Votre question

[RESOLU]Trojan/Spyware ?

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
6 Octobre 2008 02:54:27

Yep.
Tout allait bien jusque hier où j'ai installé un logiciel avec crack. Le soir, mon ordi ne captait plus ma neufbox. Le lendemain, tout est revenu à la normale - cool - mais j'ai ensuite vu que mon ordi était anormalement lent, il se bloquait tout seul assez périodiquement, du coup tout se met en mode pas de réponse. J'pensais que ça concernait que le net mais les logiciels offline se bloquaient aussi. J'en ai donc conclu que j'suis probablement infecté par ce crack (ça m'apprendra..)

Maintenant, l'ordi se bloque tous les 10 secondes (testé avec chronomètre) pendant 8 secondes.. C'est ingérable quoi.
Tout s'arrête, même les gifs/flash, pourtant, ma RAM est stable (45% environ)
J'ai déjà désinstallé le logiciel en question et tout ce qui va avec. (Et supprimé les fichiers aussi.)
Etant pas expert en la matière, j'viens ici pour demander de l'aide.

Voila mon HijackThis:

Citation :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:20:08, on 06/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{38F8446A-927A-43C0-97E8-A35B134AD6E3}: NameServer = 192.168.1.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe

--
End of file - 11045 bytes


Merci d'avance.

Autres pages sur : resolu trojan spyware

6 Octobre 2008 15:57:58

Bonjour,

Envoie-moi par MP le type de crack que tu as téléchargé stp, et si possible où, ça pourrait m'aider à savoir quelle type d'infection tu as choppée.

J'espère que ça te servira de leçon :)  N'hésite pas à cliquer sur le lien dans ma signature.

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    ;) 
    6 Octobre 2008 18:42:20

    Voila le rapport du logiciel MalwareByte:
    Citation :
    Malwarebytes' Anti-Malware 1.28
    Version de la base de données: 1234
    Windows 6.0.6001 Service Pack 1

    06/10/2008 18:24:54
    mbam-log-2008-10-06 (18-24-54).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 213159
    Temps écoulé: 42 minute(s), 12 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 3

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Program Files\eMule\emule.exe (Rogue.Fake!emule.exe) -> Quarantined and deleted successfully.
    C:\Program Files\eMule\LinkCreator.exe (Rogue.Fake!emule.exe) -> Quarantined and deleted successfully.
    C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.


    5 malwares en tout, et supprimés.
    Pour l'instant, tout est normal chez moi, pour l'instant..

    J'ai essayé de faire un rapport Hijackthis, mais ça m'a mis une erreur dans laquelle on me demande de lancer Hijackthis en tant qu'admin. (Et j'ai quand même le rapport..)

    Je poste le rapport Hijackthis tel quel ou je lance Hijackthis en mode admin ?

    Merci d'avance.
    Contenus similaires
    6 Octobre 2008 21:01:53

    Re,

    Tu es sous vista, clique droit et lancer en tant qu'admin.

    Et poste-moi le rapport.

    ;) 
    6 Octobre 2008 21:43:59

    Voila le rapport:

    Citation :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:42:59, on 06/10/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
    C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
    O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
    O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{38F8446A-927A-43C0-97E8-A35B134AD6E3}: NameServer = 192.168.1.1
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
    O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
    O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe

    --
    End of file - 11126 bytes
    6 Octobre 2008 23:07:10

    Re,

    Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.

    ;) 
    7 Octobre 2008 00:40:20

    Le contenu du log.txt:
    Citation :
    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Mehdi at 2008-10-07 00:30:44
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 97 GB (52%) free of 185 GB
    Total RAM: 2046 MB (55% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:30:45, on 07/10/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
    C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Mehdi\Documents\Installation logiciels\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Mehdi.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
    O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
    O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{38F8446A-927A-43C0-97E8-A35B134AD6E3}: NameServer = 192.168.1.1
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
    O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
    O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe

    --
    End of file - 11225 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
    FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
    FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
    "SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2007-01-16 634880]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-09 4390912]
    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
    "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-04-23 176128]
    "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-13 159744]
    "HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
    "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
    "WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "ProfilerU"=C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [2007-06-04 233472]
    "SaiMfd"=C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [2007-06-04 131072]
    "PLFSet"=C:\Windows\PLFSet.dll [2007-04-24 45056]
    "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160]
    "NvSvc"=C:\Windows\system32\nvsvc.dll [2007-05-01 86016]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-05-01 8429568]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-05-01 81920]
    "SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
    "NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497]
    "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
    "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-07 44128]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
    "WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2008-01-19 2153472]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
    "AdobeBridge"= []

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    Lancer l'utilitaire d'enregistrement.lnk - C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94035fa3-e1f7-11dc-85fd-001b24b6a1a4}]
    shell\AutoRun\command - F:\Setup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b926fd9f-50c8-11dd-a68a-001b24b6a1a4}]
    shell\AutoRun\command - wscript.exe .\.vbs
    shell\open\command - wscript.exe .\.vbs


    ======List of files/folders created in the last 1 months======

    2008-10-07 00:30:44 ----D---- C:\rsit
    2008-10-07 00:30:44 ----D---- \rsit
    2008-10-06 17:38:55 ----A---- C:\Windows\ntbtlog.txt
    2008-10-06 17:20:54 ----D---- C:\Users\Mehdi\AppData\Roaming\Malwarebytes
    2008-10-06 17:20:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-06 02:17:35 ----D---- C:\Program Files\Trend Micro
    2008-09-30 14:19:40 ----D---- C:\Program Files\Cisco
    2008-09-28 12:37:00 ----A---- C:\Windows\system32\GEARAspi.dll
    2008-09-28 12:36:38 ----D---- C:\Program Files\iTunes
    2008-09-28 12:36:38 ----D---- C:\Program Files\iPod
    2008-09-28 12:34:58 ----D---- C:\Program Files\Bonjour
    2008-09-28 12:33:17 ----D---- C:\Program Files\QuickTime
    2008-09-18 11:13:59 ----D---- C:\Program Files\Aspyr
    2008-09-17 19:34:56 ----D---- C:\Users\Mehdi\AppData\Roaming\mIRC
    2008-09-17 19:34:56 ----D---- C:\Program Files\mIRC
    2008-09-13 20:10:27 ----A---- C:\Windows\system32\javaws.exe
    2008-09-13 20:10:27 ----A---- C:\Windows\system32\javaw.exe
    2008-09-13 20:10:27 ----A---- C:\Windows\system32\java.exe
    2008-09-12 19:22:25 ----D---- C:\Program Files\eMule
    2008-09-10 11:34:56 ----A---- C:\Windows\system32\Apphlpdm.dll
    2008-09-10 11:34:55 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
    2008-09-10 11:34:45 ----A---- C:\Windows\system32\wmpeffects.dll
    2008-09-10 11:34:40 ----A---- C:\Windows\system32\emdmgmt.dll
    2008-09-10 11:34:40 ----A---- C:\Windows\system32\dataclen.dll
    2008-09-10 11:34:40 ----A---- C:\Windows\system32\cdd.dll

    ======List of files/folders modified in the last 1 months======

    2008-10-07 00:30:45 ----D---- C:\Windows\Prefetch
    2008-10-07 00:30:29 ----D---- C:\Windows\Temp
    2008-10-07 00:01:46 ----D---- C:\Users\Mehdi\AppData\Roaming\FileZilla
    2008-10-06 22:41:11 ----D---- C:\Program Files\FileZilla FTP Client
    2008-10-06 22:31:33 ----D---- C:\Users\Mehdi\AppData\Roaming\gtk-2.0
    2008-10-06 20:31:13 ----SHD---- C:\System Volume Information
    2008-10-06 20:31:13 ----SHD---- \System Volume Information
    2008-10-06 18:28:26 ----D---- C:\Windows\SMINST
    2008-10-06 18:24:54 ----RD---- C:\Program Files
    2008-10-06 18:24:54 ----RD---- \Program Files
    2008-10-06 18:24:38 ----D---- C:\Program Files\Mozilla Firefox
    2008-10-06 17:38:55 ----D---- C:\Windows
    2008-10-06 17:38:55 ----D---- \Windows
    2008-10-06 17:20:52 ----D---- C:\Windows\system32\drivers
    2008-10-06 17:20:50 ----HD---- C:\ProgramData
    2008-10-06 17:20:50 ----HD---- \ProgramData
    2008-10-06 14:54:39 ----HD---- C:\Config.Msi
    2008-10-06 14:54:39 ----HD---- \Config.Msi
    2008-10-06 01:25:39 ----D---- C:\Program Files\Common Files
    2008-10-06 01:08:42 ----SHD---- C:\Windows\Installer
    2008-10-06 00:24:53 ----D---- C:\Users\Mehdi\AppData\Roaming\Adobe
    2008-10-05 22:44:53 ----D---- C:\Windows\System32
    2008-10-05 17:56:57 ----D---- C:\Windows\system32\catroot2
    2008-10-05 16:35:55 ----D---- C:\Windows\inf
    2008-10-05 16:35:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2008-10-04 11:45:36 ----D---- C:\Users\Mehdi\AppData\Roaming\FrostWire
    2008-10-01 21:11:30 ----D---- C:\Users\Mehdi\AppData\Roaming\Camfrog
    2008-09-30 14:29:34 ----SD---- C:\Users\Mehdi\AppData\Roaming\Microsoft
    2008-09-30 14:20:05 ----D---- C:\Windows\system32\catroot
    2008-09-29 21:09:24 ----RD---- C:\Users
    2008-09-29 21:09:24 ----RD---- \Users
    2008-09-29 21:09:02 ----HD---- C:\Windows\system32\GroupPolicy
    2008-09-28 12:37:00 ----DC---- C:\Windows\system32\DRVSTORE
    2008-09-28 12:33:23 ----D---- C:\Program Files\Common Files\Apple
    2008-09-13 20:10:27 ----D---- C:\Program Files\Java
    2008-09-10 17:26:17 ----D---- C:\Windows\winsxs
    2008-09-10 17:14:04 ----D---- C:\Windows\AppPatch
    2008-09-10 13:28:13 ----D---- C:\Program Files\Microsoft Works

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
    R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-07-18 75072]
    R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
    R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
    R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
    R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
    R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-30 52032]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-12 1747936]
    R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-05-01 7495968]
    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288]
    R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
    R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2007-01-16 983936]
    R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-02-07 1729152]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
    S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
    S3 a5cijr3d;a5cijr3d; C:\Windows\system32\drivers\a5cijr3d.sys []
    S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
    S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2008-01-18 93696]
    S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2008-01-18 93696]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
    S3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
    S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
    S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
    S3 RT25USBAP;Nintendo Wi-Fi USB Connector Service; C:\Windows\system32\DRIVERS\rt25usbap.sys [2007-07-03 162944]
    S3 SaiHF51A;SaiHF51A; C:\Windows\system32\DRIVERS\SaiHF51A.sys [2007-06-05 135048]
    S3 SaiUF51A;SaiUF51A; C:\Windows\system32\DRIVERS\SaiUF51A.sys [2007-06-05 28544]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
    S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
    S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
    S3 UMPass;Pilote Microsoft UMPass; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-18 7680]
    S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-07-22 32000]
    S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-18 73088]
    S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
    S3 vpnva;Cisco AnyConnect VPN Virtual Miniport Adapter for Windows; C:\Windows\system32\DRIVERS\vpnva.sys [2008-07-25 15360]
    S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
    S3 xnacc;Contrôleur XBOX 360 pour le service de pilote Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2008-01-18 521216]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-07-18 68865]
    R2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-15 149761]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-04-23 262243]
    R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-03-09 66872]
    R2 vpnagent;Cisco AnyConnect VPN Agent; C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2008-07-25 370872]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-04-23 106593]
    S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-22 87288]
    S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe []
    S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe [2008-01-18 24635]
    S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe [2008-01-18 5750784]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]

    -----------------EOF-----------------


    Et le contenu de l'info.txt
    Citation :
    info.txt logfile of random's system information tool 1.04 2008-10-07 00:30:48

    ======Uninstall list======

    -->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
    -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    -->C:\Windows\UNNeroShowTime.exe /UNINSTALL
    -->C:\Windows\UNNeroVision.exe /UNINSTALL
    -->C:\Windows\UNRecode.exe /UNINSTALL
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
    Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x040c -removeonly -u
    Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{3A6829EF-0791-4FDD-9382-C690DD0821B9}
    Adobe Flash Player 10 Plugin-->MsiExec.exe /X{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}
    Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{485775E8-AEB8-46BD-922B-242879E03DD5}
    Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
    Camfrog Video Chat 5.1-->"C:\Program Files\Camfrog\Camfrog Video Chat\uninstall.exe"
    Cheating-Death 4.33.4-->C:\Program Files\Cheating-Death\UninstCD.exe
    Cisco AnyConnect VPN Client-->MsiExec.exe /I{A96D580D-00C3-43BF-BFDD-F701E779E5CB}
    Condition Zero Deleted Scenes-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/100
    Condition Zero-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/80
    Counter-Strike(TM)-->MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
    Counter-Strike-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/10
    Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
    Day of Defeat-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/30
    Deathmatch Classic-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/40
    DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    ESU for Microsoft Vista-->MsiExec.exe /X{DB3AE42A-AAED-49CC-9B87-55A181BCC868}
    FileZilla Client 3.1.3.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
    FlashGet 1.9.6.1073-->C:\Program Files\FlashGet\uninst.exe
    Free Mp3 Wma Converter V 1.7.3-->"C:\Program Files\Free Audio Pack\unins000.exe"
    FrostWire 4.17.0-->C:\Program Files\FrostWire\Uninstall.exe
    GIMP 2.4.2-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
    Guitar Hero III-->MsiExec.exe /I{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}
    Hewlett-Packard Active Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
    Hewlett-Packard Asset Agent-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    HP Active Support Library 32 bit components-->MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}
    HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{290B83AA-093A-45BF-A917-D1C4A1E8D917}\setup.exe -runfromtemp -l0x0409
    HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
    HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
    HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
    HP Help and Support-->MsiExec.exe /I{9061CEF2-51F5-42C9-8A70-9ED351C6597A}
    HP Photosmart Essential 2.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
    HP Photosmart.All-In-One Driver Software 8.0 .A-->C:\Program Files\HP\Digital Imaging\{282E5AB2-8E47-4571-B6FA-6B512555B557}\setup\hpzscr01.exe -datfile hposcr18.dat -onestop -showdisconnect -forcereboot
    HP Quick Launch Buttons 6.20 B1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x040c uninst
    HP QuickPlay 3.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
    HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
    HP User Guides 0056-->MsiExec.exe /I{5AB56552-6938-4686-9F87-DB0ED8D1E06B}
    HP Wireless Assistant-->MsiExec.exe /I{D32067CD-7409-4792-BFA0-1469BCD8F0C8}
    Intel Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
    iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE}
    Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
    Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
    mIRC-->C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
    Motorola SM56 Data Fax Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
    Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSCU for Microsoft Vista-->MsiExec.exe /X{336A609A-6ECC-4E05-B320-CCC085BF7EA7}
    MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    Nero 8-->MsiExec.exe /X{5FCCD531-1B38-4A94-924C-127F722F1036}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Notepad++-->C:\Program Files\Notepad++\uninstall.exe
    NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
    Panneau de configuration MobileMe-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
    PSP Video 9 2.25-->C:\Program Files\Red Kawa\Video Converter\uninstaller.exe
    PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    Ricochet-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/60
    Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
    Saitek SD6 Programming Software 6.0.5.12-->MsiExec.exe /X{61AE44DA-F2DE-4792-9796-5296A2CEC3D6}
    SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
    Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
    Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
    Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
    Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
    Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
    Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
    Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
    Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
    Sid Meier's Civilization 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x40c -removeonly
    Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
    Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Outlook 2007 Junk Email Filter (kb956080)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {96CC215F-3F22-4E1E-A101-F0041934A456}
    Utilitaire d'enregistrement du connecteur Wi-Fi USB Nintendo-->C:\Program Files\WiFiConnector\SoftAPUninst.exe
    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    WampServer 2.0-->"c:\wamp\unins000.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

    ======Security center information======

    AS: Windows Defender

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\QuickTime\QTSystem\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=x86
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
    "PROCESSOR_REVISION"=0f0d
    "NUMBER_OF_PROCESSORS"=2
    "PLATFORM"=MCD
    "PCBRAND"=Pavilion
    "OnlineServices"=Services en ligne
    "USERPART"=E:
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

    -----------------EOF-----------------
    7 Octobre 2008 09:35:04

    Bonjour,

    Evite de poster tes rapports entre balises stp, ils sont plus durs à lire ainsi pour moi ;) 

    1) Désactive la protection résidente de Windows Defender.

    2) Désinstalle via Ajout/Suppression de Programmes (si présents) :

  • eMule
  • FileZilla Client 3.1.3.1
  • FrostWire 4.17.0
  • Java(TM) 6 Update 3
  • Java(TM) 6 Update 5
  • Java(TM) SE Runtime Environment 6

    Je te conseille de désinstaller et de supprimer tous tes logiciels de p2p : 50% de ce que tu télécharges via p2p est piégé. Le p2p est le premier vecteur d'infection de nos jours.
    Plus d'informations disponibles en cliquant sur le lien suivant : Cracks / P2P

    3) On va maintenant devoir modifier le registre. Modifier le registre peut se révéler être très dangereux, c'est pourquoi nous allons créer une sauvegarde du registre avant d'effectuer nos modifications. Ainsi, en cas de souci, il n'y aura qu'à restaurer.

    Merci de procéder EXACTEMENT comme décrit ci-dessous :

    Télécharge ERUNT
    ( ERUNT = Emergency Recovery Utility NT, c'est un programme gratuit qui te permet de conserver une sauvegarde complète de ta base de registre et de la restaurer quand cela s'avère nécessaire )

  • Installe ERUNT en suivant les instructions suivantes
    ( suis les directives d'installation par défaut, mais dis non quand on te demande d'ajouter ERUNT au startup folder ( dossier start up ), d'autant plus que si tu le souhaites tu pourras ajouter cette option ultérieurement )
  • Lance ERUNT ( soit en double-cliquant sur l'icône présente sur ton bureau soit en choisissant de lancer le programme en fin d'installation )
  • Choisis un emplacement pour la sauvegarde ( l'emplacement par défaut est : C:\WINDOWS\ERDNT ce qui est acceptable ).
  • Assure-toi que les deux premières cases suivantes soient bien cochées !!!
  • Clique sur OK
  • Clique sur YES pour créer le dossier de sauvegarde.


    4) Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :processes
    explorer.exe

    :services
    a5cijr3d

    :reg
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94035fa3-e1f7-11dc-85fd-001b24b6a1a4}]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b926fd9f-50c8-11dd-a68a-001b24b6a1a4}]

    :files
    C:\Windows\system32\drivers\a5cijr3d.sys

    :commands
    [purity]
    [emptytemp]
    [start explorer]
    [reboot]


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    Et poste-moi [#f0000e]un nouveau rapport RSIT
    dans ta prochaine réponse.

    ;) 
    7 Octobre 2008 17:21:25

    Ok, j'pensais que les balises quote t'aideraient, désolé ^^

    Y'a eu un petit problème, j'ai oublié de désactiver le pare-feu Windows.. :s

    Je poste le rapport du dossier OTMoveit:

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== SERVICES/DRIVERS ==========
    Unable to stop service a5cijr3d .
    ========== REGISTRY ==========
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94035fa3-e1f7-11dc-85fd-001b24b6a1a4}\\ deleted successfully.
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b926fd9f-50c8-11dd-a68a-001b24b6a1a4}\\ deleted successfully.
    ========== FILES ==========
    File/Folder C:\Windows\system32\drivers\a5cijr3d.sys not found.
    ========== COMMANDS ==========
    File delete failed. C:\Users\Mehdi\AppData\Local\Temp\History\History.IE5\MSHist012008100720081008\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Users\Mehdi\AppData\Local\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Users\Mehdi\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Users\Mehdi\AppData\Local\Temp\Cookies\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Users\Mehdi\AppData\Local\Temp\etilqs_lLHSC4r67mRVH1Hk7R6c scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\Windows\temp\00000065 scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\0000014C scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\000004E8 scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\0000050E scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\00000670 scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\ASPNETSetup.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\ASPNETSetup_00000.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\ehprivjob.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\ehprivjob1.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile00.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile01.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile02.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile03.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile04.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile05.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile06.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile07.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile08.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile09.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile10.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile11.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile12.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile13.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile14.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile15.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile16.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile17.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile18.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\fwtsqmfile19.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\hpqddsvc.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\hpzFR4v2.chm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\hpzFR4v2.hlp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\IDSinst.LOG scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080113-154114-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080113-154123-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080114-192142-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080114-192317-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080118-195946-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080118-195959-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080119-102127-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080119-102137-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080119-181523-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080119-181536-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080120-093955-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080120-094005-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080120-190331-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080120-190341-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080122-174530-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080122-174541-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080123-135122-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080123-135136-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080124-144223-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080124-144232-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080126-113434-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080126-113444-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080127-092921-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080127-092930-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080128-191405-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080128-191414-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080129-181019-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080129-181028-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080129-201300-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080129-201310-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080130-182419-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080130-182436-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080201-181107-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080201-181120-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080202-103401-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080202-103410-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080202-184722-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080202-184731-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080203-114455-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080203-114504-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080204-192739-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080204-192748-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080205-173846-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080205-173854-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080206-144509-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080206-144525-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080206-221002-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080206-221011-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080207-192645-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080207-192654-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080208-191814-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080208-191830-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080209-105904-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080209-105913-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080209-192537-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080209-192545-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080210-111100-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080210-111109-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080210-194130-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080210-194202-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080211-190924-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080211-190932-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080211-194543-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080211-194551-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080211-215250-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080211-215258-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080211-225646-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080211-225654-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080213-154953-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080213-155001-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080214-091610-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080214-091620-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080215-184208-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080215-184226-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080216-175742-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080216-175751-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080218-213431-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080218-213441-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080219-110331-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080219-110341-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080219-230457-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080219-230507-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080220-141450-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080220-141509-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080220-184422-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080220-184432-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080220-220721-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080220-220731-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080220-232020-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080220-232030-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080224-121948-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080224-121958-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080224-130425-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080224-130437-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080224-204612-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080224-204621-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080225-100422-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080225-100436-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080225-110948-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080225-110957-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080225-225805-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080225-225814-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080226-105531-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080226-105549-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080226-165806-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080226-165816-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080226-185527-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080226-185537-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080227-112628-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080227-112638-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080227-184725-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080227-184736-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080227-215957-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080227-220006-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080227-233037-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080227-233046-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080228-130713-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080228-130723-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080229-173315-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080229-173327-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080301-201946-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080301-201956-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080303-114502-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080303-114520-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080303-230213-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080303-230222-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080304-113622-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080304-113632-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080305-111007-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080305-111019-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080306-103733-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080306-103743-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080306-171551-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080306-171601-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080307-141053-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080307-141112-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080308-115537-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080308-115546-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080308-124855-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080308-124905-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080309-114605-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080309-115010-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080310-191804-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080310-191813-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080311-180817-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080311-180827-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080312-160903-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080312-160914-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080312-210224-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080312-210236-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080313-191457-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080313-191516-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080314-181643-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080314-181655-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080315-105732-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080315-105743-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080316-114349-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080316-114358-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080316-164613-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080316-164622-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080317-193010-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080317-193020-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080318-172444-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080318-172454-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\MpCmdRun.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\MpSigStub.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\NCOBB43.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\NCOBB82.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\NCOBBA1.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\netfxsl.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\netfxupdate.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\NetFxUpdate_v1.1.4322.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\Norton_SPALOG_1_12_2008_2530305.txt scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\Norton_SPALOG_1_12_2008_2537106.txt scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\Norton_SPALOG_1_12_2008_3903207.txt scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\Norton_SPALOG_3_27_2008_3630642.txt scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\QTInstallCode.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\qtplugin.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SRTSP_MSI_I_10.2.2.6.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SRTSP_MSI_R_10.2.2.6.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SRTSP_MSI_U_(1)10.1.4.2.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SRTSP_Setup_10.2.2.6.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\srtUnin.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SYMEVENT.LOG scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TMP00000021D1337A90AC4B8B4B scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TMP00000022EB1957E1EEC34C35 scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TMP000000252E405224B644BC46 scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TMP00000026E021F413D3B4EDED scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TMP000000296011815630088BD0 scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TMP000000693C06B94AA99E19CB scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\Upd6533.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\VistaSP1_InstallPerf_142855.sqm scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\WinSAT_DX.etl scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\WinSAT_KernelLog.etl scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\WinSAT_StorageAsmt.etl scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    File delete failed. C:\Users\Mehdi\AppData\Local\Mozilla\Firefox\Profiles\kvdbsw0e.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\Mehdi\AppData\Local\Mozilla\Firefox\Profiles\kvdbsw0e.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\Mehdi\AppData\Local\Mozilla\Firefox\Profiles\kvdbsw0e.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\Mehdi\AppData\Local\Mozilla\Firefox\Profiles\kvdbsw0e.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\Mehdi\AppData\Local\Mozilla\Firefox\Profiles\kvdbsw0e.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Users\Mehdi\AppData\Local\Mozilla\Firefox\Profiles\kvdbsw0e.default\XUL.mfl scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer - Version 1.0.4.2 log created on 10072008_170617





    Et le .log du rapport RSIT

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Mehdi at 2008-10-07 17:13:02
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 97 GB (52%) free of 185 GB
    Total RAM: 2046 MB (50% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:13:21, on 07/10/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
    C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Users\Mehdi\Documents\Installation logiciels\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Mehdi.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
    O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
    O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{38F8446A-927A-43C0-97E8-A35B134AD6E3}: NameServer = 192.168.1.1
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
    O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
    O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe

    --
    End of file - 11197 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
    FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
    FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
    "SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2007-01-16 634880]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-09 4390912]
    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
    "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-04-23 176128]
    "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-13 159744]
    "HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
    "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
    "WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
    "ProfilerU"=C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [2007-06-04 233472]
    "SaiMfd"=C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [2007-06-04 131072]
    "PLFSet"=C:\Windows\PLFSet.dll [2007-04-24 45056]
    "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160]
    "NvSvc"=C:\Windows\system32\nvsvc.dll [2007-05-01 86016]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-05-01 8429568]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-05-01 81920]
    "SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
    "NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497]
    "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
    "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-07 44128]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
    "WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2008-01-19 2153472]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
    "AdobeBridge"= []

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    Lancer l'utilitaire d'enregistrement.lnk - C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======List of files/folders created in the last 1 months======

    2008-10-07 17:06:17 ----D---- C:\_OTMoveIt
    2008-10-07 17:06:17 ----D---- \_OTMoveIt
    2008-10-07 17:04:45 ----D---- C:\Windows\ERDNT
    2008-10-07 17:04:00 ----D---- C:\Program Files\ERUNT
    2008-10-07 00:30:44 ----D---- C:\rsit
    2008-10-07 00:30:44 ----D---- \rsit
    2008-10-06 17:38:55 ----A---- C:\Windows\ntbtlog.txt
    2008-10-06 17:20:54 ----D---- C:\Users\Mehdi\AppData\Roaming\Malwarebytes
    2008-10-06 17:20:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-06 02:17:35 ----D---- C:\Program Files\Trend Micro
    2008-09-30 14:19:40 ----D---- C:\Program Files\Cisco
    2008-09-28 12:37:00 ----A---- C:\Windows\system32\GEARAspi.dll
    2008-09-28 12:36:38 ----D---- C:\Program Files\iTunes
    2008-09-28 12:36:38 ----D---- C:\Program Files\iPod
    2008-09-28 12:34:58 ----D---- C:\Program Files\Bonjour
    2008-09-28 12:33:17 ----D---- C:\Program Files\QuickTime
    2008-09-18 11:13:59 ----D---- C:\Program Files\Aspyr
    2008-09-17 19:34:56 ----D---- C:\Users\Mehdi\AppData\Roaming\mIRC
    2008-09-17 19:34:56 ----D---- C:\Program Files\mIRC
    2008-09-13 20:10:27 ----A---- C:\Windows\system32\javaws.exe
    2008-09-13 20:10:27 ----A---- C:\Windows\system32\javaw.exe
    2008-09-13 20:10:27 ----A---- C:\Windows\system32\java.exe
    2008-09-10 11:34:56 ----A---- C:\Windows\system32\Apphlpdm.dll
    2008-09-10 11:34:55 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
    2008-09-10 11:34:45 ----A---- C:\Windows\system32\wmpeffects.dll
    2008-09-10 11:34:40 ----A---- C:\Windows\system32\emdmgmt.dll
    2008-09-10 11:34:40 ----A---- C:\Windows\system32\dataclen.dll
    2008-09-10 11:34:40 ----A---- C:\Windows\system32\cdd.dll

    ======List of files/folders modified in the last 1 months======

    2008-10-07 17:13:00 ----D---- C:\Windows\Temp
    2008-10-07 17:12:15 ----D---- C:\Windows\Prefetch
    2008-10-07 17:09:54 ----D---- C:\Windows\SMINST
    2008-10-07 17:04:45 ----D---- C:\Windows
    2008-10-07 17:04:45 ----D---- \Windows
    2008-10-07 17:04:00 ----RD---- C:\Program Files
    2008-10-07 17:04:00 ----RD---- \Program Files
    2008-10-07 17:01:42 ----SHD---- C:\Windows\Installer
    2008-10-07 17:01:42 ----HD---- C:\Config.Msi
    2008-10-07 17:01:42 ----HD---- \Config.Msi
    2008-10-07 17:01:39 ----D---- C:\Program Files\Java
    2008-10-07 17:01:31 ----D---- C:\Windows\System32
    2008-10-07 17:01:08 ----SHD---- C:\System Volume Information
    2008-10-07 17:01:08 ----SHD---- \System Volume Information
    2008-10-07 16:58:26 ----D---- C:\Program Files\FrostWire
    2008-10-07 00:01:46 ----D---- C:\Users\Mehdi\AppData\Roaming\FileZilla
    2008-10-06 22:31:33 ----D---- C:\Users\Mehdi\AppData\Roaming\gtk-2.0
    2008-10-06 18:24:38 ----D---- C:\Program Files\Mozilla Firefox
    2008-10-06 17:20:52 ----D---- C:\Windows\system32\drivers
    2008-10-06 17:20:50 ----HD---- C:\ProgramData
    2008-10-06 17:20:50 ----HD---- \ProgramData
    2008-10-06 01:25:39 ----D---- C:\Program Files\Common Files
    2008-10-06 00:24:53 ----D---- C:\Users\Mehdi\AppData\Roaming\Adobe
    2008-10-05 17:56:57 ----D---- C:\Windows\system32\catroot2
    2008-10-05 16:35:55 ----D---- C:\Windows\inf
    2008-10-05 16:35:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2008-10-04 11:45:36 ----D---- C:\Users\Mehdi\AppData\Roaming\FrostWire
    2008-10-01 21:11:30 ----D---- C:\Users\Mehdi\AppData\Roaming\Camfrog
    2008-09-30 14:29:34 ----SD---- C:\Users\Mehdi\AppData\Roaming\Microsoft
    2008-09-30 14:20:05 ----D---- C:\Windows\system32\catroot
    2008-09-29 21:09:24 ----RD---- C:\Users
    2008-09-29 21:09:24 ----RD---- \Users
    2008-09-29 21:09:02 ----HD---- C:\Windows\system32\GroupPolicy
    2008-09-28 12:37:00 ----DC---- C:\Windows\system32\DRVSTORE
    2008-09-28 12:33:23 ----D---- C:\Program Files\Common Files\Apple
    2008-09-10 17:26:17 ----D---- C:\Windows\winsxs
    2008-09-10 17:14:04 ----D---- C:\Windows\AppPatch
    2008-09-10 13:28:13 ----D---- C:\Program Files\Microsoft Works

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
    R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-07-18 75072]
    R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
    R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
    R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
    R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
    R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-30 52032]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-12 1747936]
    R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-05-01 7495968]
    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288]
    R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
    R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2007-01-16 983936]
    R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-02-07 1729152]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
    S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
    S3 akx4w7pr;akx4w7pr; C:\Windows\system32\drivers\akx4w7pr.sys []
    S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
    S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2008-01-18 93696]
    S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2008-01-18 93696]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
    S3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
    S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
    S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
    S3 RT25USBAP;Nintendo Wi-Fi USB Connector Service; C:\Windows\system32\DRIVERS\rt25usbap.sys [2007-07-03 162944]
    S3 SaiHF51A;SaiHF51A; C:\Windows\system32\DRIVERS\SaiHF51A.sys [2007-06-05 135048]
    S3 SaiUF51A;SaiUF51A; C:\Windows\system32\DRIVERS\SaiUF51A.sys [2007-06-05 28544]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
    S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
    S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
    S3 UMPass;Pilote Microsoft UMPass; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-18 7680]
    S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-07-22 32000]
    S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-18 73088]
    S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
    S3 vpnva;Cisco AnyConnect VPN Virtual Miniport Adapter for Windows; C:\Windows\system32\DRIVERS\vpnva.sys [2008-07-25 15360]
    S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
    S3 xnacc;Contrôleur XBOX 360 pour le service de pilote Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2008-01-18 521216]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-07-18 68865]
    R2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-15 149761]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-04-23 262243]
    R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-04-23 106593]
    R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-03-09 66872]
    R2 vpnagent;Cisco AnyConnect VPN Agent; C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2008-07-25 370872]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
    S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-22 87288]
    S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe []
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe [2008-01-18 24635]
    S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe [2008-01-18 5750784]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]

    -----------------EOF-----------------


    Faut-il que je recommence l'opération mais en désactivant Windows defender avant ?
    Merci d'avance.
    8 Octobre 2008 09:33:58

    Re,

    Citation :
    Faut-il que je recommence l'opération mais en désactivant Windows defender avant ?


    Non c'est bon ;) 

    ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://www.kaspersky.com/kos/eng/partner/default/kavweb...
  • Clique sur Accept
  • Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
  • clique une nouvelle fois sur "Accept"
  • Les bases de mises à jour vont s'installer, patiente un moment
  • Clique sur Next.
  • Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera. Et poste-moi le rapport que tu obtiens.

    Comment va le PC ? Toujours des problèmes ?

    ;) 
    8 Octobre 2008 21:24:35

    Voila l'analyse Kapersky:

    --------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER 7 REPORT
    Wednesday, October 8, 2008
    Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
    Kaspersky Online Scanner 7 version: 7.0.25.0
    Program database last update: Wednesday, October 08, 2008 16:01:37
    Records in database: 1299961
    --------------------------------------------------------------------------------

    Scan settings:
    Scan using the following database: extended
    Scan archives: yes
    Scan mail databases: yes

    Scan area - My Computer:
    C:\
    D:\
    E:\
    F:\

    Scan statistics:
    Files scanned: 168677
    Threat name: 1
    Infected objects: 1
    Suspicious objects: 0
    Duration of the scan: 03:13:49


    File name / Threat name / Threats count
    C:\Users\Mehdi\Documents\Installation logiciels\daemon4121-lite.exe Infected: not-a-virus:AdWare.Win32.Shopper.r 1

    The selected area was scanned.

    Apparement, y'a un adware dans l'installateur de Daemon °°
    Pourtant je l'ai téléchargé soit sur le site officiel de Daemon, soit sur 01net..
    J'attends tes directives avant d'agir.

    Sinon le PC va très bien, aucun problème visible à signaler. ^^
    9 Octobre 2008 16:03:30

    Citation :
    Apparement, y'a un adware dans l'installateur de Daemon °°
    Pourtant je l'ai téléchargé soit sur le site officiel de Daemon, soit sur 01net..
    J'attends tes directives avant d'agir.


    Nop, Kaspersky te signale juste que c'est un logiciel qui peut éventuellement présenter des failles, mais il n'est pas infecté.

    ***

    Re,

    Prévention :

    - Nettoyage des fichiers temporaires :

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    Aide : Comment utiliser CCleaner.


    Telecharge ATFcleaner sur ton Bureau.

  • Double-clique sur l'exécutable téléchargé.
  • Dans l'onglet Main, coche simplement la case Select All (toutes les cases vont se cocher) puis sur le bouton Empty Selected.
  • Si tu possèdes Firefox ou Opera comme navigateur, pense à choisir ton navigateur en haut a gauche avant de sélectionner Select All puis Empty Selected.
  • Puis réponds Non au message qui s'affiche, si tu ne souhaites pas perdre tes mots de passe.

    Aide : Comment utiliser AFTCleaner.

    -- Restauration Système :

    Désactive-Réactive la restauration système.

    Méthode XP :
    Clique sur Démarrer, fais un clique droit sur le Poste de travail puis clique sur Propiétés. Sélectionne l'onglet Restauration du Système.
    Dans cet onglet, coche la case Désactiver la Restauration du système sur tous les lecteurs.
    Un message de confirmation va apparaître. Clique sur Oui, puis OK. Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
    Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).

    Méthode Vista :
    Clique sur Démarrer, fais un clique droit sur Ordinateur, puis clique sur Propriétés. Clique à gauche sur Paramètres système avancés. Sélectionne l'onglet Protection du Système.
    Dans cet onglet, décoche (une par une) tes partitions, un message de confirmation va apparaître, clique sur Désactiver la protection du système, Clique sur Appliquer, puis OK.
    Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
    Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).

    Aide : Comment Désactiver-Réactiver la Restauration Système.

    --- Affichage normal des fichiers :

    Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
    - Décoche Afficher les fichiers et dossiers cachés
    - Coche Masquer les fichiers protégés du système d'exploitation (recommandé)
    clique sur Appliquer, puis OK.

    ---- Suppression des outils installés :

    Télécharge ToolsCleaner2 (de A.Rothstein)

  • Installe le sur ton Bureau.
  • Clique sur Recherche pour lancer le scan.
  • Clique sur Supprimer pour nettoyer les outils utilisés.
  • Clique sur Quitter.
  • Supprime maintenant ToolsCleaner.

    ----- Remise en place des protections, protection du système avec les Mises à Jour ! :

    Je t'invite maintenant à (ré)activer toutes tes protections résidentes (Antivirus, Antispyware, Firewall..).
    Tu dois avoir accès à tes protections dans la zone systray à côté de la barre des tâches. Si tu as des difficultés, n'hésite pas à me questionner !
    Si ce n'est pas fait, assure-toi que les Mises à jour Automatiques Windows soient activées !
    Mets tes Softwares correctement à jour (Java, Adobe, Flash ..) grâce à Sotware Inspector (chez Secunia)

    Un petit mot à propos de Java :

    Une fois la nouvelle version téléchargée, installe-la et fais redémarrer ton ordinateur.
    Hélas, les anciennes version de Java (qui contiennent des failles, donc dangereuses !) sont toujours présentes !
    C'est donc très important que tu désinstalles les anciennes versions de Java.

  • Va dans Démarrer, Panneau de Configuration, Ajout/Suppression de Programmes
  • Déinstalles toutes les versions de Java exceptée la plus récente.

    Aide : Comment utiliser Secunia Software Inspector.

    ------ Ton infection, tu la dénonces ? :

    Tu n'es pas obligé mais ce serait bien que tu rapportes ton infection sur Malware Complaints
  • Ton(tes) infection(s) : Rogue.
  • Si tu ne la trouves pas dans la liste, poste dans Autres infections.

    Aide : Comment dénoncer mon infection sur Malware Complaints.

    Ajoute maintenant [Résolu] au titre. Pour cela :
    * Clique, dans ton premier message, sur le bouton "Editer"
    * Rajoute la mention [Résolu] au titre
    * Clique ensuite sur "Valider votre message"

    Je t'invite maintenant à regarder ces dossiers très instructifs en terme de prévention !

    - Sécurité/Prévention
    - Conséquences de la multi-protection
    - Toolbars : Inutilité et ralentissements

    Bonne journée/soirée :) 

    9 Octobre 2008 20:57:12

    Merci beaucoup pour votre aide. ^^

    J'ai été surpris par la clarté de vos messages, vraiment bravo à toute l'équipe !

    J'ai encore quelques questions:
    -Pourrais tu m'expliquer ce qui m'est arrivé, ce que j'ai eu, et par quel moyen (si tu le connais) ?

    -Pourrais je remettre FileZilla et Frostwire ?
    Pour le premier logiciel, j'en ai besoin pour mon ftp; et pour le second, j'en ai besoin non pas pour prendre des trucs illégaux et probablement infectés, mais des animes.

    -Pour l'instant, j'ai Avira Antivir Personal (édition gratuite) et j'ai deux options que j'envisage:
    => Payer 20€ et passer en Premium
    =>Installer Kapersky internet suite que ma mère a acheté pour son ordi.

    Ce qui me gêne avec Kapersky, c'est que c'est encombrant.. J'aimerais quand même ton avis pour me décider. Merci. :p 

    Voila, c'est tout, merci encore. ^^
    10 Octobre 2008 20:31:25

    Bonsoir,

    De rien, ce fut un plaisir :super:

    Citation :
    -Pourrais tu m'expliquer ce qui m'est arrivé, ce que j'ai eu, et par quel moyen (si tu le connais) ?


    Visiblement tu as été infecté(e) par un faux emule.

    Citation :
    -Pourrais je remettre FileZilla et Frostwire ?
    Pour le premier logiciel, j'en ai besoin pour mon ftp; et pour le second, j'en ai besoin non pas pour prendre des trucs illégaux et probablement infectés, mais des animes.


    Autant pour moi j'ai confondu FileZilla avec un logiciel de p2p, mes excuses. Quant au deuxième, c'est à toi de voir ;) 

    Citation :
    -Pour l'instant, j'ai Avira Antivir Personal (édition gratuite) et j'ai deux options que j'envisage:
    => Payer 20€ et passer en Premium
    =>Installer Kapersky internet suite que ma mère a acheté pour son ordi.


    Pour ma part Antivir gratuit est amplement suffisant, mais si ta mère a une licence de Kaspersky disponible, vas-y pour Kaspersky. C'est l'un des meilleurs payants actuellement. Je te rappelle toutefois que la meilleure des protections, c'est toi et ton comportement sur la toile.

    Citation :
    Ce qui me gêne avec Kapersky, c'est que c'est encombrant.. J'aimerais quand même ton avis pour me décider. Merci. :p 


    Garde Antivir alors et si tu optes pour la version payante, c'est assurément un bon choix. A toi de voir je dirais.

    ;) 
    10 Octobre 2008 22:25:55

    Donc le crack de Flash n'y était pour rien en fait ?


    Merci des conseils, j'vais réfléchir pour mon futur antivirus.
    10 Octobre 2008 23:21:50

    Citation :
    Donc le crack de Flash n'y était pour rien en fait ?


    Si si, ça doit être la source de l'infection ;) 
    13 Octobre 2008 17:29:22

    Ok. ^^

    Merci à toi pour tout. ^^
    13 Octobre 2008 22:29:36

    Re,

    De rien ce fut un plaisir !

    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Bonne continuation :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS