Votre question

Pub et lag tout le temps :s

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
15 Octobre 2008 19:08:18

Voilà depuis que j'ai installé un logiciel (adsl TV) je suis victime de pub intempestive (toutes les 5min) et mon PC ram énormément...

Voilà alors le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:08:00, on 15/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Simon\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dufpy.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [5406da8a] rundll32.exe "C:\WINDOWS\system32\rrsrrqfq.dll",b
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O20 - AppInit_DLLs: omsrcr.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe

--
End of file - 7397 bytes


Merci de votre aide :) 

Autres pages sur : pub lag temps

a b 8 Sécurité
15 Octobre 2008 20:01:05

Un bonjour ?

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    15 Octobre 2008 20:34:45

    Re-bonsoir, excuse moi...

    Voilà j'ai le rapport...

    ComboFix 08-10-15.01 - Simon 2008-10-15 20:15:20.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2464 [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\Simon\Bureau\ComboFix.exe
    * Un nouveau point de restauration a été créé

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\DOCUME~1\Simon\LOCALS~1\Temp\svchost.exe
    C:\WINDOWS\system32\cbXQheBq.dll
    C:\WINDOWS\system32\csojdfsn.dll
    C:\WINDOWS\system32\eyiafifu.dll
    C:\WINDOWS\system32\geBspoNd.dll
    C:\WINDOWS\system32\hfxkrykr.dll
    C:\WINDOWS\system32\khfEWqnO.dll
    C:\WINDOWS\system32\kxiihb.dll
    C:\WINDOWS\system32\mlJyawuU.dll
    C:\WINDOWS\system32\nnnoMFuv.dll
    C:\WINDOWS\system32\nsfdjosc.ini
    C:\WINDOWS\system32\omsrcr.dll
    C:\WINDOWS\system32\qBehQXbc.ini
    C:\WINDOWS\system32\qBehQXbc.ini2
    C:\WINDOWS\system32\qfqrrsrr.ini
    C:\WINDOWS\system32\qgcoruge.exe
    C:\WINDOWS\system32\rrsrrqfq.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-15 au 2008-10-15 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-15 19:40 . 2008-10-15 19:40 <REP> d-------- C:\Program Files\MSBuild
    2008-10-15 19:40 . 2008-10-15 19:40 <REP> d-------- C:\Program Files\Microsoft Works
    2008-10-15 19:28 . 2008-10-15 19:38 <REP> d-------- C:\WINDOWS\SHELLNEW
    2008-10-15 19:27 . 2008-10-15 20:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-10-15 19:23 . 2008-10-15 19:23 <REP> dr-h----- C:\MSOCache
    2008-10-14 20:03 . 2008-10-15 19:20 <REP> d-------- C:\Program Files\adslTV
    2008-10-14 19:55 . 2008-10-15 19:19 <REP> d-------- C:\Documents and Settings\Simon\Application Data\vlc
    2008-10-14 19:54 . 2008-10-14 19:54 <REP> d-------- C:\Program Files\VideoLAN
    2008-10-12 20:52 . 2008-10-12 20:52 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Apple Computer
    2008-10-12 10:54 . 2008-10-12 10:54 <REP> d-------- C:\WINDOWS\Sun
    2008-10-09 20:31 . 2008-10-09 20:31 <REP> d-------- C:\Program Files\Java
    2008-10-09 20:31 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-10-09 20:30 . 2008-10-09 20:30 <REP> d-------- C:\Program Files\Fichiers communs\Java
    2008-10-08 19:36 . 2008-10-08 19:36 <REP> d-------- C:\English study
    2008-10-08 19:21 . 2008-10-08 19:21 <REP> d-------- C:\Program Files\Auralog
    2008-10-08 19:21 . 2008-10-08 20:06 11 --a------ C:\trace.ini
    2008-10-08 18:56 . 2008-10-08 18:56 <REP> d-------- C:\Documents and Settings\Simon\WINDOWS
    2008-10-08 18:55 . 1998-01-26 21:45 155,648 --a------ C:\WINDOWS\FraUinst.exe
    2008-10-08 18:55 . 1998-06-25 14:13 28,160 --a------ C:\WINDOWS\UnSetup.exe
    2008-10-08 18:54 . 2008-10-08 20:12 <REP> d-------- C:\TeLLmeMore
    2008-10-05 12:26 . 2008-10-06 09:09 <REP> d-------- C:\Program Files\Unlocker
    2008-10-05 12:26 . 2008-10-05 12:26 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Desktopicon
    2008-10-05 12:08 . 2008-10-05 12:08 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Disney Interactive Studios
    2008-10-05 11:59 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
    2008-10-05 11:58 . 2008-10-05 11:58 <REP> d-------- C:\WINDOWS\Logs
    2008-10-05 11:53 . 2008-10-05 11:53 236 --a------ C:\sqmdata00.sqm
    2008-10-05 11:53 . 2008-10-05 11:53 200 --a------ C:\sqmnoopt00.sqm
    2008-10-05 11:24 . 2008-10-05 11:24 <REP> d-------- C:\Program Files\Rockstar Games
    2008-10-04 19:34 . 2008-10-15 20:27 <REP> d-------- C:\Documents and Settings\Simon\Tracing
    2008-10-04 19:32 . 2008-10-04 19:32 <REP> d-------- C:\Program Files\Microsoft
    2008-10-04 19:28 . 2008-10-04 19:28 <REP> d-------- C:\Program Files\Fichiers communs\Windows Live
    2008-10-01 13:28 . 2008-10-05 11:50 318 --a------ C:\WINDOWS\WPE PRO.INI
    2008-09-24 19:57 . 2008-09-25 19:55 111 --a------ C:\WINDOWS\GMouse.ini
    2008-09-20 18:04 . 2008-10-02 14:32 28 --a------ C:\WINDOWS\ODBC.INI
    2008-09-18 22:54 . 2008-09-18 22:55 <REP> d-------- C:\Program Files\QuickTime
    2008-09-18 22:54 . 2008-09-18 22:54 <REP> d-------- C:\Program Files\Fichiers communs\Apple
    2008-09-18 22:54 . 2008-09-18 22:54 <REP> d-------- C:\Program Files\Apple Software Update
    2008-09-18 22:54 . 2008-10-12 20:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-09-18 22:54 . 2008-09-18 22:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2008-09-18 22:41 . 2008-09-18 22:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
    2008-09-18 22:38 . 2008-09-18 22:38 <REP> d-------- C:\Program Files\Bonjour
    2008-09-18 22:31 . 2008-09-18 22:31 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
    2008-09-18 22:27 . 2008-09-18 22:27 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Media Player Classic
    2008-09-18 22:17 . 2008-09-18 22:18 <REP> d-------- C:\Program Files\K-Lite Codec Pack
    2008-09-18 21:54 . 2008-10-08 19:59 <REP> d-------- C:\Program Files\PowerISO
    2008-09-18 19:59 . 2008-09-18 19:59 <REP> d-------- C:\Program Files\MSXML 4.0
    2008-09-18 09:05 . 2008-10-14 19:50 69 --a------ C:\WINDOWS\NeroDigital.ini
    2008-09-18 09:02 . 2008-09-18 09:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
    2008-09-18 08:30 . 2008-09-18 08:30 <REP> d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
    2008-09-18 08:28 . 2008-09-18 08:28 82,432 --a------ C:\WINDOWS\system32\msxml4r.dll
    2008-09-18 08:27 . 2008-09-18 08:27 <REP> d-------- C:\WINDOWS\system32\fr
    2008-09-18 08:27 . 2008-09-18 08:27 <REP> d-------- C:\WINDOWS\l2schemas
    2008-09-18 08:17 . 2008-09-28 20:16 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
    2008-09-17 20:36 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
    2008-09-17 20:18 . 2008-09-23 17:39 <REP> d-------- C:\Program Files\Dofus
    2008-09-17 20:13 . 2008-09-17 20:13 <REP> d-------- C:\Program Files\Windows Media Connect 2
    2008-09-17 20:12 . 2008-04-14 04:33 712,704 --------- C:\WINDOWS\system32\windowscodecs.dll
    2008-09-17 20:12 . 2008-04-14 04:33 346,112 --------- C:\WINDOWS\system32\windowscodecsext.dll
    2008-09-17 20:12 . 2008-04-14 04:33 276,992 --------- C:\WINDOWS\system32\wmphoto.dll
    2008-09-17 20:12 . 2008-04-14 04:33 69,120 --------- C:\WINDOWS\system32\wlanapi.dll
    2008-09-17 20:12 . 2008-04-14 04:33 53,248 --------- C:\WINDOWS\system32\tsgqec.dll
    2008-09-17 20:12 . 2008-04-14 04:33 50,688 --------- C:\WINDOWS\system32\tspkg.dll
    2008-09-17 20:12 . 2008-04-14 04:34 28,672 --------- C:\WINDOWS\system32\verclsid.exe
    2008-09-17 19:55 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
    2008-09-17 19:55 . 2008-07-18 22:07 210,976 --a------ C:\WINDOWS\system32\muweb.dll
    2008-09-17 19:55 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
    2008-09-17 00:04 . 2008-06-14 19:33 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-09-17 00:00 . 2008-04-11 21:05 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
    2008-09-17 00:00 . 2008-05-01 16:36 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
    2008-09-17 00:00 . 2008-05-08 16:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
    2008-09-16 23:58 . 2008-09-16 23:58 <REP> d-------- C:\Program Files\Alwil Software
    2008-09-16 23:58 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
    2008-09-16 23:58 . 2003-03-18 21:14 499,712 --a------ C:\WINDOWS\system32\MSVCP71.dll
    2008-09-16 23:58 . 2003-02-21 05:42 348,160 --a------ C:\WINDOWS\system32\MSVCR71.dll
    2008-09-16 23:52 . 2008-09-16 23:52 <REP> d-------- C:\Program Files\DAEMON Tools Toolbar
    2008-09-16 23:52 . 2008-09-17 00:01 <REP> d-------- C:\Program Files\DAEMON Tools Lite
    2008-09-16 23:52 . 2008-09-16 23:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2008-09-16 23:48 . 2008-09-16 23:48 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Ahead
    2008-09-16 23:47 . 2008-09-16 23:47 <REP> d-------- C:\Program Files\Nero
    2008-09-16 23:47 . 2008-09-16 23:49 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
    2008-09-16 23:47 . 2008-09-16 23:47 <REP> d-------- C:\Documents and Settings\Simon\Application Data\DAEMON Tools
    2008-09-16 23:47 . 2008-09-16 23:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Nero
    2008-09-16 23:47 . 2008-09-16 23:47 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2008-09-16 23:23 . 2008-09-16 23:23 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_xusb21_01005.Wdf
    2008-09-16 23:21 . 2008-10-15 07:00 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Azureus
    2008-09-16 23:21 . 2008-09-16 23:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Azureus
    2008-09-16 23:21 . 2008-10-05 19:07 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
    2008-09-16 23:20 . 2008-09-16 23:20 <REP> d-------- C:\Program Files\Vuze
    2008-09-16 23:20 . 2008-09-16 23:21 <REP> d-------- C:\Program Files\AskSBar
    2008-09-16 23:17 . 2008-10-04 19:50 <REP> d-------- C:\Program Files\Messenger Plus! Live
    2008-09-16 23:16 . 2008-10-15 20:26 <REP> d-------- C:\Program Files\RamBoost XP
    2008-09-16 23:15 . 2008-09-16 23:17 <REP> d-------- C:\Documents and Settings\Simon\Contacts
    2008-09-16 23:14 . 2008-09-16 23:14 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
    2008-09-16 23:06 . 2008-10-04 19:32 <REP> d-------- C:\Program Files\Windows Live
    2008-09-16 23:06 . 2008-09-16 23:14 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2008-09-16 23:06 . 2008-09-16 23:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-09-16 22:53 . 2008-09-16 22:53 <REP> d-------- C:\Program Files\NetWaiting
    2008-09-16 22:53 . 2007-06-19 19:29 984,064 -ra------ C:\WINDOWS\system32\drivers\HSX_DPV.sys
    2008-09-16 22:53 . 2007-06-19 19:28 660,480 -ra------ C:\WINDOWS\system32\drivers\HSX_CNXT.sys
    2008-09-16 22:53 . 2007-07-09 22:28 386,560 --a------ C:\WINDOWS\system32\drivers\XAudio.exe
    2008-09-16 22:53 . 2007-07-23 23:08 217,088 --a------ C:\WINDOWS\system32\UCI32M21.dll
    2008-09-16 22:53 . 2007-06-19 19:28 208,896 -ra------ C:\WINDOWS\system32\drivers\HSXHWAZL.sys
    2008-09-16 22:53 . 2007-06-30 06:38 143,829 --a------ C:\WINDOWS\system32\drivers\HSFProf.cty
    2008-09-16 22:53 . 2007-07-09 22:27 8,704 --a------ C:\WINDOWS\system32\drivers\XAudio.sys
    2008-09-16 22:52 . 2008-09-16 22:52 <REP> d-------- C:\Program Files\7-Zip
    2008-09-16 22:33 . 2008-09-16 22:53 <REP> d-------- C:\Program Files\CONEXANT
    2008-09-16 22:24 . 2008-09-16 22:24 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
    2008-09-16 22:24 . 2008-09-16 22:24 <REP> d-------- C:\Program Files\Aspyr
    2008-09-16 22:24 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
    2008-09-16 22:24 . 2004-09-04 03:00 90,112 --a------ C:\WINDOWS\system32\snymsico.dll
    2008-09-16 22:24 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
    2008-09-16 22:24 . 2007-01-23 16:40 42,496 --a------ C:\WINDOWS\system32\drivers\rimsptsk.sys
    2008-09-16 22:24 . 2007-02-24 14:42 39,936 --a------ C:\WINDOWS\system32\drivers\rimmptsk.sys
    2008-09-16 22:24 . 2007-03-21 22:02 37,376 --a------ C:\WINDOWS\system32\drivers\rixdptsk.sys
    2008-09-16 22:24 . 2005-05-07 12:06 16,480 --a------ C:\WINDOWS\system32\rixdicon.dll
    2008-09-16 22:21 . 2008-09-16 22:21 0 --a------ C:\WINDOWS\nsreg.dat
    2008-09-16 22:18 . 2008-09-16 22:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    2008-09-16 22:17 . 2008-09-16 22:17 <REP> d-------- C:\Documents and Settings\LocalService\Menu Démarrer
    2008-09-16 22:11 . 2008-09-17 20:12 316,640 --a------ C:\WINDOWS\WMSysPr9.prx
    2008-09-16 22:10 . 2008-09-06 13:58 4,149,248 --a------ C:\WINDOWS\system32\nvvitvsr.dll
    2008-09-16 22:10 . 2008-08-24 02:11 3,764,224 --a------ C:\WINDOWS\system32\nvvitvs.dll
    2008-09-16 22:10 . 2008-08-24 02:11 2,981,888 --a------ C:\WINDOWS\system32\nvwssr.dll
    2008-09-16 22:10 . 2008-08-24 02:11 2,686,976 --a------ C:\WINDOWS\system32\nvwss.dll
    2008-09-16 22:10 . 2008-08-24 02:11 163,908 --a------ C:\WINDOWS\system32\nvsvc32.exe
    2008-09-16 22:10 . 2008-08-24 02:11 81,920 --a------ C:\WINDOWS\system32\nvwddi.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-05 09:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-16 20:32 732,160 ----a-w C:\WINDOWS\system32\drivers\CHDAud.sys
    2008-09-16 20:32 217,088 ----a-w C:\WINDOWS\system32\UCI32A21.dll
    2008-09-16 19:52 --------- d-----w C:\Program Files\ma-config.com
    2008-09-16 19:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\ma-config.com
    2008-09-16 19:19 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2008-09-16 19:19 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
    2008-09-16 19:19 --------- d-----w C:\Program Files\Hewlett-Packard
    2008-09-16 19:18 --------- d-----w C:\Documents and Settings\Simon\Application Data\InstallShield
    2008-09-16 17:57 --------- d-----w C:\Program Files\microsoft frontpage
    2008-09-16 17:54 --------- d-----w C:\Program Files\Services en ligne
    2008-09-08 22:03 51,712 ----a-w C:\WINDOWS\system32\sirenacm.dll
    2008-09-06 11:58 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
    2008-09-06 11:58 453,152 ----a-w C:\WINDOWS\system32\nvudisp.exe
    2008-09-06 11:58 449,056 ----a-w C:\WINDOWS\system32\nvappbar.exe
    2008-09-06 11:58 3,444,736 ----a-w C:\WINDOWS\system32\nvgames.dll
    2008-09-06 11:58 167,936 ----a-w C:\WINDOWS\system32\nvwrszht.dll
    2008-09-06 11:58 1,346,080 ----a-w C:\WINDOWS\system32\nvdspsch.exe
    2008-08-25 01:22 14,208 ----a-w C:\WINDOWS\system32\drivers\nvsmu.sys
    2008-08-21 13:17 453,152 ----a-w C:\WINDOWS\system32\nvusmu.exe
    2008-08-21 13:17 122,880 ----a-w C:\WINDOWS\system32\NVCOSMU.DLL
    2008-08-20 16:35 453,152 ----a-w C:\WINDOWS\system32\nvusmb.exe
    2008-08-20 16:35 122,880 ----a-w C:\WINDOWS\system32\NVCOSMB.DLL
    2008-08-01 09:35 200,704 ----a-w C:\WINDOWS\system32\fdco1ins.dll
    2008-08-01 09:35 200,704 ----a-w C:\WINDOWS\system32\fdco1.dll
    2008-08-01 09:34 9,216 ----a-w C:\WINDOWS\system32\bdco1ins.dll
    2008-08-01 09:34 9,216 ----a-w C:\WINDOWS\system32\bdco1.dll
    2008-07-31 08:41 68,616 ----a-w C:\WINDOWS\system32\XAPOFX1_1.dll
    2008-07-31 08:41 238,088 ----a-w C:\WINDOWS\system32\xactengine3_2.dll
    2008-07-31 08:40 509,448 ----a-w C:\WINDOWS\system32\XAudio2_2.dll
    2008-07-29 11:33 122,880 ----a-w C:\WINDOWS\system32\nvconrm.dll
    2008-07-25 08:34 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    2008-07-25 08:34 683,520 ----a-w C:\WINDOWS\system32\divx.dll
    2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2008-09-09 3513344]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
    "RamBoostXp"="C:\Program Files\RamBoost XP\rambxpfr.exe" [2004-03-09 1542144]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-12 202032]
    "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2008-08-24 13574144]
    "NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2008-08-24 86016]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-06-16 167936]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "nwiz"="nwiz.exe" [2008-08-24 C:\WINDOWS\system32\nwiz.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=omsrcr.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    --a------ 2008-08-08 14:11 490952 C:\Program Files\DAEMON Tools Lite\daemon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
    --a------ 2008-06-16 10:52 167936 C:\Program Files\PowerISO\PWRISOVM.EXE

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Vuze\\Azureus.exe"=
    "C:\\Program Files\\Aspyr\\Guitar Hero III\\GH3.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    R3 Com4QLBEx;Com4QLBEx;C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
    R3 HpqRemHid;HP Remote Control HID Device;C:\WINDOWS\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
    S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-09-02 191656]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86d14bd2-9303-11dd-b9f1-001b24df1a8c}]
    \Shell\AutoRun\command - F:\setupSNK.exe
    .
    Contenu du dossier 'Tâches planifiées'

    2008-09-29 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    BHO-{A462C00C-6161-40B8-8480-B759AD301E3C} - C:\WINDOWS\system32\cbXQheBq.dll
    BHO-{a9a91374-5d49-496c-98dc-a9ac7ab6d812} - C:\WINDOWS\system32\omsrcr.dll
    BHO-{FD417378-F411-4B77-BBEE-4893BB670D4C} - C:\WINDOWS\system32\nnnoMFuv.dll
    HKLM-Run-UnlockerAssistant - C:\Program Files\Unlocker\UnlockerAssistant.exe
    HKLM-Run-5406da8a - C:\WINDOWS\system32\rrsrrqfq.dll
    ShellExecuteHooks-{FD417378-F411-4B77-BBEE-4893BB670D4C} - C:\WINDOWS\system32\nnnoMFuv.dll
    Notify-nnnoMFuv - nnnoMFuv.dll


    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\p5onojen.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr
    FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-15 20:26:36
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    ------------------------ Autres processus actifs ------------------------
    .
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\WINDOWS\system32\verclsid.exe
    .
    **************************************************************************
    .
    Heure de fin: 2008-10-15 20:32:24 - La machine a redémarré
    ComboFix-quarantined-files.txt 2008-10-15 18:32:21

    Avant-CF: 25 047 834 624 octets libres
    Après-CF: 27,685,629,952 octets libres

    298 --- E O F --- 2008-09-18 17:59:51
    Contenus similaires
    a b 8 Sécurité
    16 Octobre 2008 18:52:56

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    19 Octobre 2008 01:26:41

    Impossible de l'installer : MSVBVM60.DLL est introuvable...

    Arf'...
    19 Octobre 2008 19:50:00

    Voici le rapport !

    Malwarebytes' Anti-Malware 1.29
    Version de la base de données: 1288
    Windows 5.1.2600 Service Pack 3

    19/10/2008 15:48:14
    mbam-log-2008-10-19 (15-48-14).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 219677
    Temps écoulé: 1 hour(s), 0 minute(s), 59 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 23

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Documents and Settings\Simon\Application Data\Desktopicon\eBayShortcuts.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\cbXQheBq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\csojdfsn.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\eyiafifu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\geBspoNd.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\hfxkrykr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\khfEWqnO.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\kxiihb.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\mlJyawuU.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\nnnoMFuv.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\omsrcr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\rrsrrqfq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3988B133-1E0F-44B0-91B1-64CDE89B42AA}\RP63\A0011017.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3988B133-1E0F-44B0-91B1-64CDE89B42AA}\RP63\A0011018.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3988B133-1E0F-44B0-91B1-64CDE89B42AA}\RP63\A0011019.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3988B133-1E0F-44B0-91B1-64CDE89B42AA}\RP63\A0011020.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3988B133-1E0F-44B0-91B1-64CDE89B42AA}\RP63\A0011021.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3988B133-1E0F-44B0-91B1-64CDE89B42AA}\RP63\A0011022.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3988B133-1E0F-44B0-91B1-64CDE89B42AA}\RP63\A0011023.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3988B133-1E0F-44B0-91B1-64CDE89B42AA}\RP63\A0011024.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3988B133-1E0F-44B0-91B1-64CDE89B42AA}\RP63\A0011025.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3988B133-1E0F-44B0-91B1-64CDE89B42AA}\RP63\A0011027.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{3988B133-1E0F-44B0-91B1-64CDE89B42AA}\RP63\A0011030.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    a b 8 Sécurité
    19 Octobre 2008 20:21:00

    Reposte un rapport Hijackthis.
    19 Octobre 2008 21:34:58

    Les pubs ont l'air d'avoir disparu, les lag ça dépent, défois un processus utilise 80-100%...

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:33:48, on 19/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\RamBoost XP\rambxpfr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Simon\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dufpy.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking9\Ereg.ini
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: omsrcr.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe

    --
    End of file - 8690 bytes


    Quand j'ai fait ce rapport, UC utilisé=5%... Donc pas de processus qui prennent beaucoup !
    a b 8 Sécurité
    20 Octobre 2008 17:04:57

    Re,

    Télécharge Random's System Information Tool (RSIT) par (random/random[/#f]) et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt [#ff0000](affiché)

  • ainsi que de info.txt (réduit dans la Barre des Tâches).
  • Veille bien à poster l'intégralité des rapports. Vérifie qu'ils soient complets une fois que tu les as postés.

    NB : Les rapports sont sauvegardés dans le dossier C:\rsit
    20 Octobre 2008 20:05:53

    info.txt logfile of random's system information tool 1.04 2008-10-20 20:05:13

    ======Uninstall list======

    -->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
    -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNRecode.exe /UNINSTALL
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
    Adobe After Effects 7.0-->msiexec /I {DD362256-A7A2-4524-9457-213DDC2AFC2A}
    Adobe After Effects CS3 Presets-->MsiExec.exe /I{4B215C29-1A3E-4736-92AA-10C83FA56EB9}
    Adobe After Effects CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\b7dd24a87e82dcf8af8876fd727b7cf\Setup.exe
    Adobe After Effects CS3-->MsiExec.exe /I{8AF3FB06-BDA3-42A3-995C-308812D2F094}
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
    Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
    Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
    Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
    Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
    Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
    Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
    Adobe Setup-->MsiExec.exe /I{2C294A0B-DF22-4023-B168-8C7645B10019}
    Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
    Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
    Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Ask Toolbar-->rundll32 C:\PROGRA~1\AskSBar\bar\1.bin\AskSBar.dll,O
    Assistant de connexion Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
    Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
    Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -I*.INF
    Contacts-->MsiExec.exe /I{C6BDA6E5-B391-4CE5-8D86-B53AC96FFE03}
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
    Dofus 1.25.0-->C:\Program Files\Dofus\uninstall.exe
    Dragon NaturallySpeaking 9-->MsiExec.exe /I{DDDD90B2-80F2-413A-8A8E-38C5076A7DBA}
    erLT-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
    GTA San Andreas-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c -removeonly
    Guitar Hero III-->MsiExec.exe /I{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}
    HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -I*.INF
    High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Documents and Settings\Simon\Bureau\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    HP Quick Launch Buttons 6.40 F1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\Setup.exe -runfromtemp -l0x040c -removeonly uninst
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
    K-Lite Codec Pack 4.1.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x40c UNINSTALL
    Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x040c -removeonly
    Ma-Config.com-->MsiExec.exe /X{1C02A760-1682-49AE-BB54-FA7D63BD3504}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    Nero 7 Ultra Edition-->MsiExec.exe /I{235BBFC6-D863-4066-A01A-3BD504C31036}
    NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly
    NVIDIA Drivers-->C:\WINDOWS\System32\nvuninst.exe UninstallGUI
    PeerTV 1.1.2-->"C:\Program Files\PeerTV\uninstall.exe"
    PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    RamBoost XP 4.0.6-->"C:\Program Files\RamBoost XP\unins000.exe"
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x40c anything
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
    Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
    Security Update for Outlook 2007 (KB946983)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    Update for Office 2007 (KB934391)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
    Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Outlook 2007 Junk Email Filter (kb957258)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E070CDA4-A8DD-47FA-89A0-F5DA5D5DDFF9}
    VLC media player 0.9.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    VNC Free Edition 4.1.3-->"C:\Program Files\RealVNC\VNC4\unins000.exe"
    Vuze-->C:\Program Files\Vuze\uninstall.exe
    Windows Live Bêta (tous les programmes)-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Windows Live Bêta (tous les programmes)-->MsiExec.exe /I{9C4AB6FB-43CD-4ADF-8B59-6C52A6B74324}
    Windows Live Call-->MsiExec.exe /I{868EC13B-52DA-43B9-8C05-50CD897674DF}
    Windows Live Mail-->MsiExec.exe /I{DA0FC90D-5D87-445E-90B4-B938C57FE16F}
    Windows Live Messenger-->MsiExec.exe /X{F72F8316-91E8-4C80-9E39-EBE933E1EDFB}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    Xbox 360 Controller for Windows-->"C:\WINDOWS\$NtUninstall_Xbox_360_CC_Driver$\spuninst\spuninst.exe"

    ======Security center information======

    AV: avast! antivirus 4.8.1229 [VPS 081018-0]

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\QuickTime\QTSystem
    "windir"=%SystemRoot%
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 104 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=6802
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "FP_NO_HOST_CHECK"=NO
    "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

    -----------------EOF-----------------







    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Simon at 2008-10-20 20:04:59
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 23 GB (29%) free of 80 GB
    Total RAM: 3071 MB (66% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:05:09, on 20/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\RamBoost XP\rambxpfr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\RealVNC\VNC4\WinVNC4.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Vuze\Azureus.exe
    C:\Documents and Settings\Simon\Bureau\RSIT.exe
    C:\Program Files\trend micro\Simon.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dufpy.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking9\Ereg.ini
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: omsrcr.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe

    --
    End of file - 8908 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - Ask Toolbar - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-09-16 262144]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-12 202032]
    "NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2008-08-24 13574144]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2008-08-24 86016]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-06-16 167936]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-09-21 55824]
    "ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
    "DNS7reminder"=C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe [2007-03-19 259624]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2008-09-09 3513344]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "RamBoostXp"=C:\Program Files\RamBoost XP\rambxpfr.exe [2004-03-09 1542144]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-08-08 490952]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
    C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
    C:\Program Files\PowerISO\PWRISOVM.EXE [2008-06-16 167936]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    C:\Program Files\Skype\Phone\Skype.exe [2008-09-29 21755688]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
    C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="omsrcr.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
    c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2007-11-15 72208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=
    "NoDrives"=
    "NoDriveAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
    "C:\Program Files\Aspyr\Guitar Hero III\GH3.exe"="C:\Program Files\Aspyr\Guitar Hero III\GH3.exe:*:Enabled:Guitar Hero III"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\Program Files\PeerTV\PeerCast.exe"="C:\Program Files\PeerTV\PeerCast.exe:*:Enabled:p eerCast"
    "C:\Program Files\RealVNC\VNC4\winvnc4.exe"="C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:Enabled:winvnc4.exe"
    "C:\Program Files\RealVNC\VNC4\vncviewer.exe"="C:\Program Files\RealVNC\VNC4\vncviewer.exe:*:Enabled:Run VNC Viewer"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86d14bd2-9303-11dd-b9f1-001b24df1a8c}]
    shell\AutoRun\command - F:\setupSNK.exe


    ======List of files/folders created in the last 1 months======

    2008-10-20 20:04:59 ----D---- C:\rsit
    2008-10-20 20:04:59 ----D---- C:\Program Files\trend micro
    2008-10-20 19:31:37 ----D---- C:\Program Files\SystemRequirementsLab
    2008-10-20 19:31:29 ----D---- C:\Documents and Settings\Simon\Application Data\SystemRequirementsLab
    2008-10-19 21:57:46 ----D---- C:\Program Files\PeerTV
    2008-10-19 21:54:06 ----D---- C:\Program Files\RealVNC
    2008-10-19 16:35:52 ----A---- C:\WINDOWS\TUTORI~1.INI
    2008-10-19 16:00:34 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
    2008-10-19 16:00:13 ----D---- C:\Documents and Settings\Simon\Application Data\Nuance
    2008-10-19 15:57:27 ----D---- C:\Program Files\Fichiers communs\ScanSoft Shared
    2008-10-19 15:57:27 ----D---- C:\Documents and Settings\All Users\Application Data\ScanSoft
    2008-10-19 15:57:25 ----D---- C:\Program Files\Fichiers communs\Nuance
    2008-10-19 15:56:59 ----D---- C:\Program Files\Nuance
    2008-10-19 15:56:59 ----D---- C:\Documents and Settings\All Users\Application Data\Nuance
    2008-10-19 15:56:54 ----D---- C:\WINDOWS\speech
    2008-10-19 13:24:01 ----A---- C:\WINDOWS\ntbtlog.txt
    2008-10-19 13:13:49 ----D---- C:\Documents and Settings\Simon\Application Data\Malwarebytes
    2008-10-19 13:13:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-19 13:13:44 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-19 13:12:48 ----A---- C:\WINDOWS\system32\MSVBVM60.DLL
    2008-10-19 01:12:00 ----D---- C:\Documents and Settings\Simon\Application Data\skypePM
    2008-10-19 01:11:31 ----D---- C:\Documents and Settings\Simon\Application Data\Skype
    2008-10-19 01:08:48 ----D---- C:\Program Files\Skype
    2008-10-19 01:08:47 ----D---- C:\Program Files\Fichiers communs\Skype
    2008-10-19 01:08:32 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
    2008-10-18 21:53:39 ----D---- C:\Documents and Settings\Simon\Application Data\dvdcss
    2008-10-18 15:55:10 ----D---- C:\Documents and Settings\Simon\Application Data\Hamachi
    2008-10-18 14:09:26 ----SHD---- C:\RECYCLER
    2008-10-18 13:49:25 ----D---- C:\Documents and Settings\Simon\Application Data\Logitech
    2008-10-18 13:47:22 ----R---- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
    2008-10-18 13:45:29 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
    2008-10-18 13:45:22 ----A---- C:\WINDOWS\system32\KemXML.dll
    2008-10-18 13:45:22 ----A---- C:\WINDOWS\system32\KemWnd.dll
    2008-10-18 13:45:22 ----A---- C:\WINDOWS\system32\KemUtil.dll
    2008-10-18 13:45:22 ----A---- C:\WINDOWS\system32\kemutb.dll
    2008-10-18 13:45:00 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech
    2008-10-18 13:44:53 ----D---- C:\Program Files\Fichiers communs\Logishrd
    2008-10-18 13:44:45 ----D---- C:\Program Files\Logitech
    2008-10-18 13:44:25 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
    2008-10-16 22:43:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-16 22:42:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-16 22:42:42 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-16 22:41:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-16 22:40:14 ----D---- C:\Program Files\SpeedFan
    2008-10-16 22:40:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-10-15 20:32:25 ----A---- C:\ComboFix.txt
    2008-10-15 20:12:16 ----A---- C:\WINDOWS\SWREG.exe
    2008-10-15 20:12:16 ----A---- C:\WINDOWS\NIRCMD.exe
    2008-10-15 20:12:15 ----A---- C:\WINDOWS\zip.exe
    2008-10-15 20:12:15 ----A---- C:\WINDOWS\VFIND.exe
    2008-10-15 20:12:15 ----A---- C:\WINDOWS\SWXCACLS.exe
    2008-10-15 20:12:15 ----A---- C:\WINDOWS\SWSC.exe
    2008-10-15 20:12:15 ----A---- C:\WINDOWS\sed.exe
    2008-10-15 20:12:15 ----A---- C:\WINDOWS\grep.exe
    2008-10-15 20:12:15 ----A---- C:\WINDOWS\fdsv.exe
    2008-10-15 20:11:08 ----D---- C:\WINDOWS\ERDNT
    2008-10-15 20:11:08 ----D---- C:\Qoobox
    2008-10-15 19:40:30 ----D---- C:\Program Files\Microsoft Works
    2008-10-15 19:40:12 ----D---- C:\Program Files\MSBuild
    2008-10-15 19:39:40 ----D---- C:\Program Files\Microsoft Visual Studio
    2008-10-15 19:39:38 ----D---- C:\Program Files\Fichiers communs\DESIGNER
    2008-10-15 19:28:33 ----D---- C:\WINDOWS\SHELLNEW
    2008-10-15 19:27:28 ----D---- C:\Program Files\Microsoft Office
    2008-10-15 19:27:21 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-10-15 19:23:24 ----RHD---- C:\MSOCache
    2008-10-14 21:25:16 ----A---- C:\WINDOWS\system32\5f251ef4-.txt
    2008-10-14 20:03:08 ----D---- C:\Program Files\adslTV
    2008-10-14 19:55:41 ----D---- C:\Documents and Settings\Simon\Application Data\vlc
    2008-10-14 19:54:13 ----D---- C:\Program Files\VideoLAN
    2008-10-12 20:52:23 ----D---- C:\Documents and Settings\Simon\Application Data\Apple Computer
    2008-10-12 10:54:40 ----D---- C:\WINDOWS\Sun
    2008-10-12 10:54:39 ----D---- C:\Documents and Settings\Simon\Application Data\Sun
    2008-10-09 20:31:31 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-10-09 20:31:31 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-10-09 20:31:31 ----A---- C:\WINDOWS\system32\java.exe
    2008-10-09 20:31:03 ----D---- C:\Program Files\Java
    2008-10-09 20:30:29 ----D---- C:\Program Files\Fichiers communs\Java
    2008-10-08 19:36:49 ----D---- C:\English study
    2008-10-08 19:21:14 ----A---- C:\trace.ini
    2008-10-08 19:21:00 ----D---- C:\Program Files\Auralog
    2008-10-08 19:20:44 ----A---- C:\WINDOWS\err.txt
    2008-10-08 18:57:18 ----D---- C:\Documents and Settings\Simon\Application Data\Help
    2008-10-08 18:55:01 ----A---- C:\WINDOWS\UnSetup.exe
    2008-10-08 18:55:01 ----A---- C:\WINDOWS\FraUinst.exe
    2008-10-08 18:54:47 ----D---- C:\TeLLmeMore
    2008-10-05 12:26:00 ----D---- C:\Program Files\Unlocker
    2008-10-05 12:26:00 ----D---- C:\Documents and Settings\Simon\Application Data\Desktopicon
    2008-10-05 12:08:09 ----D---- C:\Documents and Settings\Simon\Application Data\Disney Interactive Studios
    2008-10-05 12:00:14 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
    2008-10-05 12:00:14 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
    2008-10-05 12:00:13 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
    2008-10-05 12:00:13 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
    2008-10-05 12:00:13 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
    2008-10-05 12:00:12 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2008-10-05 12:00:12 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2008-10-05 12:00:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2008-10-05 12:00:12 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
    2008-10-05 12:00:11 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
    2008-10-05 12:00:11 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
    2008-10-05 12:00:11 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
    2008-10-05 12:00:10 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
    2008-10-05 12:00:10 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
    2008-10-05 12:00:10 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
    2008-10-05 12:00:09 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
    2008-10-05 12:00:09 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
    2008-10-05 12:00:09 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
    2008-10-05 12:00:08 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
    2008-10-05 12:00:08 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
    2008-10-05 12:00:07 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
    2008-10-05 12:00:07 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
    2008-10-05 12:00:06 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
    2008-10-05 12:00:05 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
    2008-10-05 12:00:05 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
    2008-10-05 12:00:05 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
    2008-10-05 12:00:04 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
    2008-10-05 12:00:04 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
    2008-10-05 12:00:04 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
    2008-10-05 12:00:04 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
    2008-10-05 12:00:03 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
    2008-10-05 12:00:02 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
    2008-10-05 12:00:01 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
    2008-10-05 12:00:01 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
    2008-10-05 12:00:00 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
    2008-10-05 11:59:59 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
    2008-10-05 11:59:59 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
    2008-10-05 11:59:59 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
    2008-10-05 11:59:58 ----A---- C:\WINDOWS\system32\xinput1_2.dll
    2008-10-05 11:59:58 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
    2008-10-05 11:59:58 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
    2008-10-05 11:59:58 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
    2008-10-05 11:59:58 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
    2008-10-05 11:59:57 ----A---- C:\WINDOWS\system32\xinput1_1.dll
    2008-10-05 11:59:57 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
    2008-10-05 11:59:57 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
    2008-10-05 11:59:57 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
    2008-10-05 11:59:57 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
    2008-10-05 11:59:56 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
    2008-10-05 11:59:55 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
    2008-10-05 11:59:55 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
    2008-10-05 11:59:55 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
    2008-10-05 11:59:53 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
    2008-10-05 11:58:34 ----D---- C:\WINDOWS\Logs
    2008-10-05 11:24:26 ----D---- C:\Program Files\Rockstar Games
    2008-10-04 19:32:05 ----D---- C:\Program Files\Microsoft
    2008-10-04 19:28:23 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2008-10-01 13:28:24 ----A---- C:\WINDOWS\WPE PRO.INI
    2008-09-24 19:57:27 ----A---- C:\WINDOWS\GMouse.ini
    2008-09-23 09:53:22 ----D---- C:\WINDOWS\system32\SoftwareDistribution

    ======List of files/folders modified in the last 1 months======

    2008-10-20 20:05:05 ----D---- C:\WINDOWS\Prefetch
    2008-10-20 20:04:59 ----RD---- C:\Program Files
    2008-10-20 20:04:26 ----D---- C:\Documents and Settings\Simon\Application Data\Azureus
    2008-10-20 18:55:13 ----D---- C:\Program Files\Mozilla Firefox
    2008-10-20 18:53:37 ----D---- C:\WINDOWS\Temp
    2008-10-20 18:50:49 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-10-20 18:49:26 ----D---- C:\Program Files\RamBoost XP
    2008-10-20 18:48:05 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-10-19 22:50:51 ----HD---- C:\WINDOWS\inf
    2008-10-19 21:21:38 ----D---- C:\WINDOWS\security
    2008-10-19 21:15:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-10-19 21:15:34 ----D---- C:\WINDOWS\system32
    2008-10-19 20:59:05 ----D---- C:\WINDOWS
    2008-10-19 20:29:39 ----RASH---- C:\boot.ini
    2008-10-19 20:29:39 ----A---- C:\WINDOWS\win.ini
    2008-10-19 20:29:39 ----A---- C:\WINDOWS\system.ini
    2008-10-19 20:22:41 ----RSD---- C:\WINDOWS\Fonts
    2008-10-19 16:02:06 ----SHD---- C:\WINDOWS\Installer
    2008-10-19 16:00:32 ----D---- C:\WINDOWS\WinSxS
    2008-10-19 15:57:27 ----D---- C:\Program Files\Fichiers communs
    2008-10-19 15:57:26 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-10-19 15:57:25 ----D---- C:\Program Files\Fichiers communs\InstallShield
    2008-10-19 13:13:48 ----D---- C:\WINDOWS\system32\drivers
    2008-10-18 13:47:35 ----SD---- C:\Documents and Settings\Simon\Application Data\Microsoft
    2008-10-18 13:47:16 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-10-18 13:46:03 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2008-10-16 22:43:05 ----HD---- C:\WINDOWS\$hf_mig$
    2008-10-16 22:42:51 ----A---- C:\WINDOWS\imsins.BAK
    2008-10-16 22:42:32 ----D---- C:\Program Files\Internet Explorer
    2008-10-16 22:42:15 ----D---- C:\WINDOWS\ie7updates
    2008-10-15 20:24:06 ----D---- C:\WINDOWS\system32\config
    2008-10-15 20:17:46 ----D---- C:\WINDOWS\AppPatch
    2008-10-15 19:40:28 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2008-10-15 19:37:14 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2008-10-15 19:29:39 ----D---- C:\Program Files\Fichiers communs\System
    2008-10-14 19:50:22 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-10-12 20:46:46 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-10-08 19:59:23 ----D---- C:\Program Files\PowerISO
    2008-10-07 21:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-10-05 19:07:44 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
    2008-10-05 12:00:15 ----D---- C:\WINDOWS\system32\DirectX
    2008-10-04 19:50:57 ----D---- C:\Program Files\Messenger Plus! Live
    2008-10-04 19:32:53 ----D---- C:\Program Files\Windows Live
    2008-10-03 19:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll
    2008-10-03 10:42:29 ----D---- C:\Documents and Settings\Simon\Application Data\Adobe
    2008-10-02 14:32:29 ----A---- C:\WINDOWS\ODBC.INI
    2008-10-02 14:10:43 ----D---- C:\Program Files\Adobe
    2008-09-28 20:16:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-09-28 20:16:30 ----D---- C:\Program Files\Fichiers communs\Adobe
    2008-09-23 17:39:30 ----D---- C:\Program Files\Dofus
    2008-09-23 09:53:23 ----D---- C:\WINDOWS\Help
    2008-09-21 08:14:07 ----D---- C:\WINDOWS\network diagnostic

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-06-12 56108]
    R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
    R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
    R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
    R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
    R2 XAudio;XAudio; C:\WINDOWS\system32\DRIVERS\xaudio.sys [2007-07-09 8704]
    R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\athw.sys [2008-06-27 1315776]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2008-09-16 732160]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\System32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
    R3 HpqRemHid;HP Remote Control HID Device; C:\WINDOWS\System32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
    R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys [2007-06-19 984064]
    R3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2007-06-19 208896]
    R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-09-21 35088]
    R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-09-21 36240]
    R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-09-21 28432]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2008-08-24 6128352]
    R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
    R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
    R3 nvsmu;nvsmu; C:\WINDOWS\System32\DRIVERS\nvsmu.sys [2008-08-25 14208]
    R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2008-04-13 79232]
    R3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\System32\DRIVERS\sffdisk.sys [2008-04-13 11904]
    R3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\System32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
    R3 Wdf01000;Wdf01000; C:\WINDOWS\System32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2007-06-19 660480]
    S3 a7mwjjg8;a7mwjjg8; C:\WINDOWS\system32\drivers\a7mwjjg8.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-10-18 25280]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-08-28 55808]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
    R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2008-08-24 163908]
    R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
    R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
    R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
    S2 XAudioService;XAudioService; C:\WINDOWS\system32\DRIVERS\xaudio.exe [2007-07-09 386560]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-09-18 72704]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-09-18 654848]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe [2007-11-15 121360]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-09-02 191656]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

    -----------------EOF-----------------


    Et voilà, bonne lecture ^^'
    a b 8 Sécurité
    20 Octobre 2008 20:51:28

    Re,

    Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :files
    C:\Program Files\AskSBar

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"=""


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton [#ff0000]MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log
    20 Octobre 2008 22:25:02

    ========== FILES ==========
    C:\Program Files\AskSBar\SrchAstt\1.bin moved successfully.
    C:\Program Files\AskSBar\SrchAstt moved successfully.
    C:\Program Files\AskSBar\bar\Settings moved successfully.
    C:\Program Files\AskSBar\bar\History moved successfully.
    C:\Program Files\AskSBar\bar\Cache moved successfully.
    C:\Program Files\AskSBar\bar\1.bin moved successfully.
    C:\Program Files\AskSBar\bar moved successfully.
    C:\Program Files\AskSBar moved successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}\\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}\ deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLS"|"" /E : value set successfully!

    OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10202008_222411


    Alala tu m'épates
    a b 8 Sécurité
    21 Octobre 2008 12:39:27

    Reposte un rapport Hijackthis.
    22 Octobre 2008 06:50:49

    Voilà :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 06:50:29, on 22/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\RamBoost XP\rambxpfr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\RealVNC\VNC4\winvnc4.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dufpy.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking9\Ereg.ini
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe

    --
    End of file - 8632 bytes
    a b 8 Sécurité
    22 Octobre 2008 17:30:08

    Ton pc se comporte mieux ?
    a b , Internet Explorer
    22 Octobre 2008 17:52:50

    Modération : suppression du message d'idris821
    22 Octobre 2008 19:53:24

    Y'a toujours un processus qui m'embéte, "NMIndexStoreSvr.exe" qui me prends 90% d'uc...

    Une idée ?
    a b 8 Sécurité
    22 Octobre 2008 20:41:28

    Tu as Nero sur ton pc ?
    22 Octobre 2008 21:08:15

    Ouaip ! :) 
    a b 8 Sécurité
    23 Octobre 2008 10:52:56

    Ce processus est lié à Nero.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS