 --a------ C:\WINDOWS\imsins.BAK
    2008-10-12 20:42 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
    2008-10-12 20:42 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-10-10 20:58 . 2008-10-10 20:58 <REP> d-------- C:\ERDNT
    2008-10-09 19:49 . 2008-10-09 19:49 <REP> d-------- C:\rsit
    2008-10-08 12:11 . 2008-10-08 12:11 <REP> d-------- C:\Documents and Settings\utilisateur\Application Data\Malwarebytes
    2008-10-08 12:11 . 2008-09-10 00:08 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-08 12:10 . 2008-10-08 12:11 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-08 12:10 . 2008-10-08 12:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-08 12:10 . 2008-09-10 00:08 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-07 13:09 . 2008-10-07 19:14 <REP> d-------- C:\Program Files\Navilog1
    2008-10-07 04:00 . 2008-10-07 04:14 <REP> d-------- C:\Lop SD
    2008-10-06 23:34 . 2008-10-06 23:35 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-10-06 18:33 . 2008-10-06 18:33 <REP> d-------- C:\Program Files\Trend Micro
    2008-10-03 03:15 . 2008-10-03 03:20 <REP> d-------- C:\Program Files\SpywareBlaster
    2008-10-03 03:12 . 2008-10-03 03:12 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2008-10-03 03:12 . 2008-10-03 03:12 <REP> d-------- C:\Program Files\Bluetack
    2008-10-03 01:47 . 2008-10-03 01:47 <REP> d-------- C:\Program Files\Avira
    2008-10-03 01:47 . 2008-10-03 01:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-10-02 23:36 . 2008-10-10 12:50 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-10-02 23:36 . 2008-10-02 23:36 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-10-02 03:12 . 2008-10-02 03:12 <REP> d-------- C:\Program Files\Power Tab Software
    2008-09-16 06:27 . 2008-10-06 00:17 3,580 --a------ C:\WINDOWS\wininit.ini
    2008-09-16 04:55 . 2008-10-06 23:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-09-15 17:52 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\REN163.tmp
    2008-09-15 17:50 . 2008-09-15 17:50 <REP> d-------- C:\Program Files\Fichiers communs\Java
    2008-09-15 17:14 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\RENB1.tmp
    2008-09-15 17:10 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\REN9F.tmp

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-13 07:06 --------- d-----w C:\Program Files\Steam
    2008-10-10 19:39 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2008-10-08 01:35 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\OpenOffice.org2
    2008-10-07 20:45 --------- d-----w C:\Program Files\World of Warcraft
    2008-10-07 01:33 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\uTorrent
    2008-10-05 23:36 --------- d-----w C:\Program Files\Mario Forever
    2008-10-05 23:24 --------- d-----w C:\Program Files\Corel
    2008-10-05 23:10 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-09-30 22:24 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-09-29 10:11 --------- d-----w C:\Program Files\MSN Messenger
    2008-09-20 05:38 --------- d-----w C:\Program Files\uTorrent
    2008-09-17 22:32 --------- d-----w C:\Program Files\Nvu
    2008-09-17 22:30 --------- d-----w C:\Program Files\RiseofAtlantis_at
    2008-09-17 22:28 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-09-17 22:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-17 00:49 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\vlc
    2008-09-16 04:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
    2008-09-15 15:52 --------- d-----w C:\Program Files\Java
    2008-09-15 11:03 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-02-12 18:50 168 --sh--r C:\WINDOWS\system32\88DB2A202A.sys
    2008-03-26 13:13 6,266 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    .

    ((((((((((((((((((((((((((((( snapshot@2008-10-12_21.33.17,35 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-02-26 11:49:32 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
    + 2008-07-07 20:18:27 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
    + 2008-07-07 20:28:20 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
    + 2008-07-07 20:24:11 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
    + 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll
    + 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe
    + 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll
    + 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
    + 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll
    + 2008-07-14 11:03:00 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
    + 2008-07-11 12:42:28 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
    + 2008-07-11 12:51:51 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
    + 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll
    + 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe
    + 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll
    + 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
    + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll
    + 2008-05-07 04:55:47 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
    + 2008-05-07 05:11:24 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
    + 2008-05-07 05:04:59 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
    + 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
    + 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
    + 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
    + 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
    + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
    + 2006-08-16 12:13:24 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
    + 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
    + 2008-06-20 17:37:01 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
    + 2008-06-20 17:37:01 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
    + 2008-06-20 10:44:42 360,960 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
    + 2008-06-20 09:32:39 225,920 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
    + 2008-06-20 11:40:08 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
    + 2008-06-20 17:47:22 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
    + 2008-06-20 17:47:22 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
    + 2008-06-20 11:51:12 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
    + 2008-06-20 11:08:27 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
    + 2008-06-20 11:48:03 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
    + 2008-06-20 17:44:02 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
    + 2008-06-20 17:44:02 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
    + 2008-06-20 11:59:02 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    + 2008-06-20 11:16:44 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
    + 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll
    + 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spuninst.exe
    + 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\spcustom.dll
    + 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
    + 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\updspapi.dll
    + 2008-06-24 16:30:27 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP2QFE\mscms.dll
    + 2008-06-24 16:44:02 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3GDR\mscms.dll
    + 2008-06-24 16:53:52 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll
    + 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll
    + 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe
    + 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll
    + 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
    + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll
    + 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
    + 2008-03-01 12:58:06 124,928 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\advpack.dll
    + 2008-03-01 12:58:06 347,136 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtmsft.dll
    + 2008-03-01 12:58:06 214,528 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtrans.dll
    + 2008-03-01 12:58:06 133,120 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\extmgr.dll
    + 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\icardie.dll
    + 2008-02-29 08:56:41 70,656 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe
    + 2008-03-01 12:58:06 153,088 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakeng.dll
    + 2008-03-01 12:58:06 230,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieaksie.dll
    + 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakui.dll
    + 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieapfltr.dll
    + 2008-03-01 12:58:07 384,512 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll
    + 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
    + 2008-03-01 12:58:08 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iernonce.dll
    + 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
    + 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe
    + 2008-02-29 08:57:05 625,664 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
    + 2008-03-01 12:58:08 27,648 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\jsproxy.dll
    + 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeeds.dll
    + 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeedsbs.dll
    + 2008-03-01 16:28:10 3,591,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtml.dll
    + 2008-03-01 12:58:09 478,208 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtmled.dll
    + 2008-03-01 12:58:10 193,024 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll
    + 2008-03-01 12:58:10 671,232 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mstime.dll
    + 2008-03-01 12:58:10 102,912 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\occache.dll
    + 2008-03-01 12:58:10 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\pngfilt.dll
    + 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe
    + 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\updspapi.dll
    + 2008-03-01 12:58:10 105,984 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\url.dll
    + 2008-03-01 12:58:10 1,159,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\urlmon.dll
    + 2008-03-01 12:58:11 233,472 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\webcheck.dll
    + 2008-03-01 12:58:11 826,368 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
    - 2008-03-01 12:58:06 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
    + 2008-06-23 16:28:17 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
    - 2008-03-01 12:58:06 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
    + 2008-06-23 16:28:17 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
    - 2004-08-05 12:00:00 138,496 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
    + 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
    - 2008-02-20 05:35:05 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
    + 2008-06-20 17:41:06 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
    - 2008-03-01 12:58:06 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    + 2008-06-23 16:28:17 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    - 2008-03-01 12:58:06 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    + 2008-06-23 16:28:17 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    - 2005-07-26 04:39:58 243,200 ----a-w C:\WINDOWS\system32\dllcache\es.dll
    + 2008-07-07 20:31:48 253,952 ----a-w C:\WINDOWS\system32\dllcache\es.dll
    - 2008-03-01 12:58:06 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
    + 2008-06-23 16:28:17 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
    - 2008-03-01 12:58:06 63,488 ----a-w C:\WINDOWS\system32\dllcache\icardie.dll
    + 2008-06-23 16:28:17 63,488 ----a-w C:\WINDOWS\system32\dllcache\icardie.dll
    - 2008-02-29 08:56:41 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    + 2008-06-23 09:21:30 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    - 2008-03-01 12:58:06 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
    + 2008-06-23 16:28:18 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
    - 2008-03-01 12:58:06 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
    + 2008-06-23 16:28:18 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
    - 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
    + 2008-06-21 05:23:54 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
    - 2008-03-01 12:58:07 383,488 ----a-w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    + 2008-06-23 16:28:18 383,488 ----a-w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    - 2008-03-01 12:58:07 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    + 2008-06-23 16:28:18 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    - 2008-03-01 12:58:08 6,066,176 ----a-w C:\WINDOWS\system32\dllcache\ieframe.dll
    + 2008-06-23 16:28:19 6,066,176 ----a-w C:\WINDOWS\system32\dllcache\ieframe.dll
    - 2008-03-01 12:58:08 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
    + 2008-06-23 16:28:19 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
    - 2008-03-01 12:58:08 267,776 ----a-w C:\WINDOWS\system32\dllcache\iertutil.dll
    + 2008-06-23 16:28:20 267,776 ----a-w C:\WINDOWS\system32\dllcache\iertutil.dll
    - 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\dllcache\ieudinit.exe
    + 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\dllcache\ieudinit.exe
    - 2008-02-29 08:57:05 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
    + 2008-06-23 09:21:49 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
    - 2007-08-21 06:17:24 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
    + 2008-04-11 18:51:06 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
    - 2008-03-01 12:58:08 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
    + 2008-06-23 16:28:20 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
    - 2004-08-05 12:00:00 331,776 ----a-w C:\WINDOWS\system32\dllcache\msadce.dll
    + 2008-05-01 14:31:48 331,776 ----a-w C:\WINDOWS\system32\dllcache\msadce.dll
    - 2005-06-29 01:49:42 74,240 ----a-w C:\WINDOWS\system32\dllcache\mscms.dll
    + 2008-06-24 16:23:56 74,240 ----a-w C:\WINDOWS\system32\dllcache\mscms.dll
    - 2004-08-05 12:00:00 294,400 ----a-w C:\WINDOWS\system32\dllcache\msctf.dll
    + 2008-02-26 12:00:31 294,912 ----a-w C:\WINDOWS\system32\dllcache\msctf.dll
    - 2008-03-01 12:58:08 459,264 ----a-w C:\WINDOWS\system32\dllcache\msfeeds.dll
    + 2008-06-23 16:28:20 459,264 ----a-w C:\WINDOWS\system32\dllcache\msfeeds.dll
    - 2008-03-01 12:58:08 52,224 ----a-w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    + 2008-06-23 16:28:20 52,224 ----a-w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    - 2008-03-01 16:28:10 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    + 2008-06-24 08:28:24 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    - 2008-03-01 12:58:09 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    + 2008-06-23 16:28:22 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    - 2008-03-01 12:58:10 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
    + 2008-06-23 16:28:22 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
    - 2008-03-01 12:58:10 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
    + 2008-06-23 16:28:22 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
    - 2004-08-05 14:00:00 247,808 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
    + 2008-06-20 17:41:06 247,808 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
    - 2008-03-01 12:58:10 102,912 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
    + 2008-06-23 16:28:22 102,912 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
    - 2008-03-01 12:58:10 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    + 2008-06-23 16:28:22 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    - 2007-10-29 22:43:32 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
    + 2008-05-07 05:15:36 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
    - 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
    + 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
    - 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
    + 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
    - 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
    + 2008-06-20 09:52:06 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
    - 2008-03-01 12:58:10 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
    + 2008-06-23 16:28:22 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
    - 2008-03-01 12:58:10 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    + 2008-06-23 16:28:23 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    - 2008-03-01 12:58:11 233,472 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
    + 2008-06-23 16:28:23 233,472 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
    - 2008-03-01 12:58:11 826,368 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
    + 2008-06-23 16:28:23 826,368 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
    - 2008-02-20 05:35:05 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
    + 2008-06-20 17:41:06 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
    - 2004-08-05 12:00:00 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
    + 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
    - 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
    + 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    - 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
    + 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
    - 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
    + 2008-06-20 09:52:06 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
    - 2008-03-01 12:58:06 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
    + 2008-06-23 16:28:17 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
    - 2008-03-01 12:58:06 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
    + 2008-06-23 16:28:17 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
    - 2005-07-26 04:39:58 243,200 ----a-w C:\WINDOWS\system32\es.dll
    + 2008-07-07 20:31:48 253,952 ----a-w C:\WINDOWS\system32\es.dll
    - 2008-03-01 12:58:06 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
    + 2008-06-23 16:28:17 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
    - 2008-03-01 12:58:06 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
    + 2008-06-23 16:28:17 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
    - 2008-02-29 08:56:41 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
    + 2008-06-23 09:21:30 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
    - 2008-03-01 12:58:06 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
    + 2008-06-23 16:28:18 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
    - 2008-03-01 12:58:06 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
    + 2008-06-23 16:28:18 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
    - 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
    + 2008-06-21 05:23:54 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
    - 2008-03-01 12:58:07 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
    + 2008-06-23 16:28:18 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
    - 2008-03-01 12:58:07 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
    + 2008-06-23 16:28:18 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
    - 2008-03-01 12:58:08 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
    + 2008-06-23 16:28:19 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
    - 2008-03-01 12:58:08 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
    + 2008-06-23 16:28:19 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
    - 2008-03-01 12:58:08 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
    + 2008-06-23 16:28:20 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
    - 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
    + 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
    - 2007-08-21 06:17:24 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    + 2008-04-11 18:51:06 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    - 2008-03-01 12:58:08 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
    + 2008-06-23 16:28:20 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
    - 2005-06-29 01:49:42 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
    + 2008-06-24 16:23:56 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
    - 2004-08-05 12:00:00 294,400 ----a-w C:\WINDOWS\system32\MSCTF.dll
    + 2008-02-26 12:00:31 294,912 ----a-w C:\WINDOWS\system32\msctf.dll
    - 2008-03-01 12:58:08 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
    + 2008-06-23 16:28:20 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
    - 2008-03-01 12:58:08 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
    + 2008-06-23 16:28:20 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
    - 2008-03-01 16:28:10 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
    + 2008-06-24 08:28:24 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
    - 2008-03-01 12:58:09 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
    + 2008-06-23 16:28:22 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
    - 2008-03-01 12:58:10 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
    + 2008-06-23 16:28:22 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
    - 2008-03-01 12:58:10 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
    + 2008-06-23 16:28:22 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
    - 2004-08-05 12:00:00 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
    + 2008-06-20 17:41:06 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
    - 2008-03-01 12:58:10 102,912 ----a-w C:\WINDOWS\system32\occache.dll
    + 2008-06-23 16:28:22 102,912 ----a-w C:\WINDOWS\system32\occache.dll
    - 2008-03-01 12:58:10 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
    + 2008-06-23 16:28:22 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
    - 2007-10-29 22:43:32 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    + 2008-05-07 05:15:36 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    - 2006-10-16 14:10:58 14,640 ----a-w C:\WINDOWS\system32\spmsg.dll
    + 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll
    - 2007-11-13 11:31:11 60,416 ----a-w C:\WINDOWS\system32\tzchange.exe
    + 2008-07-14 11:09:18 62,976 ----a-w C:\WINDOWS\system32\tzchange.exe
    - 2008-03-01 12:58:10 105,984 ----a-w C:\WINDOWS\system32\url.dll
    + 2008-06-23 16:28:22 105,984 ----a-w C:\WINDOWS\system32\url.dll
    - 2008-03-01 12:58:10 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
    + 2008-06-23 16:28:23 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
    - 2008-03-01 12:58:11 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
    + 2008-06-23 16:28:23 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
    - 2008-03-01 12:58:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    + 2008-06-23 16:28:23 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    - 2006-10-18 19:47:20 295,936 ----a-w C:\WINDOWS\system32\wmpeffects.dll
    + 2008-06-24 16:12:58 295,936 ----a-w C:\WINDOWS\system32\wmpeffects.dll
    + 2008-04-15 17:56:59 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
    .
    -- Instantané actualisé --
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
    "Steam"="c:\program files\steam\steam.exe" [2008-10-08 1410296]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 2156368]
    "X'nBeep"="C:\Program Files\X'nBeep 1.1\XnBeep.exe" [2007-01-06 1067520]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-12-16 98394]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-12-16 688218]
    "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-10-12 100056]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "SSC_UserPrompt"="c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-11-02 218240]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 286720]
    "Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2004-09-21 81920]
    "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
    "NB Probe"="C:\Program Files\ASUS\NB Probe\NBProbe.exe" [2004-12-08 765952]
    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-08-06 385024]
    "HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2004-11-03 94208]
    "FLMOFFICE4DMOUSE"="C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe" [2007-10-21 370176]
    "EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [2004-08-06 356352]
    "ccApp"="c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-01-09 58984]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-30 344064]
    "ASUS Live Update"="C:\Program Files\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 172032]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
    "SoundMan"="SOUNDMAN.EXE" [2004-12-16 C:\WINDOWS\SOUNDMAN.EXE]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]
    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe [2005-05-06 32768]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
    2004-08-06 16:48 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "vidc.asv2"= asusasv2.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=

    R0 rmedia;Ricoh MediaCard Driver;C:\WINDOWS\system32\DRIVERS\rmedia.sys [2004-09-14 67456]
    R3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
    R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D.sys [2004-07-06 44544]
    S3 Asushwio;Asushwio;C:\WINDOWS\system32\drivers\Asushwio.sys [2000-03-29 5824]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
    \Shell\AutoRun\command - E:\autorun.exe
    .
    Contenu du dossier 'Tâches planifiées'

    2008-10-14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 13:42]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    BHO-{036371A5-B1C3-44AD-B8C4-5EE36A1CB180} - (no file)
    BHO-{2D7210C4-686D-4691-B370-7D5775EA9230} - (no file)
    BHO-{4E8126E1-FB11-4A3C-979D-7C72EABAB1E3} - (no file)
    BHO-{530dc8af-ff87-44e2-848e-1f9bf6a932a6} - (no file)
    BHO-{75B001FD-1270-4656-9D5F-882F9552F370} - (no file)
    BHO-{9d5f27ea-4b24-4539-a49f-88f85ec89a0d} - (no file)
    BHO-{A26F0EEC-3FBB-4177-8791-CC23CC27223E} - (no file)
    BHO-{baca1d50-ccb3-4a19-bfdf-922e09490604} - (no file)
    BHO-{BBD0E43A-1DEE-4241-B140-53E5AD96B342} - (no file)
    BHO-{BCBA2385-F533-4E16-8D7F-F1B103F7D404} - (no file)
    BHO-{BF4C3097-35EB-41CC-BCA5-FE18554A8F4D} - (no file)
    BHO-{C8BEBA79-ED8B-4204-A042-A945C2BAB845} - (no file)
    BHO-{D868C9E0-7BAE-4B42-94A2-A0E37E30D1E0} - (no file)
    BHO-{E47A633F-8359-4971-9166-10EF6E9AA907} - (no file)



    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-15 00:33:23
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-10-15 0:35:59
    ComboFix-quarantined-files.txt 2008-10-14 22:35:23
    ComboFix2.txt 2008-10-12 19:34:29
    ComboFix3.txt 2008-10-10 19:42:03

    Avant-CF: 13 499 587 072 octets libres
    Après-CF: 13,490,051,072 octets libres

    419 --- E O F --- 2008-10-13 01:04:05




    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:00:30, on 15/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = "http://www.daemon-search.com/startpage
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {036371A5-B1C3-44AD-B8C4-5EE36A1CB180} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {2D7210C4-686D-4691-B370-7D5775EA9230} - (no file)
    O2 - BHO: (no name) - {4E8126E1-FB11-4A3C-979D-7C72EABAB1E3} - (no file)
    O2 - BHO: (no name) - {530dc8af-ff87-44e2-848e-1f9bf6a932a6} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {75B001FD-1270-4656-9D5F-882F9552F370} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {9d5f27ea-4b24-4539-a49f-88f85ec89a0d} - (no file)
    O2 - BHO: (no name) - {A20854FD-DDB5-4931-8F76-D11EA2364D94} - (no file)
    O2 - BHO: (no name) - {A26F0EEC-3FBB-4177-8791-CC23CC27223E} - (no file)
    O2 - BHO: (no name) - {baca1d50-ccb3-4a19-bfdf-922e09490604} - (no file)
    O2 - BHO: (no name) - {BBD0E43A-1DEE-4241-B140-53E5AD96B342} - (no file)
    O2 - BHO: (no name) - {BCBA2385-F533-4E16-8D7F-F1B103F7D404} - (no file)
    O2 - BHO: (no name) - {BF4C3097-35EB-41CC-BCA5-FE18554A8F4D} - (no file)
    O2 - BHO: (no name) - {C8BEBA79-ED8B-4204-A042-A945C2BAB845} - (no file)
    O2 - BHO: (no name) - {D868C9E0-7BAE-4B42-94A2-A0E37E30D1E0} - (no file)
    O2 - BHO: (no name) - {E47A633F-8359-4971-9166-10EF6E9AA907} - (no file)
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - (no file)
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [X'nBeep] C:\Program Files\X'nBeep 1.1\XnBeep.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

    --
    End of file - 12286 bytes




    :hello: 
    15 Octobre 2008 23:50:05

    :hello:  Bonjour,

    ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://www.kaspersky.com/kos/eng/partner/default/kavweb...
  • Clique sur Accept
  • Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
  • clique une nouvelle fois sur "Accept"
  • Les bases de mises à jour vont s'installer, patiente un moment
  • Clique sur Next.
  • Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera. Et poste-moi le rapport que tu obtiens.

    Comment va le PC ? Toujours des problèmes ?

    ;) 
    1 Novembre 2008 08:13:59

    Bonjour !

    Désolé de ne pas avoir répondu plus tôt, j'ai été pas mal occupé ces derniers temps.

    Mon PC va très bien, plus de problème non !



    Voila donc le rapport de Kaspersky :



    --------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER 7 REPORT
    Saturday, November 1, 2008
    Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
    Kaspersky Online Scanner 7 version: 7.0.25.0
    Program database last update: Friday, October 31, 2008 21:39:28
    Records in database: 1365321
    --------------------------------------------------------------------------------

    Scan settings:
    Scan using the following database: extended
    Scan archives: yes
    Scan mail databases: yes

    Scan area - My Computer:
    C:\
    D:\
    E:\

    Scan statistics:
    Files scanned: 111713
    Threat name: 1
    Infected objects: 1
    Suspicious objects: 0
    Duration of the scan: 02:26:22


    File name / Threat name / Threats count
    E:\Outils\Nav\Mirc\Setup.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 1

    The selected area was scanned.



    A bientôt !

    :) 
    1 Novembre 2008 22:50:22

    :hello:  Bonsoir,

    Poste-moi un nouveau rapport HijackThis stp.

    ;) 
    3 Novembre 2008 02:13:51

    Bonsoir / Bonjour !



    Le nouveau rapport :




    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 02:12:26, on 03/11/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    c:\Program Files\Norton Internet Security\ISSVC.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Curse\CurseClient.exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\freecell.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = "http://www.daemon-search.com/startpage
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {036371A5-B1C3-44AD-B8C4-5EE36A1CB180} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {2D7210C4-686D-4691-B370-7D5775EA9230} - (no file)
    O2 - BHO: (no name) - {4E8126E1-FB11-4A3C-979D-7C72EABAB1E3} - (no file)
    O2 - BHO: (no name) - {530dc8af-ff87-44e2-848e-1f9bf6a932a6} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {75B001FD-1270-4656-9D5F-882F9552F370} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {9d5f27ea-4b24-4539-a49f-88f85ec89a0d} - (no file)
    O2 - BHO: (no name) - {A20854FD-DDB5-4931-8F76-D11EA2364D94} - (no file)
    O2 - BHO: (no name) - {A26F0EEC-3FBB-4177-8791-CC23CC27223E} - (no file)
    O2 - BHO: (no name) - {baca1d50-ccb3-4a19-bfdf-922e09490604} - (no file)
    O2 - BHO: (no name) - {BBD0E43A-1DEE-4241-B140-53E5AD96B342} - (no file)
    O2 - BHO: (no name) - {BCBA2385-F533-4E16-8D7F-F1B103F7D404} - (no file)
    O2 - BHO: (no name) - {BF4C3097-35EB-41CC-BCA5-FE18554A8F4D} - (no file)
    O2 - BHO: (no name) - {C8BEBA79-ED8B-4204-A042-A945C2BAB845} - (no file)
    O2 - BHO: (no name) - {D868C9E0-7BAE-4B42-94A2-A0E37E30D1E0} - (no file)
    O2 - BHO: (no name) - {E47A633F-8359-4971-9166-10EF6E9AA907} - (no file)
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - (no file)
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-4550XP WIRELESS OPTICAL MINI MOUSE\Mouse32a.exe
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [X'nBeep] C:\Program Files\X'nBeep 1.1\XnBeep.exe
    O4 - HKCU\..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe -silent
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

    --
    End of file - 12476 bytes



    :) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS