Merciiiiiii de ta réponse - si rapide en plus xD -
voilà, j'ai fait ce que tu m'as dit et on m'a pas de mandé de passer à le 2ème étape donc voilà le résultat :
SmitFraudFix v2.392

Rapport fait à 14:55:28,43, 27/01/2009
Executé à partir de C:\Documents and Settings\Simo\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\KO Approach\Approach.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
c:\program files\avira\antivir personaledition classic\avcenter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Simo


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Simo\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Simo\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Simo\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!




»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="sockspy.dll C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL"
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.115.116
DNS Server Search Order: 85.255.112.222

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 85.255.115.116
DNS Server Search Order: 85.255.112.222

HKLM\SYSTEM\CCS\Services\Tcpip\..\{0A21B7FA-8FD8-4B74-B5C2-34333FD8F1BB}: DhcpNameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{0A21B7FA-8FD8-4B74-B5C2-34333FD8F1BB}: NameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{92741C97-B8F6-4675-99E8-3064F32E319B}: NameServer=85.255.115.116 85.255.112.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{9A5B1E53-BB97-42D4-BC27-2383910F1C35}: NameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{9B5622D8-AFF3-4A0E-A382-825047026CC7}: DhcpNameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0A21B7FA-8FD8-4B74-B5C2-34333FD8F1BB}: DhcpNameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0A21B7FA-8FD8-4B74-B5C2-34333FD8F1BB}: NameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{92741C97-B8F6-4675-99E8-3064F32E319B}: NameServer=85.255.115.116 85.255.112.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{9A5B1E53-BB97-42D4-BC27-2383910F1C35}: NameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{9B5622D8-AFF3-4A0E-A382-825047026CC7}: DhcpNameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0A21B7FA-8FD8-4B74-B5C2-34333FD8F1BB}: DhcpNameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0A21B7FA-8FD8-4B74-B5C2-34333FD8F1BB}: NameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{9A5B1E53-BB97-42D4-BC27-2383910F1C35}: NameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{9B5622D8-AFF3-4A0E-A382-825047026CC7}: DhcpNameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.115.116 85.255.112.222
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.115.116 85.255.112.222
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer=85.255.115.116 85.255.112.222


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Voilàa le rapport :
SmitFraudFix v2.392

Rapport fait à 15:10:59,70, 27/01/2009
Executé à partir de C:\Documents and Settings\Simo\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» DNS Avant Fix

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 85.255.115.116
DNS Server Search Order: 85.255.112.222

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 85.255.115.116
DNS Server Search Order: 85.255.112.222

HKLM\SYSTEM\CCS\Services\Tcpip\..\{0A21B7FA-8FD8-4B74-B5C2-3­4333FD8F1BB}: DhcpNameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{0A21B7FA-8FD8-4B74-B5C2-3­4333FD8F1BB}: NameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{92741C97-B8F6-4675-99E8-3­064F32E319B}: NameServer=85.255.115.116 85.255.112.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{9A5B1E53-BB97-42D4-BC27-2­383910F1C35}: NameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{9B5622D8-AFF3-4A0E-A382-8­25047026CC7}: DhcpNameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0A21B7FA-8FD8-4B74-B5C2-3­4333FD8F1BB}: DhcpNameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0A21B7FA-8FD8-4B74-B5C2-3­4333FD8F1BB}: NameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{92741C97-B8F6-4675-99E8-3­064F32E319B}: NameServer=85.255.115.116 85.255.112.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{9A5B1E53-BB97-42D4-BC27-2­383910F1C35}: NameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{9B5622D8-AFF3-4A0E-A382-8­25047026CC7}: DhcpNameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0A21B7FA-8FD8-4B74-B5C2-3­4333FD8F1BB}: DhcpNameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0A21B7FA-8FD8-4B74-B5C2-3­4333FD8F1BB}: NameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{9A5B1E53-BB97-42D4-BC27-2­383910F1C35}: NameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{9B5622D8-AFF3-4A0E-A382-8­25047026CC7}: DhcpNameServer=85.255.115.116,85.255.112.222
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.115.116 85.255.112.222
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.115.116 85.255.112.222
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer=85.255.115.116 85.255.112.222

»»»»»»»»»»»»»»»»»»»»»»»» DNS Après Fix

Que dois-je faire alors ?
J'ai refait le truc et voilà ce que j'ai eu...

SmitFraudFix v2.392

Rapport fait à 15:27:31,23, 27/01/2009
Executé à partir de C:\Documents and Settings\Simo\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» DNS Avant Fix


»»»»»»»»»»»»»»»»»»»»»»»» DNS Après Fix

Pour le premier fichier : log.txt voilà son contenu :

Logfile of random's system information tool 1.05 (written by random/random)
Run by Simo at 2009-01-27 15:35:50
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 17 GB (21%) free of 79 GB
Total RAM: 510 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:35:59, on 27/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\KO Approach\Approach.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Simo\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\Simo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [E06FDXRC_6098328] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE" -m
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: KO Approach.lnk = C:\Program Files\KO Approach\Approach.exe
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O17 - HKLM\System\CCS\Services\Tcpip\..\{92741C97-B8F6-4675-99E8-3064F32E319B}: NameServer = 85.255.115.116 85.255.112.222
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: sockspy.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
End of file - 9244 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2008-11-20 1784856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2008-05-01 1150976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-05-28 370296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-27 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-27 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-27 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88}
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2008-05-01 1150976]
{1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2008-11-20 1784856]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"=C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe [2008-08-21 1783808]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-03 59392]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-05-28 185896]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-27 136600]
"Ulead AutoDetector v2"=C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe [2004-08-27 90112]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-05 30192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TaskSwitchXP"=C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe [2006-08-04 62976]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
"E06FDXRC_6098328"=C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006\EDICT.EXE [2005-06-04 301776]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe [2008-06-17 1249280]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-10-02 1124352]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
Launchy.lnk - C:\Program Files\Launchy\Launchy.exe

C:\Documents and Settings\Simo\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
KO Approach.lnk - C:\Program Files\KO Approach\Approach.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="sockspy.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\InterVideo\DVD7\WinDVD.exe"="C:\Program Files\InterVideo\DVD7\WinDVD.exe:*:Enabled:WinDVD"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\VDOWNLOADER\VDownloader.exe"="C:\Program Files\VDOWNLOADER\VDownloader.exe:*:Enabled:VDownloader"
"C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6277c1a2-2067-11dd-b705-806d6172696f}]
shell\AutoRun\command - otyh.cmd
shell\explore\command - otyh.cmd
shell\open\command - otyh.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b08b0909-4e05-11dd-848b-4d6564696130}]
shell\AutoRun\command - K:\ReadMe.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2b0a2b4-b82f-11dd-8b25-4d6564696130}]
shell\AutoRun\command - K:\whi.com
shell\explore\command - K:\whi.com
shell\open\command - K:\whi.com


======File associations======

.cpl - cplopen -

======List of files/folders created in the last 1 months======

2009-01-27 15:35:50 ----D---- C:\rsit
2009-01-27 14:55:35 ----A---- C:\WINDOWS\system32\tmp.txt
2009-01-27 14:55:28 ----A---- C:\rapport.txt
2009-01-27 14:54:38 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\VACFix.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\swxcacls.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\swsc.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\swreg.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\Process.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\o4Patch.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\IEDFix.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\dumphive.exe
2009-01-27 14:51:34 ----A---- C:\WINDOWS\system32\404Fix.exe

======List of files/folders modified in the last 1 months======

2009-01-27 15:35:31 ----D---- C:\WINDOWS\Temp
2009-01-27 15:25:57 ----D---- C:\Documents and Settings\Simo\Application Data\Spyware Terminator
2009-01-27 14:55:35 ----D---- C:\WINDOWS\system32
2009-01-27 14:51:40 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-27 14:23:55 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-27 14:13:33 ----D---- C:\Program Files\Mozilla Firefox
2009-01-27 14:05:54 ----D---- C:\WINDOWS
2009-01-27 02:35:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-26 22:53:34 ----D---- C:\WINDOWS\Prefetch
2009-01-22 13:59:55 ----D---- C:\WINDOWS\system32\drivers
2009-01-22 03:55:11 ----D---- C:\Program Files\Spyware Terminator
2009-01-22 03:46:44 ----D---- C:\Program Files\eMule
2009-01-22 03:08:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-16 22:19:55 ----A---- C:\WINDOWS\robert.ini
2009-01-04 21:56:56 ----A---- C:\WINDOWS\win.ini
2009-01-03 18:52:23 ----RD---- C:\Program Files
2009-01-02 22:38:03 ----HD---- C:\WINDOWS\inf
2009-01-02 22:38:03 ----D---- C:\WINDOWS\Help
2009-01-02 17:39:51 ----SD---- C:\Documents and Settings\Simo\Application Data\Microsoft
2009-01-02 12:40:51 ----D---- C:\Program Files\Custom Skin Clock
2009-01-02 12:36:41 ----D---- C:\WINDOWS\Debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-11 75072]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R2 LF30FS;LF30FS; \??\C:\Program Files\Everstrike Software\Lock Folder XP 3.5\LF30XP.sys []
R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2005-09-19 126489]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-04 701440]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-03-02 50007]
S3 agf4ezks;agf4ezks; C:\WINDOWS\system32\drivers\agf4ezks.sys []
S3 AVPsys;AVPsys; \??\C:\WINDOWS\system32\drivers\tdi.sys []
S3 CAM1210;SM0121 USB 2.0 Video Camera; C:\WINDOWS\System32\Drivers\cam1210.sys [2006-07-24 89856]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 K3280VID;CyberPix S-450V; C:\WINDOWS\system32\DRIVERS\K3280vid.sys [2003-09-18 434880]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-02-18 30464]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\Simo\LOCALS~1\Temp\mc22.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-11-11 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-11-11 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-27 152984]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\PROGRA~1\SPYWAR~1\sp_rsser.exe [2008-08-21 570880]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-10-01 72704]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-05 30192]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------

Et voici le contenu du texte info.txt :

info.txt logfile of random's system information tool 1.05 2009-01-27 15:36:02

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Ashampoo Movie Shrink & Burn-->C:\PROGRA~1\Ashampoo\ASHAMP~1\UNWISE.EXE C:\PROGRA~1\Ashampoo\ASHAMP~1\INSTALL.LOG
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
CAM-IN SUITE III-->C:\PROGRA~1\CAM-IN~1\UNWISE.EXE C:\PROGRA~1\CAM-IN~1\INSTALL.LOG
CamStudio 2.0 Fr-->"C:\Program Files\CamStudio\unins000.exe"
CamStudio Lossless Codec-->rundll.exe setupx.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\DRIVERS\camcodec.inf
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CCM 2.0.4-->"C:\Program Files\CommentCaMarche\unins000.exe"
Collection Microsoft Encarta 2006-->MsiExec.exe /I{06180000-3E21-46D6-9A91-D927BA08F41D}
Crawler Toolbar with Web Security Guard-->C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe uninst
CyberLink PowerDVD 8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall
CyberPix S-450V-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{263BC2F6-C3D8-4996-96F8-4D478A64B42B}\Setup.exe"
Dictionnaire Le Littré 1.0-->"C:\Program Files\Dictionnaire Le Littré\unins000.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
eMule-->"C:\Program Files\eMule\Uninstall.exe"
FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
Freecorder Toolbar 3.02 Application-->"C:\WINDOWS\Freecorder Toolbar\uninstall.exe" "/U:C:\Program Files\Freecorder Toolbar\Uninstall\uninstall.xml"
Freecorder Toolbar-->C:\PROGRA~1\FREECO~2\UNWISE.EXE C:\PROGRA~1\FREECO~2\INSTALL.LOG
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
KO Approach-->C:\Program Files\KO Approach\Uninstall.exe
L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall
Launchy 2.0-->"C:\Program Files\Launchy\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lock Folder XP 3.6-->"C:\Program Files\Everstrike Software\Lock Folder XP 3.5\Uninstall.exe" "C:\Program Files\Fichiers communs\Everstrike Software\Lock Folder XP 3.6\install.log"
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\setup.exe /uninstall ExtraUninstallID=""
Nokia Connectivity Cable Driver-->MsiExec.exe /X{CBDE9C7D-CF52-4558-B23E-B66359CB586A}
Nokia Flashing Cable Driver-->MsiExec.exe /X{2A0A6470-FD0F-4F45-9B11-85F3167DB943}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{D5577624-0626-4C4B-87AA-D966DA1739D6}\Nokia_PC_Suite_rel_7_0_9_2_fre_web.exe
Nokia PC Suite-->MsiExec.exe /I{D5577624-0626-4C4B-87AA-D966DA1739D6}
Nokia Software Updater-->MsiExec.exe /X{A2A0D7E5-BBD0-4948-B452-63A91354C12C}
NSS (remove only)-->C:\Program Files\NSS\uninstall.exe
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Opera 9.27-->MsiExec.exe /X{503D6E3E-1A48-44F5-BB7C-EB3B593FAED0}
Package de pilotes Windows - Nokia Modem (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf
Package de pilotes Windows - Nokia Modem (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9\nokbtmdm.inf
Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
PC Connectivity Solution-->MsiExec.exe /I{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Piky Basket 2.0-->"C:\Program Files\Conceptworld\Piky\unins000.exe"
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
SAGEM F@st 800-840-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x40c
Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe"
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
TaskSwitchXP-->C:\Program Files\TaskSwitchXP\uninst.exe
Total Video Converter 3.01-->"C:\Program Files\Total Video Converter\unins000.exe"
Ulead PhotoImpact 10-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FE58B892-3825-4610-A6A2-E6EFCA83BD97}\setup.exe" -l0x40c
USB Video Camera Driver v1.10-->MsiExec.exe /I{926B578B-505F-4820-A62D-088E1124FED4}
VDownloader 0.75-->"C:\Program Files\VDOWNLOADER\unins000.exe"
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
yBook-->"C:\Documents and Settings\Simo\Mes documents\yBook\unins000.exe"

=====HijackThis Backups=====

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

======Security center information======

AV: Avira AntiVir PersonalEdition Classic

System event log

Computer Name: UNICORNI-B13AD9
Event Code: 7036
Message: Le service Service de la passerelle de la couche Application est entré dans l'état : en cours d'exécution.

Record Number: 3245
Source Name: Service Control Manager
Time Written: 20081228112211.000000+000
Event Type: Informations
User:

Computer Name: UNICORNI-B13AD9
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de la passerelle de la couche Application.

Record Number: 3244
Source Name: Service Control Manager
Time Written: 20081228112211.000000+000
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: UNICORNI-B13AD9
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l'état : en cours d'exécution.

Record Number: 3243
Source Name: Service Control Manager
Time Written: 20081228112211.000000+000
Event Type: Informations
User:

Computer Name: UNICORNI-B13AD9
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Carte de performance WMI.

Record Number: 3242
Source Name: Service Control Manager
Time Written: 20081228112211.000000+000
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: UNICORNI-B13AD9
Event Code: 7036
Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.

Record Number: 3241
Source Name: Service Control Manager
Time Written: 20081228112210.000000+000
Event Type: Informations
User:

Application event log

Computer Name: UNICORNI-B13AD9
Event Code: 12001
Message: The Messenger Sharing USN Journal Reader service started successfully.

Record Number: 5
Source Name: usnjsvc
Time Written: 20090124142108.000000+000
Event Type:
User:

Computer Name: UNICORNI-B13AD9
Event Code: 1000
Message:
Record Number: 4
Source Name: Windows Live Messenger
Time Written: 20090124142021.000000+000
Event Type: erreur
User:

Computer Name: UNICORNI-B13AD9
Event Code: 4096
Message: Le service AntiVir a bien démarré!

Record Number: 3
Source Name: Avira AntiVir
Time Written: 20090124141907.000000+000
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: UNICORNI-B13AD9
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 2
Source Name: SecurityCenter
Time Written: 20090124141903.000000+000
Event Type: Informations
User:

Computer Name: UNICORNI-B13AD9
Event Code: 1
Message:
Record Number: 1
Source Name: Bonjour Service
Time Written: 20090124141859.000000+000
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\Adobe\AGL
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

C'est fait... !

C'est simo... xD ç'a été déjà pris alors... ;-)

Voilà ^^ *

Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

J'ai scanné avec f-secure online et voilà ce que j'ai eu comme rapport...

Scanning Report
Tuesday, January 27, 2009 22:56:59 - 00:15:04


Scanning type: Scan system for malware, rootkits
Target: C:\ D:\
Result: 14 malware found
TrackingCookie.2o7 (spyware)

* System

TrackingCookie.Adrevolver (spyware)

* System

TrackingCookie.Adtech (spyware)

* System

TrackingCookie.Advertising (spyware)

* System

TrackingCookie.Atdmt (spyware)

* System

TrackingCookie.Doubleclick (spyware)

* System

TrackingCookie.Imrworldwide (spyware)

* System

TrackingCookie.Mediaplex (spyware)

* System

TrackingCookie.Questionmarket (spyware)

* System

TrackingCookie.Tradedoubler (spyware)

* System

TrackingCookie.Webtrends (spyware)

* System

TrackingCookie.Xiti (spyware)

* System

TrackingCookie.Yieldmanager (spyware)

* System

Trojan.Win32.Patched (virus)

* System

Statistics
Scanned:

* Files: 27454
* System: 7518
* Not scanned: 14

Actions:

* Disinfected: 0
* Renamed: 0
* Deleted: 0
* None: 14
* Submitted: 0

Files not scanned:

* C:\PAGEFILE.SYS
* C:\WINDOWS\SYSTEM32\DRIVERS\SPTD.SYS
* C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
* C:\WINDOWS\SYSTEM32\CONFIG\SAM
* C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
* C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
* C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
* C:\DOCUMENTS AND SETTINGS\SIMO\LOCAL SETTINGS\TEMP\ETILQS_NUBPLDWAF9T1TC7K7MOF
* C:\DOCUMENTS AND SETTINGS\SIMO\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\GOOGLE DESKTOP\06867314F0E2\DBDAM
* C:\DOCUMENTS AND SETTINGS\SIMO\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\GOOGLE DESKTOP\06867314F0E2\DBDAO
* C:\DOCUMENTS AND SETTINGS\SIMO\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\GOOGLE DESKTOP\06867314F0E2\DBEAM
* C:\DOCUMENTS AND SETTINGS\SIMO\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\GOOGLE DESKTOP\06867314F0E2\DBEAO
* C:\DOCUMENTS AND SETTINGS\SIMO\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\GOOGLE DESKTOP\06867314F0E2\DBM
* C:\DOCUMENTS AND SETTINGS\SIMO\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\GOOGLE DESKTOP\06867314F0E2\HP

Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1701
Windows 5.1.2600 Service Pack 2

28/01/2009 01:08:51
mbam-log-2009-01-28 (01-08-50).txt

Type de recherche: Examen rapide
Eléments examinés: 69791
Temps écoulé: 21 minute(s), 53 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\P­arameters\Interfaces\{92741c97-b8f6-4675-99e8-3064f32e319b}\­NameServer (Trojan.DNSChanger) -> Data: 85.255.115.116 85.255.112.222 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{92741c97-b8f6-4675-99e8-3064f32e319b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.116 85.255.112.222 -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\Winlogon.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.