Bonjour,

Sur ton rapport pas beaucoup d'information pour l'exploiter, ceci dit tu peux effectuer ceci car tu as certaine chose a supprimer.

1/

* Télécharge Toolbar-S&D d'Eric71, AngelDark, Sham_Rock et XmichouX sur ton Bureau,
http://eric.71.mespages.googlepages.com/ToolBarSD.exe

* Double-clique sur Toolbar-S&D afin de lancer l'installation, un raccourci sera ajouté sur le Bureau.
* Double-clique dessus pour démarrer l'outil; choisis la langue.
* Sous Vista, faire un clic droit et "Exécuter en tant qu'administrateur" (Elévation des privilèges), puis -> Continuer.
* Tape 1 puis sur la touche [Entrée] afin de lancer la recherche.
* Patiente jusqu'à la fin de la recherche.
* À la fin du scan, le rapport s'ouvrira dans le Bloc-notes.
* Poste ce rapport, par copier/coller, dans ta prochaine réponse.
* Le rapport se trouve également sous : C:\TB.txt


2/

* Télécharge Random's System Information Tool (RSIT) de Random / Random et sauvegarde-le sur ton Bureau,
http://images.malwareremoval.com/random/RSIT.exe

* Double-clique sur RSIT.exe pour lancer le programme,
* Clique sur continuer sur l'écran Disclaimer,
* Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
* Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

Voici mes téléchargements:
je te remercie beaucoup pour l'aide que tu m'apportes.


-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 03/26/04 18:28:55 Ver: 08.00.09
USER : Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1356 [VPS 091114-0] 4.8.1356 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:34 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 14.11.2009|20:15 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Start page"="http://google.fr"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkID=44406"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68929"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 14.11.2009|20:16 - Option : [1]

-----------\\ Fin du rapport a 20:16:48.73


info.txt logfile of random's system information tool 1.06 2009-11-14 20:18:35

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22EB2FA7-1BA0-4FFB-972F-353EC6ABA9D5}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x40c /cont /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x40c /removeonly -removeonly
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop Elements 2.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.dll"
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManager\unins000.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B9B9863A-32FD-4133-ADB7-46244ED77694} /l1036
Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{F37942A8-B21B-4C5A-A1D2-B676BF55EAE0}
Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2F81FBFC-9A37-431F-9050-14B55485DF5A}
Canon iP4200-->C:\WINDOWS\system32\CNMCP78.exe "-PRINTERNAMECanon iP4200" "-HELPERDLLC:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmis.dll" "-RCDLLcnmi040c.dll"
Canon MovieEdit Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DE286975-ACF1-45B8-9EF7-34E162B2C817}
Canon PhotoRecord-->MsiExec.exe /X{BEF56F2D-56ED-4176-BF72-7B68D4A3B98D}
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{9518F764-C54D-47B2-9E73-154B21E79FD2}
Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2C164906-E68F-462A-9010-70DD022223EF}
Canon Setup Utility 2.0-->"C:\Program Files\Canon\Canon Setup Utility 2.0\Maint.exe" /Uninstall C:\Program Files\Canon\Canon Setup Utility 2.0\uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}
Canon Utilities ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
Diaporama Studio-->C:\PROGRA~1\MICROA~1\DIAPOR~1\UNWISE.EXE C:\PROGRA~1\MICROA~1\DIAPOR~1\INSTALL.LOG
DriverAgent by TouchStone Software-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove
FixMessenger-->C:\Program Files\FixMessenger\uninstall.exe
Free FLV Converter V 6.7.4-->"C:\Program Files\Free FLV Converter\unins000.exe"
Free Ipod Video Converter V 2.6-->"C:\Program Files\Free iPod Video Converter\unins000.exe"
Free Mp3 Wma Converter V 1.8.0-->"C:\Program Files\Free Audio Pack\unins000.exe"
Hemera Products-->C:\PROGRA~1\HEMERA~1\UNWISE.EXE C:\PROGRA~1\HEMERA~1\INSTALL.LOG
HijackThis 2.0.2-->"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis[1].zip\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Photo and Imaging 1.0 - Scanjet 3500c Series-->MsiExec.exe /I{B8E952E3-A823-443A-8493-39A0CCE0E3EB}
Indicateur d'état Bluewin Firewall 1.2-->"C:\Program Files\Bluewin\Firewall\unins001.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Jasc Animation Shop 3-->MsiExec.exe /I{7C4196CA-CA41-4F34-9C08-7724E7705D52}
Jasc Paint Shop Pro 9.01 Patch-->C:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~1\INSTALL.LOG
Jasc Paint Shop Pro 9-->MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
JuraTax 2006-->"C:\Program Files\JuraTax2006\UninstallerData\Uninstall JuraTax 2006.exe"
JuraTax2005-->"C:\Program Files\JuraTax2005\UninstallerData\Uninstall JuraTax2005.exe"
JuraTax2007-->"C:\Program Files\JuraTax2007\UninstallerData\Uninstall JuraTax2007.exe"
JuraTax2008-->"C:\Program Files\JuraTax2008\UninstallerData\Uninstall JuraTax2008.exe"
king.com (remove only)-->"C:\WINDOWS\king-uninstall.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Ma-Config.com-->MsiExec.exe /X{D1874C3B-A0A5-446F-B76C-5265F11D8A1A}
MediaBar-->C:\WINDOWS\Downloaded Program Files\MusicManagerUnInstaller.exe "C:\WINDOWS\Downloaded Program Files\MusicManagerPlugin.ocx" "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}"
MenaceControle 2.1.355.10-->"C:\Program Files\MenaceControle\unins000.exe"
Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Basic Edition 2003-->MsiExec.exe /I{9113040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Multi Virus Cleaner 2009-->"C:\Program Files\AxBx\Multi Virus Cleaner 2009\unins000.exe"
Nero 7 Essentials-->MsiExec.exe /I{C4A0C307-053A-4335-8B28-60E901DB1036}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Picture Package Music Transfer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}\setup.exe" -l0x40c /removeonly -removeonly
Quick Help 2.0-->C:\Program Files\QuickHelp2\unQuickHelp.exe
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Registry Mechanic 9.0-->"C:\Program Files\Registry Mechanic\unins000.exe" /Log
Safari-->MsiExec.exe /I{E56D39F8-2A9F-44B4-B068-A72E45A073E6}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sony Picture Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x40c /removeonly uninstall -removeonly
Sony USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" -l0x40c UNINSTALL -removeonly
Symantec Technical Support Web Controls-->MsiExec.exe /X{20C53FA2-4307-4671-A93F-9463B29DFCF1}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
VirtualDubMOD 1.5.10.3 Fr-->"C:\Program Files\VirtualDubMOD\unins000.exe"
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

======Security center information======

AV: avast! antivirus 4.8.1356 [VPS 091114-0]
FW: Norton Internet Worm Protection (disabled)

======System event log======

Computer Name: FOLETTI
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 209355
Source Name: Service Control Manager
Time Written: 20091107210304.000000+060
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 209352
Source Name: Service Control Manager
Time Written: 20091107210304.000000+060
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 209349
Source Name: Service Control Manager
Time Written: 20091107210304.000000+060
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 209346
Source Name: Service Control Manager
Time Written: 20091107210304.000000+060
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 209343
Source Name: Service Control Manager
Time Written: 20091107210304.000000+060
Event Type: error
User:

=====Application event log=====

Computer Name: FOLETTI
Event Code: 1002
Message: Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 6823
Source Name: Application Hang
Time Written: 20090912175949.000000+120
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 1001
Message: Détecteur d'erreurs 827627218.

Record Number: 6781
Source Name: Application Hang
Time Written: 20090911094333.000000+120
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 1002
Message: Application bloquée OUTLOOK.EXE, version 11.0.8217.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 6780
Source Name: Application Hang
Time Written: 20090911094323.000000+120
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 1002
Message: Application bloquée OUTLOOK.EXE, version 11.0.8217.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 6779
Source Name: Application Hang
Time Written: 20090911091213.000000+120
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 1002
Message: Application bloquée OUTLOOK.EXE, version 11.0.8217.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 6778
Source Name: Application Hang
Time Written: 20090911091212.000000+120
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Sonic\MyDVD;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0303
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------



Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-11-14 20:18:09
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 36 GB (47%) free of 76 GB
Total RAM: 511 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:18:31, on 14.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\QuickHelp2\QuickHelp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Bluewin\Firewall\fwstatus.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\05TE60KB\RSIT[1].exe
C:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {6A87B991-A31F-4130-AE72-6D0C294BF082} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [QuickHelp2_McciTrayApp] C:\Program Files\QuickHelp2\QuickHelp.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [fwstatus.exe] C:\Program Files\Bluewin\Firewall\fwstatus.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.jeuxjeuxjeux.fr/jeu/rotation/topsy+turvy.html"
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://uskaya.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://uskaya.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe
O24 - Desktop Component 1: capucine - http://capucinette.blogspot.com/
End of file - 10847 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\Registry Winner Schedule.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-29 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-09-15 81000]
"NWEReboot"= []
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"QuickHelp2_McciTrayApp"=C:\Program Files\QuickHelp2\QuickHelp.exe [2007-11-01 1474048]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-01-06 335872]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 217088]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 458752]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RegistryMechanic"=C:\Program Files\Registry Mechanic\RegMech.exe [2009-10-14 3217368]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-03-30 68856]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-01-18 196608]
"fwstatus.exe"=C:\Program Files\Bluewin\Firewall\fwstatus.exe [2005-04-04 49152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE [2008-11-04 460216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErreurChasseur]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Salestart]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shockwave Updater]
C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE [2008-11-04 460216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThreatFire]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uga6pcw]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ugescw]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\Adobe Gamma Loader.exe [2002-08-16 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~1\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Outil de détection de support Picture Motion Browser.lnk]
C:\PROGRA~1\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-01-15 344064]

C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-01-06 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Documents and Settings\Propriétaire\Mes documents\incredimail_install.exe"="C:\Documents and Settings\Propriétaire\Mes documents\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\MySpace\IM\MySpaceIM.exe"="C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM"
"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Disabled:Outil de diagnostic Microsoft DirectX"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-11-14 20:18:09 ----D---- C:\rsit
2009-11-14 20:14:57 ----A---- C:\TB.txt
2009-11-14 20:13:30 ----D---- C:\ToolBar SD
2009-11-12 16:31:13 ----D---- C:\Documents and Settings\Propriétaire\Application Data\FreeFLVConverter
2009-11-12 10:10:27 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-11-11 09:14:35 ----D---- C:\Program Files\iPod
2009-11-10 00:31:59 ----D---- C:\WINDOWS\ie8updates
2009-11-10 00:25:22 ----HDC---- C:\WINDOWS\ie8
2009-11-09 20:59:03 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Windows Search
2009-11-09 20:45:42 ----HDC---- C:\WINDOWS\ie7
2009-11-09 20:11:04 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-11-09 20:11:04 ----D---- C:\Program Files\Windows Desktop Search
2009-11-08 23:06:00 ----D---- C:\Program Files\Connection Wizard
2009-11-08 19:53:43 ----D---- C:\Program Files\Nero
2009-11-08 16:02:17 ----D---- C:\Program Files\Mozilla Firefox
2009-11-08 00:56:40 ----A---- C:\WINDOWS\000001_.tmp
2009-11-07 23:18:27 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-11-07 23:18:24 ----D---- C:\Program Files\Alwil Software
2009-11-07 19:35:51 ----D---- C:\WINDOWS\$hf_mig$
2009-11-07 18:20:37 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-11-07 18:20:35 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-11-07 16:19:36 ----D---- C:\WINDOWS\ie7updates
2009-11-04 08:49:23 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-04 08:49:23 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-04 08:49:23 ----A---- C:\WINDOWS\system32\java.exe
2009-11-02 12:44:13 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Sony Corporation
2009-11-02 12:37:18 ----D---- C:\Drivers
2009-11-02 12:37:18 ----A---- C:\WINDOWS\system32\SONYHCY.DLL
2009-11-02 12:34:50 ----A---- C:\WINDOWS\system32\vxblock.dll
2009-11-02 12:34:50 ----A---- C:\WINDOWS\system32\PxInsI64.exe
2009-11-02 12:34:50 ----A---- C:\WINDOWS\system32\PxInsA64.exe
2009-11-02 12:34:50 ----A---- C:\WINDOWS\system32\pxhpinst.exe
2009-11-02 12:34:50 ----A---- C:\WINDOWS\system32\PxCpyI64.exe
2009-11-02 12:34:50 ----A---- C:\WINDOWS\system32\PxCpyA64.exe
2009-11-02 12:32:08 ----D---- C:\Program Files\Sony
2009-10-31 09:27:11 ----D---- C:\Program Files\Microsoft
2009-10-31 09:26:53 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-31 08:59:56 ----D---- C:\Program Files\Registry Mechanic
2009-10-22 10:50:41 ----A---- C:\WINDOWS\_delis32.ini
2009-10-18 20:37:23 ----D---- C:\Documents and Settings\Propriétaire\Application Data\QUAD Backups
2009-10-18 14:53:20 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Registry Mechanic
2009-10-18 13:38:59 ----D---- C:\Program Files\Registry Winner

======List of files/folders modified in the last 1 months======

2009-11-14 20:07:59 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-11-14 19:59:33 ----D---- C:\WINDOWS\Temp
2009-11-14 19:57:31 ----SD---- C:\WINDOWS\Tasks
2009-11-14 18:56:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-14 17:37:14 ----D---- C:\Program Files
2009-11-14 17:37:13 ----AD---- C:\WINDOWS\system32
2009-11-14 15:35:06 ----ASH---- C:\boot.ini
2009-11-14 15:35:06 ----A---- C:\WINDOWS\win.ini
2009-11-14 15:35:06 ----A---- C:\WINDOWS\system.ini
2009-11-14 15:13:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-11-14 15:09:49 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-11-14 15:08:15 ----D---- C:\WINDOWS\system32\drivers
2009-11-14 15:08:09 ----D---- C:\WINDOWS
2009-11-14 14:35:33 ----SHD---- C:\WINDOWS\Installer
2009-11-14 14:35:32 ----D---- C:\Config.Msi
2009-11-14 14:35:29 ----D---- C:\WINDOWS\WinSxS
2009-11-14 14:18:20 ----D---- C:\WINDOWS\Debug
2009-11-14 09:19:32 ----D---- C:\WINDOWS\Help
2009-11-13 14:10:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-13 12:08:41 ----HD---- C:\WINDOWS\inf
2009-11-13 12:08:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-13 11:47:28 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-11-13 11:44:40 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-11-13 11:42:54 ----D---- C:\Program Files\Adobe
2009-11-13 11:36:23 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-13 08:38:01 ----D---- C:\WINDOWS\system32\wbem
2009-11-13 08:37:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-12 18:13:52 ----D---- C:\Program Files\Free iPod Video Converter
2009-11-12 17:04:48 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-12 16:31:20 ----D---- C:\Program Files\Free FLV Converter
2009-11-12 10:12:13 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-12 10:09:40 ----D---- C:\Program Files\Windows Media Player
2009-11-11 14:50:34 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-11-11 09:16:09 ----D---- C:\Program Files\iTunes
2009-11-11 09:14:34 ----D---- C:\Program Files\Fichiers communs\Apple
2009-11-10 00:35:14 ----D---- C:\WINDOWS\Media
2009-11-10 00:35:14 ----D---- C:\Program Files\Internet Explorer
2009-11-10 00:25:22 ----D---- C:\WINDOWS\system32\fr-fr
2009-11-09 20:11:32 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-11-09 19:11:38 ----D---- C:\WINDOWS\Microsoft.NET
2009-11-09 18:03:49 ----RSD---- C:\WINDOWS\assembly
2009-11-09 17:57:24 ----D---- C:\WINDOWS\system32\XPSViewer
2009-11-09 17:57:23 ----RSD---- C:\WINDOWS\Fonts
2009-11-08 22:22:56 ----A---- C:\WINDOWS\ascd_tmp.ini
2009-11-08 20:01:01 ----SD---- C:\Documents and Settings\Propriétaire\Application Data\Microsoft
2009-11-08 19:53:45 ----D---- C:\Program Files\Fichiers communs\Ahead
2009-11-08 17:12:57 ----D---- C:\WINDOWS\pss
2009-11-08 16:24:31 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-11-08 15:51:09 ----D---- C:\Program Files\Google
2009-11-08 02:06:56 ----D---- C:\Program Files\Messenger
2009-11-08 01:17:49 ----D---- C:\WINDOWS\security
2009-11-08 01:07:15 ----D---- C:\WINDOWS\system32\oobe
2009-11-08 00:54:09 ----D---- C:\WINDOWS\EHome
2009-11-07 20:35:38 ----D---- C:\WINDOWS\system32\1031
2009-11-07 20:32:06 ----D---- C:\WINDOWS\system32\LogFiles
2009-11-07 18:18:29 ----D---- C:\WINDOWS\system32\mui
2009-11-07 16:01:22 ----D---- C:\Documents and Settings
2009-11-06 10:56:59 ----A---- C:\WINDOWS\hpqcopy.INI
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-04 08:49:19 ----D---- C:\Program Files\Java
2009-10-31 09:26:06 ----D---- C:\Program Files\Windows Live
2009-10-22 10:56:12 ----D---- C:\Program Files\Fichiers communs\Logitech
2009-10-22 10:55:50 ----D---- C:\WINDOWS\twain_32
2009-10-22 10:49:42 ----D---- C:\Program Files\printmyphotobook
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-09-15 27408]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-29 82380]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-09-15 52368]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-09-15 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-01-06 647680]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2005-03-01 392704]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-28 220992]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WLAN_DCB;IEEE 802.11g Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\WLANDCB.sys [2003-07-16 56320]
R3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\yukonx86.sys [2003-12-22 176256]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2009-07-10 63360]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; C:\WINDOWS\system32\drivers\EraserUtilRebootDrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-07-10 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-07-10 25512]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-14 88960]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\FICHIE~1\Motive\MREMP50.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\FICHIE~1\Motive\MRESP50.SYS []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys []
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TfNetMon;TfNetMon; \??\C:\WINDOWS\system32\drivers\TfNetMon.sys []
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-24 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-11 57344]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 McciCMService;McciCMService; C:\Program Files\Fichiers communs\Motive\McciCMService.exe [2007-11-08 303104]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PCToolsS

Très bien

1/

* Désactive ton antivirus, ton antipsyware résidant (spybot par exemple) durant la phase de nettoyage. Voir ici. http://forum.pcastuces.com/desactiver_les_protections_reside­ntes-f31s4.htm
* Double clique sur le raccourci de Toolbar-S&D présent sur ton bureau. Sous Vista : clic droit -> Exécuter en tant qu'administrateur.
* Au menu principal, choisis l'option 2 et valide par la touche [Entrée].

/!\ Ne ferme pas la fenêtre lors de la suppression /!\

* Un rapport sera généré. Poste ce rapport avec un nouveau rapport Hijackthis.

Note : Pour les utilisateurs de Vista, ToolBar-SD se charge de désactiver le "Contrôle des comptes utilisateurs" (UAC), il va redémarrer l'ordinateur et réactiver l'UAC.



2/

* Télécharge et installe Malwarebyte's Anti-Malware,
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

* A la fin de l'installation, veille à ce que l'option Mettre à jour Malwarebytes' Anti-Malware soit cochée.
* Clique sur "Terminer".
* Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur le bureau.
* Au premier lancement, une fenêtre t'annonce que la version est Free. Clique alors sur ok.
* Laisse les Mises à jour se télécharger.
* Lance Malwarebyte's Anti-Malware.
* Choisis ceci Onglet "Recherche". Coche Exécuter un examen complet puis Rechercher.
* Sélectionne ton disque dur et clique clic sur "lancer l'examen".
* A la fin du scan, clique sur Afficher les résultats.
* Suppression des éléments détectés : Clique sur Supprimer la sélection.
* Si un redémarrage est demandé, clique sur "Yes".
* Un rapport de scan s'ouvre, poste le rapport.
* Pour t'aider, tu as un très bon tuto ici.

3/

* Télécharger smitfraudfix (de S!Ri) sur le bureau.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

* Clique sur smitfraudfix.exe
* Choisis l'option 1 et colle dans ta réponse le rapport généré par smitfraudfix. Ce rapport se trouve dans la fenêtre du bloc-note qui s’ouvre.
* Ferme l'application en tapant sur la touche Q.

C'est fait, j'espère que j'ai fais tout juste.

1) j'ai désactivé mon antivirus et choisis l'option 2 de Toolbar-S&D



-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 03/26/04 18:28:55 Ver: 08.00.09
USER : Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1356 [VPS 091114-0] 4.8.1356 (Not Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:34 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 14.11.2009|21:24 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Start page"="http://google.fr"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkID=44406"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68929"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.msn.com/"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 14.11.2009|20:16 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 14.11.2009|21:26 - Option : [2]

-----------\\ Fin du rapport a 21:26:00.92



2) J'ai téléchargé et installé Malwarebyte's
Après plus de 3 h de recherche il ma trouvé 26 infections, que j'ai supprimées.
Voici le rapport:

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3172
Windows 5.1.2600 Service Pack 3

15.11.2009 00:33:17
mbam-log-2009-11-15 (00-33-17).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 223921
Temps écoulé: 3 hour(s), 1 minute(s), 43 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 12
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 5

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7aa32fc7-133b-4ae7-998e-ced0d9829b12} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c24d7016-d00f-41ef-9781-984b6b5ff38f} (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ec88fcd0-2ed5-4d65-9b4c-71d146b43a2e} (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e532cfb1-5edd-4663-8c22-bcd67b5e5bd4} (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{497dddb6-6eee-4561-9621-b77dc82c1f84} (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4e980492-027b-47f1-a7ab-ab086dacbb9e} (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5ead8321-fcbb-4c3f-888c-ac373d366c3f} (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{31f3cf6e-a71a-4daa-852b-39ac230940b4} (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QUAD Registry Cleaner v2 (Adware.QUADRegClean) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorFrNE (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ugescw (Rogue.BugsDestroyer) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\ConTest.dll (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\SysRestore.dll (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Products\compname (Rogue.PCVirusless) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Products\prodname (Rogue.PCVirusless) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Products\rdomain (Rogue.PCVirusless) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\Frag great bend logo (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\AVP 2009 (Malware.Trace) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\System Volume Information\_restore{CAB47AD1-4C4D-46D0-BB0D-9A01C24D3AF1}\RP812\A0655472.exe (Rogue.AntivirusDoktor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CAB47AD1-4C4D-46D0-BB0D-9A01C24D3AF1}\RP848\A0660610.exe (Rogue.AntivirusDoktor) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ConTest.dll (Rogue.Ascentive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysRestore.dll (Rogue.Ascentive) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\AVP 2009\1.dat (Malware.Trace) -> Quarantined and deleted successfully.

3) J'ai téléchargé smitfraudfix, voila le résultat:
SmitFraudFix v2.424

Rapport fait à 0:48:53.53, 15.11.2009
Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\QuickHelp2\QuickHelp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Bluewin\Firewall\fwstatus.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Propriétaire\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="http://capucinette.blogspot.com/"
"SubscribedURL"="http://capucinette.blogspot.com/"
"FriendlyName"="capucine"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""




»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: IEEE 802.11g Wireless LAN Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{CF1BFD96-D8DA-4EE8-B42C-947A79D63EA3}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CF1BFD96-D8DA-4EE8-B42C-947A79D63EA3}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{CF1BFD96-D8DA-4EE8-B42C-947A79D63EA3}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CF1BFD96-D8DA-4EE8-B42C-947A79D63EA3}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Salut :)

On continue le nettoyage.

1/

Télécharge OTM (de Old_Timer) sur ton Bureau,
http://oldtimer.geekstogo.com/OTM.exe

* Double-clique sur OTM.exe pour lancer le programme,
* Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste Instructions for Items to be Moved" :

:Processes
explorer.exe 

:Services

:Reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErreurChasseur] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uga6pcw] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ugescw]

:Files
C:\Program Files\Registry Winner 
C:\WINDOWS\tasks\Registry Winner Schedule.job 
C:\Program Files\Fichiers communs\BOONTY Shared
C:\WINDOWS\_delis32.ini   
C:\Program Files\Bonjour    

:Commands
[purity] 
[emptytemp] 
[start explorer]
[Reboot] 

Salut;
ca y est j'ai fais ce que tu m'as dit.


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 03/26/04 18:28:55 Ver: 08.00.09
USER : Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1356 [VPS 091115-0] 4.8.1356 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:35 Go)
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 15.11.2009|12:23 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@advertising[2].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\settings blue film frag
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1


[08.11.2009|16:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[18.03.2009|15:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[13.09.2009|10:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[12.04.2009|08:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[13.11.2009|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[03.04.2009|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[28.09.2007|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[28.09.2007|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06.09.2009|22:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[24.10.2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
[28.09.2008|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[13.01.2006|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[05.04.2009|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ColorMailer Photo Books
[03.09.2004|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[08.11.2009|16:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[14.11.2009|15:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[19.12.2008|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[26.09.2009|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hps
[29.04.2005|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[04.06.2008|08:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[14.11.2009|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[06.09.2007|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[09.11.2009|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19.12.2008|09:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[04.09.2004|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[09.08.2009|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
[25.10.2008|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap
[09.10.2009|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15.11.2009|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[25.09.2008|07:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio
[21.03.2006|09:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[26.07.2007|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[25.02.2008|09:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[08.11.2009|16:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[08.10.2008|17:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[20.01.2007|12:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[09.11.2009|20:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[06.08.2008|19:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05.09.2004|11:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[19.02.2008|15:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[15.08.2006|18:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[30.03.2007|16:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[13.09.2009|10:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
[06.09.2009|22:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVS4YOU
[11.09.2004|16:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Brother
[05.08.2009|12:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Desktop Maestro
[19.11.2004|00:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[13.01.2006|16:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
[12.11.2009|18:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\FreeFLVConverter
[28.12.2008|09:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\GetRightToGo
[19.12.2008|08:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\GlarySoft
[14.10.2006|08:45] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[03.09.2004|10:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[03.11.2004|17:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Hemera
[03.10.2008|13:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[06.03.2008|20:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\IEPro
[13.01.2009|08:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[28.09.2008|12:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\iWin
[29.04.2005|15:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Jasc
[19.08.2005|17:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Jasc Software Inc
[15.06.2007|10:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech
[04.11.2004|23:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[14.11.2009|21:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[25.02.2008|09:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\Micro Application
[08.11.2009|20:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[23.02.2008|12:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\MiniDm
[09.02.2008|10:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\Motive
[04.03.2005|17:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
[11.09.2008|12:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\MySpace
[30.12.2007|09:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nero
[26.09.2009|16:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Notepad++
[03.01.2007|08:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\OfficeUpdate12
[19.10.2009|22:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\QUAD Backups
[28.09.2008|11:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[06.09.2009|22:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Regensoft
[18.10.2009|14:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Registry Mechanic
[03.09.2004|10:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
[02.11.2009|12:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Corporation
[13.03.2005|10:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[20.12.2008|13:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\U3
[08.11.2005|17:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\VERITAS
[29.04.2007|15:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\WholeSecurity
[09.11.2009|20:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Search
[19.06.2007|11:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\WinRAR
[01.04.2005|05:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Yahoo! Messenger
[02.10.2008|08:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Zylom

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[15.11.2009 12:02][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[27.05.2009 13:26][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15.11.2009 12:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24.04.2003 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[04.06.2008|09:14] C:\Program Files\AD1888_5410_WHQL
[13.11.2009|11:42] C:\Program Files\Adobe
[07.11.2009|23:18] C:\Program Files\Alwil Software
[03.09.2004|10:16] C:\Program Files\Analog Devices
[07.08.2008|20:46] C:\Program Files\Apple Software Update
[13.01.2009|08:26] C:\Program Files\Ascentive
[09.11.2007|11:22] C:\Program Files\ATI Technologies
[05.08.2008|07:09] C:\Program Files\AviSynth 2.5
[06.09.2009|23:03] C:\Program Files\AVS4YOU
[04.07.2009|10:24] C:\Program Files\AxBx
[09.02.2008|12:09] C:\Program Files\Bluewin
[26.10.2008|15:17] C:\Program Files\Boonty
[26.10.2008|15:18] C:\Program Files\BoontyGames
[06.03.2005|11:27] C:\Program Files\BUBO
[13.01.2006|16:29] C:\Program Files\Canon
[11.09.2008|13:16] C:\Program Files\CCleaner
[09.02.2008|10:39] C:\Program Files\Common Files
[03.09.2004|10:59] C:\Program Files\ComPlus Applications
[08.11.2009|23:06] C:\Program Files\Connection Wizard
[06.09.2009|23:13] C:\Program Files\Cucusoft
[03.09.2004|10:28] C:\Program Files\CyberLink
[06.08.2009|07:39] C:\Program Files\Desktop Maestro
[19.12.2008|23:40] C:\Program Files\Effaceur
[19.12.2008|20:01] C:\Program Files\Enigma Software Group
[15.11.2009|11:58] C:\Program Files\Fichiers communs
[02.03.2007|12:56] C:\Program Files\FixMessenger
[27.12.2008|13:23] C:\Program Files\Free Audio Pack
[12.11.2009|16:31] C:\Program Files\Free FLV Converter
[12.11.2009|18:13] C:\Program Files\Free iPod Video Converter
[08.11.2009|15:51] C:\Program Files\Google
[19.12.2008|21:50] C:\Program Files\Grisoft
[28.07.2007|20:11] C:\Program Files\Hemera Products
[29.07.2007|18:34] C:\Program Files\Hewlett-Packard
[13.01.2009|08:21] C:\Program Files\InstallShield Installation Information
[03.09.2004|10:15] C:\Program Files\Intel
[10.11.2009|00:35] C:\Program Files\Internet Explorer
[11.11.2009|09:14] C:\Program Files\iPod
[11.11.2009|09:16] C:\Program Files\iTunes
[29.04.2005|15:33] C:\Program Files\Jasc Software Inc
[04.11.2009|08:49] C:\Program Files\Java
[06.03.2005|11:22] C:\Program Files\JuraTax2004
[28.07.2007|20:11] C:\Program Files\JuraTax2005
[19.12.2008|08:10] C:\Program Files\JuraTax2006
[05.08.2008|18:20] C:\Program Files\JuraTax2007
[25.02.2009|14:37] C:\Program Files\JuraTax2008
[13.01.2006|16:53] C:\Program Files\Logitech
[04.06.2008|08:51] C:\Program Files\ma-config.com
[14.11.2009|21:28] C:\Program Files\Malwarebytes' Anti-Malware
[07.08.2008|15:33] C:\Program Files\MediaCoder
[19.12.2008|23:36] C:\Program Files\MenaceControle
[08.11.2009|02:06] C:\Program Files\Messenger
[16.07.2009|07:22] C:\Program Files\Messenger Plus! Live
[02.03.2007|09:42] C:\Program Files\MessengerPlus! 3
[28.12.2008|08:13] C:\Program Files\Micro Application
[31.10.2009|09:27] C:\Program Files\Microsoft
[27.05.2007|07:50] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[22.07.2006|12:30] C:\Program Files\microsoft frontpage
[22.07.2006|13:31] C:\Program Files\Microsoft FrontPage Express
[27.12.2008|10:27] C:\Program Files\Microsoft Office
[16.07.2008|10:01] C:\Program Files\Microsoft Visual Studio
[16.07.2008|10:03] C:\Program Files\Microsoft Works
[11.09.2008|11:35] C:\Program Files\Movie Maker
[10.11.2009|07:41] C:\Program Files\Mozilla Firefox
[15.08.2009|09:02] C:\Program Files\MSBuild
[27.12.2008|09:31] C:\Program Files\MSECache
[06.03.2005|11:18] C:\Program Files\MSN
[06.03.2005|11:26] C:\Program Files\MSN Apps
[03.09.2004|10:58] C:\Program Files\MSN Gaming Zone
[06.03.2005|11:17] C:\Program Files\MSN Messenger(2)
[02.07.2006|16:44] C:\Program Files\MsoSetup
[11.09.2008|12:39] C:\Program Files\MySpace
[08.11.2009|19:53] C:\Program Files\Nero
[11.09.2008|11:48] C:\Program Files\NetMeeting
[26.09.2009|16:14] C:\Program Files\Notepad++
[13.08.2009|08:00] C:\Program Files\Outlook Express
[26.09.2008|19:21] C:\Program Files\Photo Frame Genius
[22.10.2009|10:49] C:\Program Files\printmyphotobook
[01.01.2002|05:37] C:\Program Files\QUAD Utilities
[09.02.2008|10:39] C:\Program Files\QuickHelp2
[13.09.2009|10:09] C:\Program Files\QuickTime
[04.10.2008|14:06] C:\Program Files\RealArcade
[15.08.2009|09:02] C:\Program Files\Reference Assemblies
[01.10.2008|08:29] C:\Program Files\ReflexiveArcade
[06.09.2009|22:05] C:\Program Files\Regensoft
[09.11.2009|23:39] C:\Program Files\Registry Mechanic
[07.09.2009|10:49] C:\Program Files\Safari
[03.09.2004|11:01] C:\Program Files\Services en ligne
[04.07.2009|10:45] C:\Program Files\SmileBook
[02.11.2009|12:32] C:\Program Files\Sony
[30.12.2004|14:30] C:\Program Files\Uninstall Information
[21.01.2007|14:26] C:\Program Files\Unlocker
[30.10.2008|09:33] C:\Program Files\VirtualDubMOD
[28.10.2008|15:25] C:\Program Files\VirtualDubMod_1_5_10_2_All_inclusive
[09.11.2009|22:28] C:\Program Files\Windows Desktop Search
[31.10.2009|09:26] C:\Program Files\Windows Live
[31.10.2009|09:26] C:\Program Files\Windows Live SkyDrive
[03.06.2008|18:35] C:\Program Files\Windows Media Connect 2
[12.11.2009|10:09] C:\Program Files\Windows Media Player
[11.09.2008|11:36] C:\Program Files\Windows NT
[16.07.2006|07:59] C:\Program Files\WindowsUpdate
[24.06.2007|07:23] C:\Program Files\WinRAR
[03.09.2004|11:03] C:\Program Files\xerox
[01.04.2005|11:46] C:\Program Files\Yahoo!
[31.01.2005|12:40] C:\Program Files\Zero G Registry

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[13.11.2009|11:44] C:\Program Files\Fichiers communs\Adobe
[08.11.2009|19:53] C:\Program Files\Fichiers communs\Ahead
[11.11.2009|09:14] C:\Program Files\Fichiers communs\Apple
[06.09.2009|23:02] C:\Program Files\Fichiers communs\AVSMedia
[16.07.2008|10:01] C:\Program Files\Fichiers communs\DESIGNER
[13.01.2006|16:53] C:\Program Files\Fichiers communs\FotoWire
[03.09.2004|13:56] C:\Program Files\Fichiers communs\Hewlett-Packard
[09.10.2005|18:06] C:\Program Files\Fichiers communs\InstallShield
[19.08.2005|17:08] C:\Program Files\Fichiers communs\Jasc Software Inc
[01.04.2005|05:26] C:\Program Files\Fichiers communs\Java
[22.10.2009|10:56] C:\Program Files\Fichiers communs\Logitech
[19.12.2008|23:36] C:\Program Files\Fichiers communs\MenaceControle
[05.03.2009|13:40] C:\Program Files\Fichiers communs\Microsoft Shared
[09.02.2008|10:38] C:\Program Files\Fichiers communs\Motive
[03.09.2004|11:00] C:\Program Files\Fichiers communs\MSSoap
[03.09.2004|16:51] C:\Program Files\Fichiers communs\ODBC
[14.11.2009|15:09] C:\Program Files\Fichiers communs\PC Tools
[28.09.2008|11:38] C:\Program Files\Fichiers communs\Real
[03.09.2004|11:00] C:\Program Files\Fichiers communs\Services
[30.12.2007|09:00] C:\Program Files\Fichiers communs\Simple Star Shared
[03.09.2004|16:51] C:\Program Files\Fichiers communs\SpeechEngines
[09.10.2009|12:13] C:\Program Files\Fichiers communs\Symantec Shared
[11.09.2008|11:36] C:\Program Files\Fichiers communs\System
[07.03.2009|07:51] C:\Program Files\Fichiers communs\Windows Live
[25.02.2008|09:28] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 49 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-15 12:26:38
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:4][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:137][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:97][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 15.11.2009|12:29 - Option : [2]

--------------------\\ Fin du rapport a 12:29:09

Ok

As tu fait aussi la première partie ?
si oui poste aussi le rapport.

Bonjour , pouvez vous m'aidez à examiner mon rapport svp

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:42, on 15/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Elantech\ETDDect.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\documents and settings\linda ouarti\local settings\application data\ebcyigd.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Documents and Settings\Linda Ouarti\Mes documents\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Skyrock Toolbar - {A057A204-BACC-4D26-969A-2AB983EE729B} - C:\PROGRA~1\SKYROC~1\SKYROC~1.DLL
O2 - BHO: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaz0.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaz0.dll
O3 - Toolbar: Skyrock Toolbar - {A057A204-BACC-4D26-969A-2AB983EE729B} - C:\PROGRA~1\SKYROC~1\SKYROC~1.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ETDWareDetect] C:\Program Files\Elantech\ETDDect.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ebcyigd] "c:\documents and settings\linda ouarti\local settings\application data\ebcyigd.exe" ebcyigd
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AutoClick.lnk = C:\Program Files\AutoClick\AutoClick.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

Bonjour aide,
ton rapport montre bien des infections mais il te faut créer ton propre sujet sinon il sera impossible de désinfecter deux PC sur le même sujet.
Donc créer ton propre sujet et quelqu'un te prendras en charge, merci.

miquette1 peux tu stp refaire un nouveau rapport rsit, mais avant tu vas te rendre ici C:/rsit et supprime les deux fichiers existant soit log.txt et info.txt.

Poste les deux rapports stp.

fait aussi ce qui suit

* Télécharge DiagHelp.zip sur ton bureau(Merci Malekal)
http://www.malekal.com/DiagHelp/DiagHelp.php

* Ne double-clique pas dessus !! Fais un clic droit sur le fichier et extraire tout.
* Un nouveau dossier chercher va être créé.
* Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
* Une fenêtre va s'ouvrir, choisis l'option 1
* L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.
* Pendant l'analyse après le rapport CATCHME sur l'écran rouge, tu dois appuyer sue entrée pour que l'outil continue ses recherches. Suis les consignes écrites.
* Une fenêtre avec le rapport s'ouvre alors. Copie/colle son contenu. (Il se trouve aussi ici : c:\resultat.txt)
* Double-clique sur ce fichier, Fais CTRL+A puis CTRL+C.
* Dans ta prochaine réponse, colle le rapport en faisant CTRL+V.

Voici les fichiers RSTI et DiagHelp

info.txt logfile of random's system information tool 1.06 2009-11-14 20:18:35

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22EB2FA7-1BA0-4FFB-972F-353EC6ABA9D5}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x40c /cont /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe" -l0x40c /removeonly -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x40c /removeonly -removeonly
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop Elements 2.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.dll"
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManager\unins000.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B9B9863A-32FD-4133-ADB7-46244ED77694} /l1036
Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{F37942A8-B21B-4C5A-A1D2-B676BF55EAE0}
Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2F81FBFC-9A37-431F-9050-14B55485DF5A}
Canon iP4200-->C:\WINDOWS\system32\CNMCP78.exe "-PRINTERNAMECanon iP4200" "-HELPERDLLC:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmis.dll" "-RCDLLcnmi040c.dll"
Canon MovieEdit Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DE286975-ACF1-45B8-9EF7-34E162B2C817}
Canon PhotoRecord-->MsiExec.exe /X{BEF56F2D-56ED-4176-BF72-7B68D4A3B98D}
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{9518F764-C54D-47B2-9E73-154B21E79FD2}
Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2C164906-E68F-462A-9010-70DD022223EF}
Canon Setup Utility 2.0-->"C:\Program Files\Canon\Canon Setup Utility 2.0\Maint.exe" /Uninstall C:\Program Files\Canon\Canon Setup Utility 2.0\uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}
Canon Utilities ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
Diaporama Studio-->C:\PROGRA~1\MICROA~1\DIAPOR~1\UNWISE.EXE C:\PROGRA~1\MICROA~1\DIAPOR~1\INSTALL.LOG
DriverAgent by TouchStone Software-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove
FixMessenger-->C:\Program Files\FixMessenger\uninstall.exe
Free FLV Converter V 6.7.4-->"C:\Program Files\Free FLV Converter\unins000.exe"
Free Ipod Video Converter V 2.6-->"C:\Program Files\Free iPod Video Converter\unins000.exe"
Free Mp3 Wma Converter V 1.8.0-->"C:\Program Files\Free Audio Pack\unins000.exe"
Hemera Products-->C:\PROGRA~1\HEMERA~1\UNWISE.EXE C:\PROGRA~1\HEMERA~1\INSTALL.LOG
HijackThis 2.0.2-->"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis[1].zip\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Photo and Imaging 1.0 - Scanjet 3500c Series-->MsiExec.exe /I{B8E952E3-A823-443A-8493-39A0CCE0E3EB}
Indicateur d'état Bluewin Firewall 1.2-->"C:\Program Files\Bluewin\Firewall\unins001.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Jasc Animation Shop 3-->MsiExec.exe /I{7C4196CA-CA41-4F34-9C08-7724E7705D52}
Jasc Paint Shop Pro 9.01 Patch-->C:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~1\INSTALL.LOG
Jasc Paint Shop Pro 9-->MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
JuraTax 2006-->"C:\Program Files\JuraTax2006\UninstallerData\Uninstall JuraTax 2006.exe"
JuraTax2005-->"C:\Program Files\JuraTax2005\UninstallerData\Uninstall JuraTax2005.exe"
JuraTax2007-->"C:\Program Files\JuraTax2007\UninstallerData\Uninstall JuraTax2007.exe"
JuraTax2008-->"C:\Program Files\JuraTax2008\UninstallerData\Uninstall JuraTax2008.exe"
king.com (remove only)-->"C:\WINDOWS\king-uninstall.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Ma-Config.com-->MsiExec.exe /X{D1874C3B-A0A5-446F-B76C-5265F11D8A1A}
MediaBar-->C:\WINDOWS\Downloaded Program Files\MusicManagerUnInstaller.exe "C:\WINDOWS\Downloaded Program Files\MusicManagerPlugin.ocx" "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}"
MenaceControle 2.1.355.10-->"C:\Program Files\MenaceControle\unins000.exe"
Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Basic Edition 2003-->MsiExec.exe /I{9113040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Multi Virus Cleaner 2009-->"C:\Program Files\AxBx\Multi Virus Cleaner 2009\unins000.exe"
Nero 7 Essentials-->MsiExec.exe /I{C4A0C307-053A-4335-8B28-60E901DB1036}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Picture Package Music Transfer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}\setup.exe" -l0x40c /removeonly -removeonly
Quick Help 2.0-->C:\Program Files\QuickHelp2\unQuickHelp.exe
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Registry Mechanic 9.0-->"C:\Program Files\Registry Mechanic\unins000.exe" /Log
Safari-->MsiExec.exe /I{E56D39F8-2A9F-44B4-B068-A72E45A073E6}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sony Picture Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x40c /removeonly uninstall -removeonly
Sony USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" -l0x40c UNINSTALL -removeonly
Symantec Technical Support Web Controls-->MsiExec.exe /X{20C53FA2-4307-4671-A93F-9463B29DFCF1}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
VirtualDubMOD 1.5.10.3 Fr-->"C:\Program Files\VirtualDubMOD\unins000.exe"
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

======Security center information======

AV: avast! antivirus 4.8.1356 [VPS 091114-0]
FW: Norton Internet Worm Protection (disabled)

======System event log======

Computer Name: FOLETTI
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 209355
Source Name: Service Control Manager
Time Written: 20091107210304.000000+060
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 209352
Source Name: Service Control Manager
Time Written: 20091107210304.000000+060
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 209349
Source Name: Service Control Manager
Time Written: 20091107210304.000000+060
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 209346
Source Name: Service Control Manager
Time Written: 20091107210304.000000+060
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 209343
Source Name: Service Control Manager
Time Written: 20091107210304.000000+060
Event Type: error
User:

=====Application event log=====

Computer Name: FOLETTI
Event Code: 1002
Message: Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 6823
Source Name: Application Hang
Time Written: 20090912175949.000000+120
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 1001
Message: Détecteur d'erreurs 827627218.

Record Number: 6781
Source Name: Application Hang
Time Written: 20090911094333.000000+120
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 1002
Message: Application bloquée OUTLOOK.EXE, version 11.0.8217.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 6780
Source Name: Application Hang
Time Written: 20090911094323.000000+120
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 1002
Message: Application bloquée OUTLOOK.EXE, version 11.0.8217.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 6779
Source Name: Application Hang
Time Written: 20090911091213.000000+120
Event Type: error
User:

Computer Name: FOLETTI
Event Code: 1002
Message: Application bloquée OUTLOOK.EXE, version 11.0.8217.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 6778
Source Name: Application Hang
Time Written: 20090911091212.000000+120
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Sonic\MyDVD;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0303
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-11-15 16:08:34
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 36 GB (48%) free of 76 GB
Total RAM: 511 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:08:47, on 15.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\QuickHelp2\QuickHelp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Bluewin\Firewall\fwstatus.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Motive\McciCMService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [QuickHelp2_McciTrayApp] C:\Program Files\QuickHelp2\QuickHelp.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [fwstatus.exe] C:\Program Files\Bluewin\Firewall\fwstatus.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.jeuxjeuxjeux.fr/jeu/rotation/topsy+turvy.html"
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://uskaya.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://uskaya.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe
O24 - Desktop Component 1: capucine - http://capucinette.blogspot.com/
End of file - 10796 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-29 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-09-15 81000]
"NWEReboot"= []
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"QuickHelp2_McciTrayApp"=C:\Program Files\QuickHelp2\QuickHelp.exe [2007-11-01 1474048]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-01-06 335872]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 217088]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 458752]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"SoundMax"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-09-23 860160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RegistryMechanic"=C:\Program Files\Registry Mechanic\RegMech.exe [2009-10-14 3217368]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-03-30 68856]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-01-18 196608]
"fwstatus.exe"=C:\Program Files\Bluewin\Firewall\fwstatus.exe [2005-04-04 49152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE [2008-11-04 460216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Salestart]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shockwave Updater]
C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE [2008-11-04 460216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThreatFire]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\Adobe Gamma Loader.exe [2002-08-16 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~1\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Outil de détection de support Picture Motion Browser.lnk]
C:\PROGRA~1\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-01-15 344064]

C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-01-06 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Documents and Settings\Propriétaire\Mes documents\incredimail_install.exe"="C:\Documents and Settings\Propriétaire\Mes documents\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\MySpace\IM\MySpaceIM.exe"="C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM"
"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Disabled:Outil de diagnostic Microsoft DirectX"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-11-15 12:23:28 ----A---- C:\lopR.txt
2009-11-15 12:21:32 ----D---- C:\Lop SD
2009-11-15 11:58:50 ----D---- C:\_OTM
2009-11-15 00:48:58 ----A---- C:\WINDOWS\system32\tmp.txt
2009-11-15 00:48:53 ----A---- C:\rapport.txt
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\VACFix.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\swxcacls.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\swsc.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\swreg.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\Process.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\o4Patch.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\IEDFix.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\dumphive.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
2009-11-15 00:47:25 ----A---- C:\WINDOWS\system32\404Fix.exe
2009-11-14 21:28:21 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
2009-11-14 21:28:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-14 21:28:13 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-14 20:18:09 ----D---- C:\rsit
2009-11-14 20:14:57 ----A---- C:\TB.txt
2009-11-14 20:13:30 ----D---- C:\ToolBar SD
2009-11-12 16:31:13 ----D---- C:\Documents and Settings\Propriétaire\Application Data\FreeFLVConverter
2009-11-12 10:10:27 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-11-11 09:14:35 ----D---- C:\Program Files\iPod
2009-11-10 00:31:59 ----D---- C:\WINDOWS\ie8updates
2009-11-10 00:25:22 ----HDC---- C:\WINDOWS\ie8
2009-11-09 20:59:03 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Windows Search
2009-11-09 20:45:42 ----HDC---- C:\WINDOWS\ie7
2009-11-09 20:11:04 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-11-09 20:11:04 ----D---- C:\Program Files\Windows Desktop Search
2009-11-08 23:06:00 ----D---- C:\Program Files\Connection Wizard
2009-11-08 19:53:43 ----D---- C:\Program Files\Nero
2009-11-08 16:02:17 ----D---- C:\Program Files\Mozilla Firefox
2009-11-07 23:18:27 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-11-07 23:18:24 ----D---- C:\Program Files\Alwil Software
2009-11-07 19:35:51 ----D---- C:\WINDOWS\$hf_mig$
2009-11-07 18:20:37 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-11-07 18:20:35 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-11-07 16:19:36 ----D---- C:\WINDOWS\ie7updates
2009-11-04 08:49:23 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-04 08:49:23 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-04 08:49:23 ----A---- C:\WINDOWS\system32\java.exe
2009-11-02 12:44:13 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Sony Corporation
2009-11-02 12:37:18 ----D---- C:\Drivers
2009-11-02 12:37:18 ----A---- C:\WINDOWS\system32\SONYHCY.DLL
2009-11-02 12:34:50 ----A---- C:\WINDOWS\system32\vxblock.dll
2009-11-02 12:34:50 ----A---- C:\WINDOWS\system32\PxInsI64.exe
2009-11-02 12:34:50 ----A---- C:\WINDOWS\system32\PxInsA64.exe
2009-11-02 12:34:50 ----A---- C:\WINDOWS\system32\pxhpinst.exe
2009-11-02 12:34:50 ----A---- C:\WINDOWS\system32\PxCpyI64.exe
2009-11-02 12:34:50 ----A---- C:\WINDOWS\system32\PxCpyA64.exe
2009-11-02 12:32:08 ----D---- C:\Program Files\Sony
2009-10-31 09:27:11 ----D---- C:\Program Files\Microsoft
2009-10-31 09:26:53 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-31 08:59:56 ----D---- C:\Program Files\Registry Mechanic
2009-10-18 20:37:23 ----D---- C:\Documents and Settings\Propriétaire\Application Data\QUAD Backups
2009-10-18 14:53:20 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Registry Mechanic

======List of files/folders modified in the last 1 months======

2009-11-15 15:01:29 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-11-15 14:52:51 ----D---- C:\WINDOWS\Temp
2009-11-15 14:51:03 ----SD---- C:\WINDOWS\Tasks
2009-11-15 12:34:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-15 12:25:15 ----D---- C:\Program Files
2009-11-15 12:00:28 ----D---- C:\WINDOWS
2009-11-15 11:58:57 ----D---- C:\Program Files\Fichiers communs
2009-11-15 09:36:51 ----SHD---- C:\WINDOWS\Installer
2009-11-15 09:36:51 ----D---- C:\Config.Msi
2009-11-15 09:36:49 ----D---- C:\WINDOWS\WinSxS
2009-11-15 00:48:58 ----AD---- C:\WINDOWS\system32
2009-11-14 21:28:15 ----D---- C:\WINDOWS\system32\drivers
2009-11-14 15:35:06 ----ASH---- C:\boot.ini
2009-11-14 15:35:06 ----A---- C:\WINDOWS\win.ini
2009-11-14 15:35:06 ----A---- C:\WINDOWS\system.ini
2009-11-14 15:13:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-11-14 15:09:49 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-11-14 14:18:20 ----D---- C:\WINDOWS\Debug
2009-11-14 09:19:32 ----D---- C:\WINDOWS\Help
2009-11-13 14:10:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-13 12:08:41 ----HD---- C:\WINDOWS\inf
2009-11-13 12:08:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-13 11:47:28 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-11-13 11:44:40 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-11-13 11:42:54 ----D---- C:\Program Files\Adobe
2009-11-13 11:36:23 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-13 08:38:01 ----D---- C:\WINDOWS\system32\wbem
2009-11-13 08:37:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-12 18:13:52 ----D---- C:\Program Files\Free iPod Video Converter
2009-11-12 17:04:48 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-12 16:31:20 ----D---- C:\Program Files\Free FLV Converter
2009-11-12 10:12:13 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-12 10:09:40 ----D---- C:\Program Files\Windows Media Player
2009-11-11 14:50:34 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-11-11 09:16:09 ----D---- C:\Program Files\iTunes
2009-11-11 09:14:34 ----D---- C:\Program Files\Fichiers communs\Apple
2009-11-10 00:35:14 ----D---- C:\WINDOWS\Media
2009-11-10 00:35:14 ----D---- C:\Program Files\Internet Explorer
2009-11-10 00:25:22 ----D---- C:\WINDOWS\system32\fr-fr
2009-11-09 20:11:32 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-11-09 19:11:38 ----D---- C:\WINDOWS\Microsoft.NET
2009-11-09 18:03:49 ----RSD---- C:\WINDOWS\assembly
2009-11-09 17:57:24 ----D---- C:\WINDOWS\system32\XPSViewer
2009-11-09 17:57:23 ----RSD---- C:\WINDOWS\Fonts
2009-11-08 22:22:56 ----A---- C:\WINDOWS\ascd_tmp.ini
2009-11-08 20:01:01 ----SD---- C:\Documents and Settings\Propriétaire\Application Data\Microsoft
2009-11-08 19:53:45 ----D---- C:\Program Files\Fichiers communs\Ahead
2009-11-08 17:12:57 ----D---- C:\WINDOWS\pss
2009-11-08 16:24:31 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-11-08 15:51:09 ----D---- C:\Program Files\Google
2009-11-08 02:06:56 ----D---- C:\Program Files\Messenger
2009-11-08 01:17:49 ----D---- C:\WINDOWS\security
2009-11-08 01:07:15 ----D---- C:\WINDOWS\system32\oobe
2009-11-08 00:54:09 ----D---- C:\WINDOWS\EHome
2009-11-07 20:35:38 ----D---- C:\WINDOWS\system32\1031
2009-11-07 20:32:06 ----D---- C:\WINDOWS\system32\LogFiles
2009-11-07 18:18:29 ----D---- C:\WINDOWS\system32\mui
2009-11-07 16:01:22 ----D---- C:\Documents and Settings
2009-11-06 10:56:59 ----A---- C:\WINDOWS\hpqcopy.INI
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-04 08:49:19 ----D---- C:\Program Files\Java
2009-10-31 09:26:06 ----D---- C:\Program Files\Windows Live
2009-10-22 10:56:12 ----D---- C:\Program Files\Fichiers communs\Logitech
2009-10-22 10:55:50 ----D---- C:\WINDOWS\twain_32
2009-10-22 10:49:42 ----D---- C:\Program Files\printmyphotobook
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-09-15 27408]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-29 82380]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-09-15 52368]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-09-15 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-01-06 647680]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2005-03-01 392704]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-28 220992]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WLAN_DCB;IEEE 802.11g Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\WLANDCB.sys [2003-07-16 56320]
R3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\yukonx86.sys [2003-12-22 176256]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2009-07-10 63360]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; C:\WINDOWS\system32\drivers\EraserUtilRebootDrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-07-10 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-07-10 25512]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-14 88960]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\FICHIE~1\Motive\MREMP50.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\FICHIE~1\Motive\MRESP50.SYS []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys []
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TfNetMon;TfNetMon; \??\C:\WINDOWS\system32\drivers\TfNetMon.sys []
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-24 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 McciCMService;McciCMService; C:\Program Files\Fichiers communs\Motive\McciCMService.exe [2007-11-08 303104]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe [2009-10-14 583640]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-01-06 397312]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-01-06 516096]
S2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe []
S2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-11 57344]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-05-30 576680]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-22 208896]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

DiagHelp version v1.4 -

Il manque le rapport de Diaghelp.

Sinon très bien on avance :)

Dit moi comment ce comporte ton PC as tu du mieux ?
Pour la suite

1/

● Télécharge sur ton bureau RHosts (Merci à S!ri) disponible ici,
http://siri.urz.free.fr/Softs/RHosts.exe
● Double-clique sur Rhosts.exe et clique sur "restaurer".


2/

● Télécharge UsbFix de Chiquitine29 sur ton Bureau,
http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe

● L'outil peut faire réagir l'antivirus. Dans ce cas, tu ignores les alertes ou tu désactives temporairement ton antivirus.
● Lance l'installation avec les paramètres par défaut.
● Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
● Double-clique sur le raccourci UsbFix sur ton Bureau (Pour Vista, le programme doit être lancé via un clic droit, et il faut choisir d'exécuter en tant qu'administrateur). Choisis l'option 2.
● Le PC va redémarrer.
● Après redémarrage, poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)

3/

● Va sur ce site
http://java.com/fr/download/installed.jsp

● vérifie ta version java est met la à jour.
Ensuite rend toi dans Ajout et suppression de programme via le panneau de configuration et supprime toutes les versions antérieur.
Profite pour faire un peu de ménage.


4/

● Télécharge CCleaner :
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
ou http://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corriger ton registre .
Lors de l'installation:
● Choisis bien "Français" comme langue .
● Avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 premières.

Un tutoriel ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm


---> Utilisation:
● Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures .

! déconnecte toi et ferme toutes applications en cours !

● va dans "Nettoyeur" : fais "Analyse" puis "Nettoyage"
● va dans "Registre" : fais "Chercher les erreurs" et "Réparer toutes les erreurs"
( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .

( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )

Coucou, j'ai un petit souci.
J'ai téléchargé sur mon bureau RHosts.exe
J'ai la fenêtre restaurer qui s'ouvre - je confirme la restauration du fichier hosts - ok.
Mais ca ne fonctionne pas.
ca fait 1/4 h que j'attend et rien ne bouge.
Mis à part cela je ne vois pas de mieux dans le comportement de mon pc.

Oui excuse normal que tu as rien de plus :)

il te faut juste restaurer et c'est tout ;)

Voici la suite:
Maintenant je veux m'occuper de java.


############################## | UsbFix V6.053 |

User : Propriétaire (Administrateurs) # FOLETTI
Update on 14/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 21:10:10 | 15.11.2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1356 [VPS 091115-0] 4.8.1356 [ Enabled | Updated ]
FW : Norton Internet Worm Protection[ (!) Disabled ]2006

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 74.55 Go (35.55 Go free) # NTFS
D:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 728
C:\WINDOWS\system32\csrss.exe 776
C:\WINDOWS\system32\winlogon.exe 800
C:\WINDOWS\system32\services.exe 844
C:\WINDOWS\system32\lsass.exe 856
C:\WINDOWS\system32\svchost.exe 1052
C:\WINDOWS\system32\svchost.exe 1140
C:\WINDOWS\System32\svchost.exe 1304
C:\WINDOWS\System32\svchost.exe 1424
C:\WINDOWS\System32\svchost.exe 1528
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1796
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1936
C:\WINDOWS\Explorer.EXE 2004
C:\WINDOWS\system32\brsvc01a.exe 908
C:\WINDOWS\system32\brss01a.exe 1080
C:\WINDOWS\system32\spoolsv.exe 1060
C:\WINDOWS\System32\svchost.exe 1600
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1176
C:\Program Files\Java\jre6\bin\jqs.exe 1752
C:\Program Files\Fichiers communs\Motive\McciCMService.exe 112
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE 208
C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe 1928
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe 380
C:\WINDOWS\System32\svchost.exe 1040
C:\WINDOWS\system32\wuauclt.exe 1524
C:\Program Files\Alwil Software\Avast4\setup\avast.setup 2056
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2196
C:\WINDOWS\system32\wbem\wmiprvse.exe 2228
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2260
C:\WINDOWS\System32\alg.exe 2504

################## | Fichiers # Dossiers infectieux |


################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |


################## | Listing des fichiers présent |

[04.06.2008 06:30|--a------|109] C:\AUTOEXEC.BAT
[03.09.2004 10:59|-rahs----|216] C:\boot(2).ini
[14.11.2009 15:35|--ahs----|216] C:\boot.ini
[24.04.2003 13:00|-rahs----|4952] C:\Bootfont.bin
[03.09.2004 11:02|--a------|0] C:\CONFIG.SYS
[?|?|?] C:\hiberfil.sys
[02.10.2007 17:02|--a------|1119] C:\INSTALL.LOG
[02.06.2009 12:58|--a------|98304] C:\InstallHelper.dll
[03.09.2004 11:02|-rahs----|0] C:\IO.SYS
[15.11.2009 12:29|--a------|15911] C:\lopR.txt
[03.09.2004 11:02|-rahs----|0] C:\MSDOS.SYS
[03.09.2004 10:52|-rahs----|47564] C:\NTDETECT.COM
[29.08.2008 07:48|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[26.10.2009 09:04|--a------|1846] C:\pctlsp.log
[12.10.2008 09:43|--a------|1047] C:\playground.log
[15.11.2009 00:51|--a------|6005] C:\rapport.txt
[15.11.2009 16:50|--a------|77422] C:\resultat.txt
[14.11.2009 21:26|--a------|1975] C:\TB.txt
[10.01.2001 11:23|--a------|162304] C:\UNWISE.EXE
[15.11.2009 16:48|--a------|96250] C:\upload_moi_FOLETTI.tar.gz
[15.11.2009 21:15|--a------|3457] C:\UsbFix.txt

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.

################## | Suspect | http://www.virustotal.com |


################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.053 ! |

Voici la suite:
Maintenant je veux m'occuper de java.


############################## | UsbFix V6.053 |

User : Propriétaire (Administrateurs) # FOLETTI
Update on 14/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 21:10:10 | 15.11.2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1356 [VPS 091115-0] 4.8.1356 [ Enabled | Updated ]
FW : Norton Internet Worm Protection[ (!) Disabled ]2006

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 74.55 Go (35.55 Go free) # NTFS
D:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 728
C:\WINDOWS\system32\csrss.exe 776
C:\WINDOWS\system32\winlogon.exe 800
C:\WINDOWS\system32\services.exe 844
C:\WINDOWS\system32\lsass.exe 856
C:\WINDOWS\system32\svchost.exe 1052
C:\WINDOWS\system32\svchost.exe 1140
C:\WINDOWS\System32\svchost.exe 1304
C:\WINDOWS\System32\svchost.exe 1424
C:\WINDOWS\System32\svchost.exe 1528
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1796
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1936
C:\WINDOWS\Explorer.EXE 2004
C:\WINDOWS\system32\brsvc01a.exe 908
C:\WINDOWS\system32\brss01a.exe 1080
C:\WINDOWS\system32\spoolsv.exe 1060
C:\WINDOWS\System32\svchost.exe 1600
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1176
C:\Program Files\Java\jre6\bin\jqs.exe 1752
C:\Program Files\Fichiers communs\Motive\McciCMService.exe 112
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE 208
C:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe 1928
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe 380
C:\WINDOWS\System32\svchost.exe 1040
C:\WINDOWS\system32\wuauclt.exe 1524
C:\Program Files\Alwil Software\Avast4\setup\avast.setup 2056
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2196
C:\WINDOWS\system32\wbem\wmiprvse.exe 2228
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2260
C:\WINDOWS\System32\alg.exe 2504

################## | Fichiers # Dossiers infectieux |


################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |


################## | Listing des fichiers présent |

[04.06.2008 06:30|--a------|109] C:\AUTOEXEC.BAT
[03.09.2004 10:59|-rahs----|216] C:\boot(2).ini
[14.11.2009 15:35|--ahs----|216] C:\boot.ini
[24.04.2003 13:00|-rahs----|4952] C:\Bootfont.bin
[03.09.2004 11:02|--a------|0] C:\CONFIG.SYS
[?|?|?] C:\hiberfil.sys
[02.10.2007 17:02|--a------|1119] C:\INSTALL.LOG
[02.06.2009 12:58|--a------|98304] C:\InstallHelper.dll
[03.09.2004 11:02|-rahs----|0] C:\IO.SYS
[15.11.2009 12:29|--a------|15911] C:\lopR.txt
[03.09.2004 11:02|-rahs----|0] C:\MSDOS.SYS
[03.09.2004 10:52|-rahs----|47564] C:\NTDETECT.COM
[29.08.2008 07:48|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[26.10.2009 09:04|--a------|1846] C:\pctlsp.log
[12.10.2008 09:43|--a------|1047] C:\playground.log
[15.11.2009 00:51|--a------|6005] C:\rapport.txt
[15.11.2009 16:50|--a------|77422] C:\resultat.txt
[14.11.2009 21:26|--a------|1975] C:\TB.txt
[10.01.2001 11:23|--a------|162304] C:\UNWISE.EXE
[15.11.2009 16:48|--a------|96250] C:\upload_moi_FOLETTI.tar.gz
[15.11.2009 21:15|--a------|3457] C:\UsbFix.txt

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.

################## | Suspect | http://www.virustotal.com |


################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.053 ! |

Une fois tout ceci fait dit moi si tu as encore des soucis

Bonjour;
J'ai toujours un petit souci avec mes images. Avec les fichiers audio, CD ca fonctionne.

Dans poste de travail, je sélectionne le lecteur par exemple « D »
Je fais un clic droit, puis propriété / exécution automatique et , je peux choisir une action à exécuter automatiquement : fichier audio, fichier vidéo, contenu mixte, image etc.

Je choisis image.
En dessous j'ai une petite case ou je peux (sélectionner une action à exécuter) ou (me demander à chaque fois de choisir une action)
La petite fenêtre est vide, je n’ai plus les choix des options exemple : lire le CD... ne rien faire.... copier mes images sur....

A part ca tout va bien

Bonsoir miquette1,

Désolé mis je ne saisie pas trop ton soucis d'image.
Tu n'arrive pas à ouvrir une image ?

Bonjour; je sais, c'est un peu compliqué à expliquer , si seulement je pouvais faire une copie d'écran et te l'envoyer ce serait plus simple.

Voila mon souci:

Une fenêtre s'ouvre automatiquement lors de l'insertion d'un CD, d'un DVD, d'une clé USB.

Dans cette fenêtre on me demande de « sélectionner un type de contenu puis de choisir l’action à exécuter automatiquement lorsque ce type est utilisé par ce périphérique. »

En dessous, dans un rectangle j’ai les choix : Fichier audio – image – fichier vidéo – contenu mixte – etc.

Plus en dessous dans une fenêtre « Action » je peux sélectionner une action à exécuter ou me demander à chaque fois de choisir une action.

Donc, je me trouve dans les Propriétés de lecteur D ou E

Si je met un CD la fenêtre s’ouvre et je peux choisir entre - lire le fichier audio – copier le CD – lire – ne rien faire.

Quand je mets mon appareil photo pour copier mes photo sur le disque dur, la fenêtre est vide, je ne peux plus choisir une action à exécuter.

A+