Probleme avec le service windows xp [Résolu]

jlpjlp, le 29 nov 2008 à 15:05:50

Slt vire ce qui est dans la sauvegarde de spybot (quarantaine)

puis desinstalle spybot le temps de la desinfection

puis

scan avec
MalwareByte's Anti-Malware en mode normal et vire ce qui est trouvé et colle le rapport

http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php

puis

vire hijakhcits que tu as car la version est dépassée

et

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit

Répondre à jlpjlp

2

jpapiet, le 29 nov 2008 à 18:32:47

Info.txt logfile of random's system information tool 1.04 2008-11-29 18:23:15

======Uninstall list======

-->D:\PROGRA~1\CLUB-I~1\LECOMP~1\Uninstall.exe TONLFR
-->D:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
-->D:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->D:\WINDOWS\IsUn040c.exe -f"D:\Program Files\Creative\Audio2K\CTMixer.isu"
-->D:\WINDOWS\IsUn040c.exe -f"D:\Program Files\Creative\Audio2K\Midi.isu"
-->D:\WINDOWS\IsUn040c.exe -f"D:\Program Files\Creative\Audio2K\PlayCenter\Player.isu"
-->D:\WINDOWS\IsUn040c.exe -f"D:\Program Files\Creative\Audio2K\Recorder\Recorder.isu"
-->D:\WINDOWS\IsUn040c.exe -f"D:\Program Files\Creative\Audio2K\WaveStudio\Wstudio.isu"
-->D:\WINDOWS\IsUn040c.exe -f"D:\Program Files\Creative\Uninstall\Installer.isu"
-->D:\WINDOWS\WEBDELC.EXE -[WebCam Control
-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D6CB0F61-283A-4D48-8F84-6F239B367E6D}\setup.exe" -l0x9
-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{ECC33DA1-0B64-49C4-8647-732DE6A478F4}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
µTorrent-->"D:\Program Files\uTorrent\uninstall.exe"
7-Zip 4.60 beta-->"D:\Program Files\7-Zip\Uninstall.exe"
AC3Filter (remove only)-->D:\Program Files\AC3Filter\uninstall.exe
ACDSee 4.0.1 Std Trial Version-->MsiExec.exe /I{7E1ECE43-1E71-4C57-80DD-F90C76337DBD}
ACE Mega CoDecS Pack-->"D:\Program Files\ACE Mega CoDecS Pack\unins000.exe"
Ace Video Workshop 1.4.30-->"D:\Program Files\Ace Video Workshop\unins000.exe"
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop Elements 2.0-->D:\WINDOWS\ISUN040C.EXE -f"e:\program files\photo elements\Uninst.isu" -c"e:\program files\photo elements\Uninst.dll"
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player 11-->D:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE D:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
adsl TV-->D:\Program Files\adslTV\Uninstal.exe
AIM 6-->D:\Program Files\AIM6\uninst.exe
ALi mini IDE driver-->D:\WINDOWS\System32\ALi5minst.exe D:\WINDOWS\inf\mshdc.inf PCI\VEN_10B9&DEV_5229 1
Allocam-->D:\Program Files\Allocam Multi Visio\Uninstal.exe
AM-DeadLink-->D:\Program Files\AM-DeadLink\uninst-dl.exe
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
a-squared Free 1.6.5-->"D:\Program Files\a-squared\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Athlon 64 Processor Driver-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
ATI - Software Uninstall Utility-->D:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 D:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HydraVision-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
Audacity 1.2.3-->"D:\Program Files\Audacity\unins000.exe"
AusLogics Disk Defrag-->"D:\Program Files\AusLogics Disk Defrag\unins000.exe"
AusLogics Registry Defrag-->"D:\Program Files\Auslogics\AusLogics Registry Defrag\unins000.exe"
Avant Browser (remove only)-->"D:\Program Files\Avant Browser\uninst.exe"
AVIcodec (remove only)-->"D:\Program Files\AVIcodec\uninst.exe"
Avira AntiVir Personal - Free Antivirus-->D:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
AviSynth 2.5-->"D:\Program Files\AviSynth 2.5\Uninstall.exe"
AVS Video Converter 3.4.3.183-->"D:\Program Files\AVSMedia\VideoConverter3\unins000.exe"
AXIS Camera Server Control-->D:\WINDOWS\IsUninst.exe -f"D:\Program Files\Axis Communications\AXIS Camera Server Control\Uninst.isu"
Azureus Vuze-->D:\Program Files\Azureus\uninstall.exe
Barre d'outils MSN-->D:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\mtbs.exe c
Battle Of Britain-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{C3A51900-EF77-11D3-8163-00A0D21B1713}\setup.exe"
BitComet 0.70-->D:\Program Files\BitComet\uninst.exe
Blender (remove only)-->"D:\Program Files\Blender Foundation\Blender\uninstall.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
BroadJump Client Foundation-->D:\WINDOWS\IsUninst.exe -f"D:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"D:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a
CallerIP-->"D:\Program Files\CallerIP\Uninstall.exe" "D:\Program Files\CallerIP"
CameraWare-->D:\Program Files\Uninstall.exe
CamfrogWEB Advanced ActiveX Plugin (remove only)-->"D:\Program Files\CFWebAdvancedU\Uninstall.exe"
CamStudio-->D:\Program Files\CamStudio\uninstall.exe
CCleaner (remove only)-->"D:\Program Files\CCleaner\uninst.exe"
CDBurnerXP Pro 3-->MsiExec.exe /I{896D642C-7125-44F0-AC49-A23ABF82209C}
CDex extraction audio-->"D:\Program Files\CDex_170b2\uninstall.exe"
Celestia 1.4.1-->"D:\Program Files\Celestia\unins000.exe"
Codecs X264 (c) Ripp-it Te@m-->D:\Program Files\Codecs X264\Uninstal.exe
Combined Community Codec Pack 2008-01-24-->"D:\Program Files\Combined Community Codec Pack\unins001.exe"
CommentCaMarche 2.0.6-->"D:\Program Files\CommentCaMarche\unins000.exe"
Compel Adaptec WinASPI-->"D:\Program Files\WinASPI\unins000.exe"
Composant Hmk-->D:\WINDOWS\IsUn040c.exe -f"D:\Program Files\Havas Medimedia\Communs\Hmk.isu"
ConvertXtoDVD 3.2.3.81-->"D:\Program Files\VSO\ConvertX\3\unins000.exe"
CoreAAC Audio Decoder (remove only)-->"D:\WINDOWS\system32\CoreAAC-uninstall.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"D:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"D:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"D:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
CrazyTalk for Skype-->D:\Program Files\InstallShield Installation Information\{8865B208-4759-4308-8DB5-3C18D2F568E2}\setup.exe -runfromtemp -l0x040c -removeonly /remove
CrazyTalk v4.0 Media Studio-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{40B3D357-96DE-4889-A8F4-C533A39E3608}\setup.exe" -l0x9 /uninstall
Creative DVD Audio Plugin for Audigy Series-->"D:\Program Files\Creative\CTDPlugin\CTUIDVD.exe " -u
Creative Video Blaster WebCam 3 USB/WebCam Plus Driver-->D:\WINDOWS\ctdrvins.exe -uninstall usb\vid_05a9&pid_a511 -plugin webc3pin.dll -pluginres webc3pin.crl
Creative Video Blaster WebCam Control-->D:\WINDOWS\IsUninst.exe -f"D:\Program Files\Creative\Video Blaster WebCam Control\DeIsL1.isu"
Creative WebCam Monitor-->D:\WINDOWS\WEBDELC.EXE -[Creative WebCam Monitor
Cryptext (Remove Only)-->rundll32 setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\system32\ShellExt\Cryptext.inf
Datecracker-->E:\dictionnaire medical\Vidal\Datecracker\uninstall.exe
Dealio Toolbar 3.4-->MsiExec.exe /X{6105648C-0C3C-481D-8C11-1F4952D6FB53}
DesktopX-->D:\PROGRA~1\STARDOCK\OBJECT~1\DESKTOPX\UNWISE.EXE D:\PROGRA~1\STARDOCK\OBJECT~1\DESKTOPX\INSTALL.LOG
DftCom2 v.10.03-->D:\Program Files\DftCom2\uninstall.exe
Direct Show Ogg Vorbis Filter (remove only)-->"D:\WINDOWS\system32\OggDSuninst.exe"
Directory Printer 3.5-->"D:\Program Files\Dirprint\unins000.exe"
Disc2Phone-->MsiExec.exe /X{1C75E8E0-29D5-4298-AE16-B8604FD9DDE4}
DivX Codec-->D:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->D:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->D:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player-->D:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->D:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DivxToDVD 0.3.1.14-->"D:\Program Files\vso\DivxToDVD\unins000.exe"
DVD Shrink 3.2-->"D:\Program Files\DVD Shrink\unins000.exe"
DVD X Player Professional V3.0-->"D:\Program Files\DVD X Studios\DVD X Player Professional 3.0\unins000.exe"
DVDFab Gold 2.50-->"D:\Program Files\DVDFab Gold\unins000.exe"
Easy Video Joiner 5.01-->"D:\Program Files\Easy Video Joiner\unins000.exe"
EasyCleaner-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9
EasyPhotoTools 2.2.0.0-->"D:\Program Files\EasyPhotoTools\unins000.exe"
eMule-->"D:\Program Files\eMule\Uninstall.exe"
Entraînez votre concentration-->E:\PROGRA~1\ENTRAI~1\UNWISE.EXE E:\PROGRA~1\ENTRAI~1\INSTALL.LOG
eoEngine 4.9-->"D:\Program Files\eoRezo\unins000.exe"
EoTraduction 1.1-->"D:\Program Files\eoRezo\EoTraduction\unins001.exe"
EoWeather 4.6-->"D:\Program Files\eoRezo\EoWeather\unins000.exe"
EPSON Logiciel imprimante-->D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\epupdate.exe /r
EVEREST Ultimate Edition v4.50-->"D:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Falcon 4.0-->D:\WINDOWS\IsUn040c.exe -fe:\jeux\microprose\Uninst.isu
Fast MP4 3GP AVI MPG WMV RM MOV FLV Converter 3.0-->"D:\Program Files\AVN Products\Fast Video Converter\unins000.exe"
FastStone Image Viewer 3.2-->D:\Program Files\FastStone Image Viewer\uninst.exe
ffdshow [rev 1909] [2008-03-20]-->"D:\Program Files\Combined Community Codec Pack\Filters\FFDShow\unins000.exe"
Firstline FDC 2000 Digital Camera-->D:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{140E0F26-085F-11D7-88C0-009027BD5EBD}
Firstline FDC 2000 Memory Browser TWAIN Driver V1.00-->D:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\coachMB.inf
FlightGear v0.9.8-->"e:\Program Files\FlightGear\unins000.exe"
FLV Player 1.3.3-->"D:\Program Files\FLVPlayer\uninstall.exe"
Free Easy Burner V 3.8-->"D:\Program Files\Free Easy Burner\unins000.exe"
Free Mp3 Wma Converter V 1.7.2-->"D:\Program Files\Free Audio Pack\unins000.exe"
Free Video Converter V 1.4-->"D:\Program Files\Free Video Converter\unins000.exe"
free-downloads.net Toolbar-->D:\PROGRA~1\FREE-D~1.NET\UNWISE.EXE D:\PROGRA~1\FREE-D~1.NET\INSTALL.LOG
FriendFinder Messenger v4.1-->MsiExec.exe /I{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}
Futuremark Measurement Services Client-->RunDll32 advpack.dll,LaunchINFSection D:\WINDOWS\INF\msc3.inf,DefaultUninstall,5
Galaxy 1.0-->"d:\Program Files\ecrans2veille\Galaxy\unistall\uninst.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
GIGABYTE V-Tuner-->D:\WINDOWS\IsUninst.exe -f"D:\Program Files\GigaByte\V-Tuner\Uninst.isu"
Glary Utilities 2.4-->"D:\Program Files\Glary Utilities\unins000.exe"
Google Desktop-->D:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google SketchUp-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{E1423608-F529-40A1-93CA-C7F396F30DF0}\setup.exe" -l0x9
Google Talk (remove only)-->"D:\Program Files\Google\Google Talk\uninstall.exe"
Google Toolbar for Internet Explorer-->regsvr32 /u /s "d:\program files\google\googletoolbar3.dll"
Gordian Knot Rip Pack 0.28.6-->D:\Program Files\Gordian Knot\uninst.exe
GrabIt 1.5.3 Beta (build 909)-->"D:\Program Files\GrabIt\unins000.exe"
Grand Prix 4-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "e:\jeux\Infogrames\Grand Prix 4\setup.exe"
Haali Media Splitter-->"D:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
Happyneuron n°1 - Archipel de la Mémoire-->E:\PROGRA~1\ARCHIP~1\UNWISE.EXE E:\PROGRA~1\ARCHIP~1\INSTALL.LOG
HardwareDetection-->"D:\Program Files\HardwareDetection\Uninstall.exe" "D:\Program Files\HardwareDetection\install.log" -u
HDView for Internet Explorer-->MsiExec.exe /I{CAD098FE-56BA-43A8-8844-83A2B2315AF3}
HijackThis 2.0.2-->"D:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"D:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HyperCam 2-->"D:\Program Files\HyCam2\UnHyCam2.exe"
IL2 Sturmovik fr-->"E:\JEUX\BoontyGames\IL2 Sturmovik\unins000.exe"
ImageShack Toolbar for Internet Explorer-->MsiExec.exe /I{A518D6D8-0A3F-4A91-B4B5-07AF2CDD6E57}
InCD EasyWrite Reader-->D:\WINDOWS\unmrw.exe /UNINSTALL
InCD-->D:\WINDOWS\NuNInst.exe /UNINSTALL
Installation Adaptateur USB sans fil Club-Internet-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{7AE12BDA-9B59-454D-A95C-8CFDB963772F}\setup.exe" -l0x40c -ct633 -wifi
InterActual Player-->D:\Program Files\InterActual\InterActual Player\inuninst.exe
InterVideo WinDVD 7-->"D:\Program Files\InstallShield Installation Information\{90885A82-9673-49EA-AB39-AF776639C67C}\setup.exe" REMOVEALL
InterVideo WinDVD Creator 2-->"D:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
Invasion 1-->"C:\Program Files\ecrans2veille\Invasion\unistall\uninst.exe"
ItsTV 3.0-->"D:\Program Files\eoRezo\EoTraduction\unins000.exe"
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
iWizz-->D:\Program Files\iWizz\uninstall.exe
IZArc 3.5 beta 3-->"D:\Program Files\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150070}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Jasc Paint Shop Pro 9-->MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Joost (tm) Beta 1.0.3-->D:\Program Files\Joost\uninst.exe
Kaspersky Online Scanner-->D:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
KC Softwares VideoInspector-->"D:\Program Files\KC Softwares\VideoInspector\unins000.exe"
K-Lite Codec Pack 2.62 Full-->"D:\Program Files\K-Lite Codec Pack\unins000.exe"
Lame ACM MP3 Codec-->D:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 D:\WINDOWS\INF\LameACM.inf
Lanceur Club Internet v6-->"D:\Program Files\Club-Internet\Lanceur\uninstall.exe"
LE COMPAGNON CLUB-->D:\WINDOWS\Motive\TONLFR\MCCUninst.exe
Lecteur Windows Media 11-->"D:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
L'Encyclopédie pratique du Bricolage-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9F58CF55-92CD-48DC-AA26-EAAF9BF1A500}\SETUP.EXE" -l0x40c
Logitech MouseWare 9.70 -->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x40c -l040c UNINSTALL
Logitech Resource Center-->D:\PROGRA~1\LOGITECH\RESOUR~1\rem\UNWISE.EXE /s D:\PROGRA~1\LOGITECH\RESOUR~1\rem\INSTALL.LOG
Macromedia Flash 5-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{4C93C363-414E-11D4-9756-00C04F8EEB39}\Setup.exe" UNINSTALL
MagicTune3.6-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{1C04D433-2EDF-4AFB-B31B-C0B13065092F}\setup.exe" -l0x40c
MainConcept MJPEG Codec Demo-->D:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{805A7890-3138-44E4-8DAA-480C55516989} /l1033
Malwarebytes' Anti-Malware-->"D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MediaBar-->D:\WINDOWS\Downloaded Program Files\MusicManagerUnInstaller.exe "D:\WINDOWS\Downloaded Program Files\MusicManagerPlugin.ocx" "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}"
Micro Application - MediaDICO Mots croisés-->D:\WINDOWS\IsUn040c.exe -f"e:\jeux\dic motcroises\Uninst.isu"
MicroBest Cracklock 3.8.4-->"D:\Program Files\Cracklock\unins000.exe"
Micrografx Picture Publisher 7-->D:\WINDOWS\mgxclean.exe pp70.app
Microsoft .NET Compact Framework 1.0 SP3-->MsiExec.exe /I{7A0BAED2-066E-4B4F-8FA5-472A4655F4C2}
Microsoft .NET Framework (French) v1.0.3705-->D:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET Framework Full v1.0.3705 (1036)
Microsoft .NET Framework (French)-->MsiExec.exe /X{6B908BF7-A583-4962-B068-69657D87CD56}
Microsoft .NET Framework 1.0 Hotfix (KB928367)-->"D:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\hotfix.exe" "D:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\M9283671036\M9283671036Uninstall.msp"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"D:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "D:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5-->D:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Combat Flight Simulator 3.0-->"E:\JEUX\Microsoft Games\Combat Flight Simulator 3\UNINSTAL.EXE" /runtemp /addremove
Microsoft Combat Flight Simulator-->"E:\JEUX\Microsoft Games\Combat Flight Simulator\DESINST.EXE" /runtemp
Microsoft Compression Client Pack 1.0 for Windows XP-->"D:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"D:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money 2000 Standard-->D:\Program Files\Microsoft Money\setup\setup.exe
Microsoft National Language Support Downlevel APIs-->"D:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional-->D:\Office\Install\Acme.exe /w OFF95PRO.STF
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows XP Video Decoder Checkup Utility-->RunDll32 advpack.dll,LaunchINFSection D:\WINDOWS\INF\DECCHECK.inf,Uninstall
Miro-->D:\Program Files\Participatory Culture Foundation\Miro\uninstall.exe
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"D:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"D:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"D:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"D:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"D:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"D:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"D:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"D:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"D:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"D:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"D:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"D:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"D:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"D:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"D:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"D:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"D:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"D:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"D:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"D:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"D:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"D:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"D:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"D:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"D:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953155)-->"D:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"D:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"D:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"D:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"D:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"D:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"D:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"D:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"D:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"D:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"D:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"D:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"D:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
MKVtoolnix 2.1.0-->D:\Program Files\MKVtoolnix\uninst.exe
MobileMe Control Panel-->MsiExec.exe /I{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}
Morgan Stream Switcher-->"D:\Program Files\Morgan\mmswitch\uninst.exe"
MotoGP2-->E:\jeux\MotoGP2\unins000.exe
Movie Collection 5.4.2.2-->"D:\Program Files\Movie Collection\unins000.exe"
Mozilla Firefox (3.0.4)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Multimedia Card Reader-->D:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{07B02BD4-E799-4945-B240-166CA9A9BE2D} /l1036
NASA World Wind 1.3-->"e:\Program Files\NASA\World Wind 1.3\Uninstall_World_Wind_1.3.exe"
Natural Color-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}\setup.exe"
Need For Speed Hot Pursuit 2-->E:\JEUX\need speed\EAUninstall.exe
NeoDivx 2006-->"D:\Program Files\neodivx2006\uninstall.exe"
Neodivx-->MsiExec.exe /I{F2589BC9-19E5-4660-A404-7F7EC3E41CBB}
Nero Media Player-->D:\WINDOWS\UNNMP.exe /UNINSTALL
Nero OEM-->D:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NeroVision Express 2-->D:\WINDOWS\UNNeroVision.exe /UNINSTALL
Norton Security Scan-->MsiExec.exe /I{230C4A45-2586-4161-84EF-5C0D75D5B270}
Online TV Toolbar-->D:\PROGRA~1\ONLINE~1\UNWISE.EXE D:\PROGRA~1\ONLINE~1\INSTALL.LOG
OpenOffice.org 2.0-->MsiExec.exe /I{3869903C-0EF4-48D9-A12F-145AD549BA12}
Outil de mise à jour Google-->"D:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outils Club Internet-->"D:\Program Files\Club-Internet\Assistance\OutilsCI\uninstall.exe"
Pack PSP - Ri4m - v1.0-->D:\Program Files\Pack PSP - Ri4m\Uninstal.exe
Panda ActiveScan 2.0-->D:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Patch_PSP_9_VF-->e:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Uninstal.exe
PC SECURITY TEST 2006-->"D:\Program Files\AxBx\PC Security Test 2006\unins000.exe"
PDFCreator 0.8.0-->D:\Program Files\PDFCreator\unins000.exe
Photo DVD Maker Professional 7.80-->D:\Program Files\Photo DVD Maker Professional\uninst.exe
Photo2DVD Studio 3 Build 3.5.0.19-->"D:\Program Files\Photo2DVD Studio 3\unins000.exe"
Picasa 2-->"D:\Program Files\Picasa2\Uninstall.exe"
Pinnacle Hollywood FX 4.6-->D:\WINDOWS\unvise32.exe e:\Program Files\Pinnacle\Hollywood FX 4.6\uninstal.log
Pinnacle PCI Performance Enhancer-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{3E5A81BA-4702-490A-B729-0BFF6E7CBF96}\setup.exe" -l0x40c
Pinnacle Studio DC10plus-->D:\PROGRA~1\PINNACLE\DC10PLUS\UNWISE.EXE D:\PROGRA~1\PINNACLE\DC10PLUS\INSTALL.LOG
Pinnacle Systems PCI Performance Enhancer-->D:\PROGRA~1\PINNACLE\PPE\UNWISE.EXE D:\PROGRA~1\PINNACLE\PPE\INSTALL.LOG
PixMaker-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{A37161C1-F990-11D3-BE64-00104B229E8F}\Setup.exe"
PIXresizer 1.0.9-->"D:\Program Files\PIXresizer\unins000.exe"
Power IEv3-->MsiExec.exe /I{AF7C627C-F354-4FF1-8450-398C806B436E}
PowerDVD-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerQuest Drive Image 2002-->D:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5F71EB81-C72E-4B28-8D90-FDEECFEBC2DE}
PowerQuest Drive Image 7.0-->MsiExec.exe /X{8D538DFC-1E7A-45F0-9C7B-D8B6629CC2DC}
PowerQuest PartitionMagic 8.0 Demo-->D:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
QuickTime for Windows (32-bit)-->D:\WINDOWS\QTW32DEL.EXE
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Race Driver 3-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{0297C87B-CC40-446F-865A-031B4FC0CF22}\Setup.exe" -l0x40c -removeonly
Radio Media Player-->D:\Program Files\Windows Media Player\Plugins\Radios Media Player\uninst.exe
Radio net FR-->D:\WINDOWS\iun6002.exe "D:\Program Files\Radio net FR\irunin.ini"
RADIONET 5-->D:\Program Files\RADIONET 5 Démo\uninstall.exe
RamBoost XP 4.0.6-->"D:\Program Files\RamBoost XP\unins000.exe"
ratDVD 0.78.1444-->D:\Program Files\ratDVD\uninst.exe
Ray Adams ATI Tray Tools-->"D:\Program Files\Ray Adams\ATI Tray Tools\uninstall.exe"
Real Alternative 1.36-->"D:\Program Files\Real Alternative\unins000.exe"
RealPlayer-->D:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
RedLightCenter-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{35C73A54-1428-4893-B041-58AA594F4ACD}\setup.exe" -l0x9
Revo Uninstaller 1.30-->D:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Ri4m v4.1.1c-->D:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Ri4m v4.2-->D:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Ri4m v4.2c-->D:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Ri4m v5.0.1d-->D:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Ri4m v5-->D:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
RIAM Video Enhancer-->D:\Program Files\RIAM Video Enhancer\Uninstal.exe
Ripp-It Codec Pack v 4.2.6-->D:\Program Files\Ripp-It Codec Pack\uninst.exe
Safari-->MsiExec.exe /I{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}
SafeCast Shared Components-->D:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
Search Settings 1.2-->MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
SecondLife (remove only)-->"D:\Program Files\SecondLife\uninst.exe" /P="SecondLife"
Service Photos Club Internet-->"D:\Program Files\Club-Internet\Service Photos Club Internet\unins000.exe"
Shareaza v2.0.0.0-->"D:\Program Files\Shareaza\uninstall.exe"
SiSoftware Sandra Lite 2007.SP1 (Win64/32/CE)-->"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\unins000.exe"
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sony Ericsson Device Data-->MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
Sony Ericsson Drivers-->MsiExec.exe /I{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}
Sony Ericsson PC Suite-->D:\WINDOWS\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\Setup.exe /uninstall
Sony Ericsson PC Suite-->MsiExec.exe /I{25BEC3AB-5CD4-481D-9143-215C1BBB189E}
Sound Blaster AUDIOPCI128-->D:\Program Files\Creative\Uninstall\CTUNINST.EXE /U:UNINST1.INI
SpeedFan (remove only)-->"D:\Program Files\SpeedFan\uninstall.exe"
Spyware Doctor 6.0-->D:\Program Files\Spyware Doctor\unins000.exe /LOG
SpywareBlaster v3.2-->"D:\Program Files\SpywareBlaster\unins000.exe"
StationRipper 2.33C-->D:\Program Files\Ratajik Software\StationRipper\uninstall-StationRipper.exe
Steinberg MyMp3PRO V5.0-->D:\WINDOWS\HELP\UNWISE.EXE D:\WINDOWS\HELP\INSTALL.LOG
Stellarium 0.8.2-->"D:\Program Files\Stellarium\unins000.exe"
Streamripper Plugin 1.61.24 (Remove only)-->D:\Program Files\Winamp\streamripper_uninstall.exe
Studio 8-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{53EF6570-21A4-47ED-A40A-E6470A5677A3}\Setup.exe" -l0x40c UNINSTALL -c
Studio Content CD-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{4C643986-DE3C-4737-8472-CCEC36CCC267}\Setup.exe" -l0x40c
Sun xVM VirtualBox-->MsiExec.exe /I{750952C0-2EB3-4C4F-AFA9-364E7EB06291}
Super Video Converter 1.5.3-->"D:\Program Files\Super Video Converter\unins000.exe"
SuperPack StreamRipper FR 10.0-->D:\Program Files\Winamp\uninst_SR_Skin_SuperPack.exe
SureThing CD Labeler - CD Stomper Edition-->D:\WINDOWS\MVUNINST\App1\unwise.exe D:\WINDOWS\MVUNINST\APP1\INSTALL.LOG "SureThing CD Labeler - CD Stomper Edition Uninstall"
TekiNews-->D:\Program Files\TekiNews\Uninstal.exe
TerraExplorer-->D:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U
Tests de QI-->D:\WINDOWS\ISUN040C.EXE -f"D:\Program Files\Micro Application\Tests de QI\Uninst.isu" -c"D:\Program Files\Micro Application\Tests de QI\Uninst.dll"
TomTom HOME-->D:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TrackMania Sunrise Extreme Demo 1.5.0-->"e:\jeux\TrackMania Sunrise Extreme Demo\unins000.exe"
TV sur PC-->D:\Program Files\Neuf\TV_PC\uninstall.exe
ubi.com-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}\Setup.exe" -l0x40c UNINSTALL-L0x40c -uninst
Ulead VideoStudio 7 Trial-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}\Setup.exe" -l0x40c
ULi AGP Driver 2.20-->D:\WINDOWS\System32\UnAGP.EXE RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{0DD0650C-5113-4FEE-BDDA-AC0B76FD0BD1}\Setup.exe" -uninst
ULi LAN Driver-->D:\WINDOWS\System32\UnLAN.EXE RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{143BE018-D8F8-4014-8CB6-AF63F5799D21}\Setup.exe" -uninst
ULi M5289 SATA Driver-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{432968D5-88FE-44B9-9168-B2806A9668E9}\Setup.exe"
UltraBackup 4.2-->"D:\Program Files\Astase\UltraBackup\4.0\unins000.exe"
Uninstall 1.0.0.0-->"D:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
Update Service-->D:\Program Files\Sony Ericsson\Update Service\uninst.exe
User Profile Hive Cleanup Service-->MsiExec.exe /I{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}
Utherverse 3D Client-->"D:\Documents and Settings\All Users\Application Data\{727691AA-C0CE-4AB4-8D16-F6558DFF5408}\UtherverseSetup.exe" REMOVE=TRUE MODIFY=FALSE
Utherverse 3D Client-->D:\Documents and Settings\All Users\Application Data\{727691AA-C0CE-4AB4-8D16-F6558DFF5408}\UtherverseSetup.exe
Vade Retro Outlook, Outlook Express-->D:\PROGRA~1\GOTOSO~1\VADERE~1\UNWISE.EXE D:\PROGRA~1\GOTOSO~1\VADERE~1\INSTALL.LOG
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
VideoLAN VLC media player 0.8.6f-->D:\Program Files\adslTV\uninstall.exe
Viewpoint Media Player-->D:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Virtools 3D Life Player-->D:\Program Files\Virtools\3D Life Player\WebplayerConfig.exe -u
VirtuaGirl HD-->D:\Documents and Settings\Jacques\Menu Démarrer\Programmes\VirtuaGirl HD\uninstall.lnk
Virtual Earth 3D (Beta)-->MsiExec.exe /I{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}
Virtual Skipper 3 Demo-->E:\JEUX\skipper\Vsk3Demo\unins000.exe
Virtual Skipper 4 Demo 1.5.5-->"e:\jeux\Virtual Skipper 4 Demo\unins000.exe"
VirtualDub 1.6.9 Fr-->D:\Program Files\VirtualDub\UnInstall_VirtualDub.exe
VirtualDubMOD 1.5.10.2 b2540 Fr-->D:\Program Files\VirtualDubMOD\UnInstall_VDMOD.exe
VMware Player-->MsiExec.exe /I{A53A11EA-0095-493F-86FA-A15E8A86A405}
VobSub v2.23 (Remove Only)-->"D:\Program Files\Gabest\VobSub\uninstall.exe"
Votre Economiseur Personnel 1.0-->"D:\Program Files\VSoft\Votre Economiseur Personnel\unins000.exe"
VP6 VFW Codec-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{A23866A0-738B-4091-9924-0B0DE3988A15}\Setup.exe" -l0x9
VSO CopyToDVD 3-->"D:\Program Files\VSO\unins000.exe"
Winamp (remove only)-->"D:\Program Files\Winamp\UninstWA.exe"
WinAVI Video Capture 2.0 Fr-->D:\Program Files\WinAVI Video Capture\UnInstall_WinCap.exe
Windows Defender Signatures-->MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Imaging Component-->"D:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"D:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"D:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"D:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Vista Upgrade Advisor-->MsiExec.exe /I{C6AA3FB7-804F-4808-AD91-B62D6ED9B788}
Windows XP Service Pack 3-->"D:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wings Over Europe-->e:\Program Files\Wings Over Europe\uninst.exe
WinISO 5.3-->"D:\Program Files\WinISO\unins000.exe"
WinRAR archiver-->D:\Program Files\WinRAR\uninstall.exe
WinZip-->"D:\Program Files\WinZip\WINZIP32.EXE" /uninstall
x264 H.264/AVC CODEC-->D:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_x264 132 D:\WINDOWS\INF\x264vfw.inf
x264 Revision 305 x264.nl (remove only)-->"D:\Program Files\x264\x264-uninstall.exe"
x264 Revision 573 x264.nl (remove only)-->"D:\Program Files\x264\x264-uninstall.exe"
XnView 1.90.2-->"D:\Program Files\XnView\unins000.exe"
xplorer² lite-->"D:\Program Files\zabkat\xplorer2_lite\Uninstall.exe"
Xvid 1.1.3 final uninstall-->"D:\Program Files\Xvid\unins001.exe"
XVid;-)-->D:\Program Files\XVid;-)\Uninstall.exe
Yahoo! Extras-->D:\PROGRA~1\YAHOO!\COMMON\unyext.exe
Yahoo! Install Manager-->D:\WINDOWS\system32\regsvr32 /u D:\PROGRA~1\YAHOO!\Common\YINSTH~1.DLL
Yahoo! Internet Mail-->D:\WINDOWS\system32\regsvr32 /u /s D:\PROGRA~1\YAHOO!\COMMON\ymmapi.dll
Yahoo! Messenger-->D:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U D:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->D:\PROGRA~1\YAHOO!\COMMON\unyt.exe
YesMessenger 2.1.25-->"D:\Program Files\YesMessenger\unins000.exe"
YouTUBE (TM) movie downloader-->MsiExec.exe /X{2F8BE445-D14C-40E2-AF62-E43539FD1500}

======Hosts File======

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com

======Security center information======

AV: Avira AntiVir PersonalEdition

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=D:\Program Files\Internet Explorer;;D:\WINDOWS\system32;D:\WINDOWS;D:\WINDOWS\system32\WBEM;D:\Program Files\ATI Technologies\ATI Control Panel;D:\Program Files\Fichiers communs\GIS\Tools;D:\Program Files\Fichiers communs\Ulead Systems\MPEG;;D:\Program Files\MKVtoolnix;;C:\PROGRA~1\ATITEC~1\ATICON~1;D:\Program Files\Fichiers communs\Teleca Shared;D:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 12 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0c00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;D:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=D:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

maintenant que dois je faire?

spybot viré
anti malware ok
rsit ok
je te mets aussi le rapport antimalware

i

Répondre à jpapiet

3

jlpjlp, le 29 nov 2008 à 18:44:05

Oui mets antimalware

et pour rsit il manque une partie (il y a deux fichiers)

Répondre à jlpjlp

4

jpapiet, le 30 nov 2008 à 10:02:32

Logfile of random's system information tool 1.04 (written by random/random)
Run by Jacques at 2008-11-29 18:22:41
Microsoft Windows XP Édition familiale Service Pack 3
System drive D: has 10 GB (28%) free of 38 GB
Total RAM: 1023 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:23:11, on 29/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Defender\MsMpEng.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Ahead\InCD\InCDsrv.exe
D:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\RamBoost XP\rambxpfr.exe
D:\Program Files\Club-Internet\Lanceur\lanceur.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\WINDOWS\system32\CTSvcCDA.exe
D:\Program Files\EPSON\ESM2\eEBSVC.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\UPHClean\uphclean.exe
D:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
D:\WINDOWS\system32\vmnat.exe
D:\WINDOWS\system32\vmnetdhcp.exe
D:\Program Files\VMware\VMware Player\vmware-authd.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Documents and Settings\Jacques\Bureau\RSIT.exe
D:\Program Files\trend micro\Jacques.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
R3 - URLSearchHook: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {49F68B91-3571-4883-9CEA-181E40A6857E} - D:\WINDOWS\system32\fccdCSlI.dll (file missing)
O2 - BHO: (no name) - {54D14726-66BC-4235-87B3-1B4797E5B9B8} - D:\WINDOWS\system32\jkkLBrrQ.dll (file missing)
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - D:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - D:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpywareCleaner] D:\WINDOWS\system32\SpywareRemover.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RamBoostXp] D:\Program Files\RamBoost XP\rambxpfr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Club Internet.lnk = D:\Program Files\Club-Internet\Lanceur\lanceur.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Compare Prices with &Dealio - D:\Documents and Settings\Jacques\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: Post Image to Blog - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: S'abonner avec l'agrégateur par défaut - D:\Documents and Settings\Jacques\Application Data\RssBandit\iecontext_subscribefeed.htm
O8 - Extra context menu item: Tag This Image - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - D:\PROGRA~1\ALLOCA~1\allocam.exe
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - D:\PROGRA~1\ALLOCA~1\allocam.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - D:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - D:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://surechat.com:9000/Java/cfs31229.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/...
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,84/mcinsctl.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB50} (Sony SNC-CS3 Image Viewer) - http://82.127.17.206/home/SonySncCs3View.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://camera1.mairie-brest.fr/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,21/mcgdmgr.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: D:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL ogpncw.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - D:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Visualware CallerIP (CallerIP) - Unknown owner - D:\Program Files\CallerIP\cip-nt.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - D:\Program Files\EPSON\ESM2\eEBSVC.exe
O23 - Service: GoogleDesktopManager - Google - D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - D:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Canon BJ Memory Card Manager (oaa4aeyyeruo) - Unknown owner - D:\WINDOWS\system32\gamuj.exe (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: V2i Protector - PowerQuest Corporation - D:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - D:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - D:\WINDOWS\system32\vmnat.exe
End of file - 15476 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\yljihsyx.job
D:\WINDOWS\tasks\MP Scheduled Scan.job
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\Maintenance en 1 clic.job
D:\WINDOWS\tasks\User_Feed_Synchronization-{9E510C6E-0EDC-43C6-A4E1-3E43417E7DA0}.job
D:\WINDOWS\tasks\Norton Security Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-17 308832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49F68B91-3571-4883-9CEA-181E40A6857E}]
D:\WINDOWS\system32\fccdCSlI.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54D14726-66BC-4235-87B3-1B4797E5B9B8}]
D:\WINDOWS\system32\jkkLBrrQ.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
DealioBHO Class - D:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
ST - D:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-08 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [2006-10-26 440384]
{ecdee021-0d17-467f-a1ff-c7a115230949}
{6932D140-ABC4-4073-A44C-D4A541665E35} - ImageShack Toolbar - D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll [2008-01-29 626688]
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Vade Retro Outlook Express"=D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe [2006-02-16 295936]
"avgnt"=D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"QuickTime Task"=D:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SpywareCleaner"=D:\WINDOWS\system32\SpywareRemover.exe [2008-11-26 297697]
"TkBellExe"=D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-10-17 185872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RamBoostXp"=D:\Program Files\RamBoost XP\rambxpfr.exe [2004-03-09 1542144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti Trojan Elite]
D:\Program Files\Anti Trojan Elite\TJEnder.exe :NO []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-10-01 111936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiTrayTools]
D:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe [2007-05-22 521128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreativeMixer]
D:\Program Files\Creative\Audio2K\PROGRAM\CTMIX32.EXE [1999-11-18 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
D:\Program Files\DAP\DAP.EXE /STARTUP []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
D:\Program Files\eoRezo\EoEngine.exe [2008-01-08 561152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoNet]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoTraduction]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoWeather]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Framework Windows]
frmwrk32.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gafoh]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-08-14 1838592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
D:\Program Files\Google\Google Talk\googletalk.exe [2007-11-21 3297280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMC]
D:\Program Files\FriendFinder\FriendFinder Messenger 40\imc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
D:\Program Files\Ahead\InCD\InCD.exe [2004-03-24 1294446]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
D:\Program Files\Spyware Doctor\pctsTray.exe [2008-07-16 1166216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV]
D:\Program Files\eoRezo\EoTraduction\ItsTV.exe [2007-04-26 2908160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
D:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray2k]
D:\WINDOWS\system32\MMTray2k.exe [2001-11-01 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
D:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe [2006-04-21 438359]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
D:\Program Files\MSN Apps\Updater\01.03.0000.1005\fr\msnappau.exe [2004-08-13 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
D:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCLEPCI]
D:\PROGRA~1\PINNACLE\PPE\ppe.exe [2002-06-25 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
D:\Program Files\Picasa2\PicasaMediaDetector.exe [2008-08-21 443968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
D:\WINDOWS\system32\PSDrvCheck.exe [2004-03-10 406016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCLoader]
D:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCRemote]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RamBoostXp]
D:\Program Files\RamBoost XP\rambxpfr.exe [2004-03-09 1542144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster 2 d’Uniblue ]
D:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
D:\Program Files\Search Settings\SearchSettings.exe [2008-06-12 991584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
D:\WINDOWS\SOUNDMAN.EXE [2004-07-27 68096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StandardInstall]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k]
D:\Program Files\Multimedia Card Reader\shwicon2k.exe [2005-10-07 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-17 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TE_RegProtect]
D:\Program Files\Anti Trojan Elite\TERegPct.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-10-17 185872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
D:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-09-26 206184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Totocam]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent WiFi]
D:\Club-Internet\Wizard\Agent_wifi.exe [2006-05-23 897024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ub4TrayApp]
D:\Program Files\Astase\UltraBackup\4.0\bin\ubtray.exe [2004-10-10 1381888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
D:\WINDOWS\system32\dumprep 0 -u []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vaderetro Outlook]
D:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe [2006-07-22 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\viva]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
D:\Program Files\VMware\VMware Player\hqtray.exe [2007-08-21 55856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-30 4670704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
D:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Color Calibration.lnk]
D:\PROGRA~1\SEC\MAGICT~1.6\GAMMAT~1.EXE [2004-07-03 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
D:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2005-06-22 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
D:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
D:\PROGRA~1\CLUB-I~1\LECOMP~1\bin\matcli.exe [2005-06-03 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MagicTune 3.6.lnk]
D:\PROGRA~1\SEC\MAGICT~1.6\MAGICT~2.EXE [2004-12-30 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NaturalColorLoad.lnk]
D:\PROGRA~1\SEC\NATURA~1\NATURA~1.EXE [2002-04-12 155715]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
D:\PROGRA~1\Google\GOEAD5~1\GOOGLE~1.EXE [2008-10-08 161264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Jacques^Menu Démarrer^Programmes^Démarrage^Datecracker.exe.lnk]
E:\DICTIO~1\Vidal\DATECR~1\DATECR~1.EXE [2002-09-11 19968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Jacques^Menu Démarrer^Programmes^Démarrage^MS Office - Démarrage accéléré.lnk]
D:\Office\FASTBOOT.EXE [1996-03-08 14848]

D:\Documents and Settings\Jacques\Menu Démarrer\Programmes\Démarrage
Club Internet.lnk - D:\Program Files\Club-Internet\Lanceur\lanceur.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="D:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL ogpncw.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2005-06-29 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MCPClient]
D:\PROGRA~1\FICHIE~1\Stardock\mcpstub.dll [2005-01-31 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=D:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\KaZaA Lite\Kazaa.exe"="D:\Program Files\KaZaA Lite\Kazaa.exe:*:Enabled:Kazaa Lite"
"D:\Program Files\Messenger\msmsgs.exe"="D:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Program Files\Kazaa Lite K++\KazaaLite.kpp"="D:\Program Files\Kazaa Lite K++\KazaaLite.kpp:*:Enabled:KazaaLite"
"D:\Program Files\NetMeeting\conf.exe"="D:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"D:\Program Files\Shareaza\Shareaza.exe"="D:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza Ultimate File Sharing"
"D:\Program Files\Sierra On-Line\SIGSPat.exe"="D:\Program Files\Sierra On-Line\SIGSPat.exe:*:Enabled:SIGSPat"
"E:\JEUX\gamespyarcade\Aphex.exe"="E:\JEUX\gamespyarcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"D:\Program Files\GetAnonymous 2.1 Professional\GAPro.exe"="D:\Program Files\GetAnonymous 2.1 Professional\GAPro.exe:*:Enabled:GAPro"
"D:\Program Files\BitComet\BitComet.exe"="D:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"D:\Program Files\RssBandit\RSSBandit.exe"="D:\Program Files\RssBandit\RSSBandit.exe:*:Enabled:RSS Bandit"
"E:\JEUX\NovaLogic\Comanche 4\Update.exe"="E:\JEUX\NovaLogic\Comanche 4\Update.exe:*:Enabled:Update"
"D:\Program Files\InterVideo\DVD7\WinDVD.exe"="D:\Program Files\InterVideo\DVD7\WinDVD.exe:*:Enabled:WinDVD"
"E:\Program Files\GameSpy Arcade\Aphex.exe"="E:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"D:\Program Files\Ratajik Software\StationRipper\StationRipperConsole.exe"="D:\Program Files\Ratajik Software\StationRipper\StationRipperConsole.exe:*:Enabled:StationRipperConsole"
"D:\Program Files\Movie Collection\MovieCollection.exe"="D:\Program Files\Movie Collection\MovieCollection.exe:*:Enabled:Movie Collection 2005"
"D:\Program Files\Java\jdk1.5.0_06\jre\bin\java.exe"="D:\Program Files\Java\jdk1.5.0_06\jre\bin\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"D:\Program Files\Windows Media Player\wmplayer.exe"="D:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Lecteur Windows Media"
"E:\Program Files\SSI\Silent Hunter II\Shell\SH2.exe"="E:\Program Files\SSI\Silent Hunter II\Shell\SH2.exe:*:Enabled:SH2"
"D:\Documents and Settings\Jacques\Local Settings\Temp\j2eesdk-1_4_03-windows-ml.exe2\package\jre\bin\javaw.exe"="D:\Documents and Settings\Jacques\Local Settings\Temp\j2eesdk-1_4_03-windows-ml.exe2\package\jre\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"D:\Sun\AppServer\lib\appserv.exe"="D:\Sun\AppServer\lib\appserv.exe:*:Enabled:appserv"
"E:\jeux\MotoGP2\motogp2.exe"="E:\jeux\MotoGP2\motogp2.exe:*:Enabled:motogp2"
"D:\WINDOWS\System32\dplaysvr.exe"="D:\WINDOWS\System32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"E:\JEUX\Microsoft Games\Combat Flight Simulator\COMBATFS.EXE"="E:\JEUX\Microsoft Games\Combat Flight Simulator\COMBATFS.EXE:*:Enabled:Module Combat Simulator"
"D:\Program Files\eMule\emule.exe"="D:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"E:\JEUX\Infogrames\Grand Prix 4\GP4.exe"="E:\JEUX\Infogrames\Grand Prix 4\GP4.exe:*:Enabled:GP4"
"E:\jeux\Virtual Skipper 4 Demo\Vsk4Demo.exe"="E:\jeux\Virtual Skipper 4 Demo\Vsk4Demo.exe:*:Enabled:Vsk4Demo"
"D:\Program Files\uTorrent\utorrent.exe"="D:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"E:\jeux\skipper\Vsk3Demo\Vsk3Demo.exe"="E:\jeux\skipper\Vsk3Demo\Vsk3Demo.exe:*:Enabled:Vsk3Demo"
"E:\jeux\TrackMania Sunrise Extreme Demo\TmSunriseExtremeDemo.exe"="E:\jeux\TrackMania Sunrise Extreme Demo\TmSunriseExtremeDemo.exe:*:Enabled:TmSunriseExtremeDemo"
"D:\Downloads\visioclub.exe"="D:\Downloads\visioclub.exe:*:Enabled:Visioclub : webcam & free chat"
"D:\Program Files\Azureus\Azureus.exe"="D:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\sandra.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\sandra.exe:*:Enabled:SiSoftware Sandra Lite"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Allocam Multi Visio\allocam.exe"="D:\Program Files\Allocam Multi Visio\allocam.exe:*:Enabled:Multi Video"
"D:\PROGRA~1\ALLOCA~1\allocam.exe"="D:\PROGRA~1\ALLOCA~1\allocam.exe:*:Enabled:Multi Video"
"D:\Documents and Settings\Jacques\Local Settings\Temp\occ.exe"="D:\Documents and Settings\Jacques\Local Settings\Temp\occ.exe:*:Enabled:OneCC Module"
"D:\Program Files\MontrealAmateur\WebCam2000.exe"="D:\Program Files\MontrealAmateur\WebCam2000.exe:*:Enabled:MontrealAmateurCam Image Server"
"D:\Program Files\DAP\DAP.exe"="D:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"D:\Program Files\Yahoo!\Messenger\YServer.exe"="D:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"D:\Program Files\SecondLife\SLVoice.exe"="D:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
"D:\Program Files\Fichiers communs\AOL\Loader\aolload.exe"="D:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"D:\Program Files\AIM6\aim6.exe"="D:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"D:\Program Files\Internet Explorer\IEXPLORE.EXE"="D:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"D:\WINDOWS\System32\rtcshare.exe"="D:\WINDOWS\System32\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"D:\Program Files\RedlightCenter\RedLightCenter\Redlightcenter.exe"="D:\Program Files\RedlightCenter\RedLightCenter\Redlightcenter.exe:*:Enabled:Redlightcenter"
"D:\Program Files\Joost\xulrunner\tvprunner.exe"="D:\Program Files\Joost\xulrunner\tvprunner.exe:*:Enabled:tvprunner"
"D:\Program Files\adslTV\adsltv.exe"="D:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"D:\Program Files\Participatory Culture Foundation\Miro\Miro_Downloader.exe"="D:\Program Files\Participatory Culture Foundation\Miro\Miro_Downloader.exe:*:Enabled:Miro_Downloader"
"D:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="D:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"D:\Documents and Settings\Jacques\Application Data\U3\0000187DA571B3B4\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe"="D:\Documents and Settings\Jacques\Application Data\U3\0000187DA571B3B4\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe"="D:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe:*:Enabled:CrazyTalk"
"D:\Program Files\Sun\xVM VirtualBox\vboxwebsrv.exe"="D:\Program Files\Sun\xVM VirtualBox\vboxwebsrv.exe:*:Enabled:vboxwebsrv"
"D:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe"="D:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe:*:Enabled:VirtualBox"
"D:\Program Files\Google\Google Talk\googletalk.exe"="D:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\sandra.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\sandra.exe:*:Enabled:SiSoftware Sandra Lite"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{02da6cf7-59f2-11d9-97a3-806d6172696f}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aceb8c6f-cdbb-11dc-9a84-005056c00008}]
shell\AutoRun\command - G:\Begin.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc7a9db4-e5db-11db-84ee-00c0a8da3ecc}]
shell\AutoRun\command - G:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d0c254ad-1ccf-11dd-9b08-005056c00008}]
shell\AutoRun\command - K:\InstallTomTomHOME.exe

======File associations======

.scr - open - "%1" %*

======List of files/folders created in the last 1 months======

2008-11-29 18:22:42 ----D---- D:\Program Files\trend micro
2008-11-29 18:22:41 ----D---- D:\rsit
2008-11-28 18:35:07 ----SH---- D:\WINDOWS\system32\vijyyqcs.ini
2008-11-28 17:56:34 ----ASH---- D:\WINDOWS\system32\IlSCdccf.ini
2008-11-28 17:51:30 ----A---- D:\WINDOWS\system32\byXOighI.dll
2008-11-26 10:58:08 ----A---- D:\WINDOWS\system32\SpywareRemover.exe
2008-11-24 23:37:50 ----D---- D:\Program Files\Photo DVD Maker Professional
2008-11-24 17:04:00 ----D---- D:\Program Files\7-Zip
2008-11-20 18:28:06 ----D---- D:\WINDOWS\system32\Adobe
2008-11-19 19:40:39 ----D---- D:\Program Files\Free Video Converter
2008-11-19 19:32:56 ----D---- D:\Program Files\Fichiers communs\DVDVideoSoft
2008-11-18 21:51:09 ----A---- D:\WINDOWS\system32\D3DX9_40.dll
2008-11-18 21:51:09 ----A---- D:\WINDOWS\system32\d3dx10_40.dll
2008-11-18 21:51:09 ----A---- D:\WINDOWS\system32\D3DCompiler_40.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\XAudio2_3.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\XAudio2_2.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\XAPOFX1_2.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\XAPOFX1_1.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\xactengine3_3.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\X3DAudio1_5.dll
2008-11-18 21:51:07 ----A---- D:\WINDOWS\system32\xactengine3_2.dll
2008-11-18 21:51:07 ----A---- D:\WINDOWS\system32\D3DX9_39.dll
2008-11-18 21:51:07 ----A---- D:\WINDOWS\system32\d3dx10_39.dll
2008-11-18 21:51:07 ----A---- D:\WINDOWS\system32\D3DCompiler_39.dll
2008-11-18 21:51:06 ----A---- D:\WINDOWS\system32\XAudio2_1.dll
2008-11-18 21:51:06 ----A---- D:\WINDOWS\system32\XAPOFX1_0.dll
2008-11-18 21:51:05 ----A---- D:\WINDOWS\system32\xactengine3_1.dll
2008-11-18 21:51:05 ----A---- D:\WINDOWS\system32\X3DAudio1_4.dll
2008-11-18 21:51:05 ----A---- D:\WINDOWS\system32\d3dx10_38.dll
2008-11-18 21:51:05 ----A---- D:\WINDOWS\system32\D3DCompiler_38.dll
2008-11-18 21:51:04 ----A---- D:\WINDOWS\system32\XAudio2_0.dll
2008-11-18 21:51:04 ----A---- D:\WINDOWS\system32\xactengine3_0.dll
2008-11-18 21:51:04 ----A---- D:\WINDOWS\system32\X3DAudio1_3.dll
2008-11-18 21:51:04 ----A---- D:\WINDOWS\system32\D3DX9_38.dll
2008-11-18 21:51:02 ----A---- D:\WINDOWS\system32\d3dx10_37.dll
2008-11-18 21:51:02 ----A---- D:\WINDOWS\system32\D3DCompiler_37.dll
2008-11-18 21:50:54 ----A---- D:\WINDOWS\system32\D3DX9_37.dll
2008-11-18 21:49:34 ----D---- D:\WINDOWS\Logs
2008-11-18 21:49:04 ----A---- D:\WINDOWS\system32\ff_vfw.dll.manifest
2008-11-18 21:49:02 ----A---- D:\WINDOWS\system32\ff_vfw.dll
2008-11-18 21:49:01 ----A---- D:\WINDOWS\system32\pthreadGC2.dll
2008-11-18 21:48:50 ----HD---- D:\Documents and Settings\All Users\Application Data\{727691AA-C0CE-4AB4-8D16-F6558DFF5408}
2008-11-18 21:40:20 ----D---- D:\Program Files\Utherverse Digital Inc
2008-11-18 10:29:46 ----D---- D:\Program Files\iWizz
2008-11-17 10:19:43 ----D---- D:\Program Files\Sun
2008-11-15 19:54:14 ----D---- D:\MySlideshow
2008-11-15 18:14:52 ----A---- D:\WINDOWS\system32\swt-win32-3232.dll
2008-11-12 23:52:39 ----HD---- D:\WINDOWS\$NtUninstallKB957097$
2008-11-12 23:52:34 ----HD---- D:\WINDOWS\$NtUninstallKB954459$
2008-11-12 23:52:22 ----HD---- D:\WINDOWS\$NtUninstallKB955069$
2008-11-11 17:46:55 ----D---- D:\DVD-Slideshow
2008-11-11 00:21:00 ----A---- D:\Documents and Settings\Jacques\Application Data\inst.exe
2008-11-11 00:20:59 ----D---- D:\Documents and Settings\Jacques\Application Data\Vso
2008-11-11 00:20:49 ----A---- D:\WINDOWS\system32\sipr3260.dll
2008-11-11 00:20:49 ----A---- D:\WINDOWS\system32\drv43260.dll
2008-11-11 00:20:49 ----A---- D:\WINDOWS\system32\drv33260.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\system32\wvc1dmod.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\system32\vp7vfw.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\system32\drv23260.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\system32\cook3260.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\gdiplus.dll
2008-11-10 23:35:25 ----D---- D:\Program Files\EasyPhotoTools
2008-11-10 13:15:56 ----D---- D:\Program Files\Slideshow pro
2008-11-10 13:15:47 ----D---- D:\Program Files\mresreg
2008-11-10 11:03:52 ----D---- D:\Program Files\Fichiers communs\Skype
2008-11-07 19:49:18 ----D---- D:\Documents and Settings\Jacques\Application Data\Search Settings
2008-11-07 13:22:22 ----D---- D:\Program Files\Search Settings
2008-11-07 13:22:02 ----D---- D:\Program Files\Dealio
2008-11-07 13:21:56 ----D---- D:\Documents and Settings\Jacques\Application Data\Dealio
2008-11-07 13:21:12 ----A---- D:\WINDOWS\system32\SSubTmr6.dll
2008-11-07 13:21:12 ----A---- D:\WINDOWS\system32\msxml4a.dll
2008-11-07 13:21:11 ----D---- D:\Program Files\Free Easy Burner
2008-11-01 00:50:14 ----SHD---- D:\FOUND.010

======List of files/folders modified in the last 1 months======

2008-11-29 18:16:56 ----A---- D:\WINDOWS\SchedLgU.Txt
2008-11-29 09:37:56 ----A---- D:\WINDOWS\wininit.ini
2008-11-29 00:59:16 ----A---- D:\WINDOWS\win.ini
2008-11-29 00:59:16 ----A---- D:\WINDOWS\System.ini
2008-11-29 00:29:32 ----N---- D:\WINDOWS\system32\pxinsa64.exe
2008-11-29 00:29:32 ----N---- D:\WINDOWS\system32\pxhpinst.exe
2008-11-29 00:29:32 ----N---- D:\WINDOWS\system32\pxcpya64.exe
2008-11-29 00:29:28 ----N---- D:\WINDOWS\system32\pxsfs.dll
2008-11-29 00:29:26 ----N---- D:\WINDOWS\system32\pxwave.dll
2008-11-29 00:29:26 ----N---- D:\WINDOWS\system32\pxmas.dll
2008-11-29 00:29:26 ----N---- D:\WINDOWS\system32\pxdrv.dll
2008-11-29 00:29:26 ----N---- D:\WINDOWS\system32\px.dll
2008-11-28 14:09:42 ----A---- D:\WINDOWS\NeroDigital.ini
2008-11-28 14:09:38 ----A---- D:\WINDOWS\M3JP2K.INI
2008-11-08 23:50:04 ----A---- D:\WINDOWS\yesmessenger.ini
2008-11-04 01:10:26 ----A---- D:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD Athlon64; D:\WINDOWS\System32\DRIVERS\AmdK8.sys [2004-05-08 38912]
R1 atitray;atitray; \??\D:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys []
R1 avgio;avgio; \??\D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-26 75072]
R1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board; D:\WINDOWS\system32\drivers\DCxxMJPG.sys [2002-06-04 132940]
R1 InCDPass;InCDPass; D:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-03-24 27664]
R1 incdrm;InCD EasyWrite Reader; D:\WINDOWS\system32\drivers\incdrm.sys [2003-12-30 28080]
R1 MagicTune;MagicTune; D:\WINDOWS\system32\drivers\MTictwl.sys [2005-10-21 13396]
R1 NPPTNT2;NPPTNT2; \??\D:\WINDOWS\system32\npptNT2.sys []
R1 PCLEPCI;PCLEPCI; \??\D:\WINDOWS\system32\Drivers\PCLEPCI.SYS []
R1 PQIMount;PQIMount; D:\WINDOWS\system32\drivers\PQIMount.sys [2003-06-03 46900]
R1 PQNTDrv;PQNTDrv; D:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 prodrv06;StarForce Protection Environment Driver v6; D:\WINDOWS\System32\drivers\prodrv06.sys [2004-01-26 52224]
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; D:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 VBoxDrv;VirtualBox Service; D:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2008-10-23 96016]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; D:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2008-10-23 41744]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-24 12032]
R2 ASPI32;ASPI32; D:\WINDOWS\system32\drivers\ASPI32.sys [2002-07-17 16512]
R2 CdaC15BA;CdaC15BA; \??\D:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 Fallback;Fallback; D:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2003-04-24 289887]
R2 Fsks;Fsks; D:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2003-04-24 115807]
R2 GVCplDrv;GVCplDrv; D:\WINDOWS\system32\drivers\GVCplDrv.sys [2003-05-06 20156]
R2 hcmon;VMware hcmon; \??\D:\WINDOWS\system32\Drivers\hcmon.sys []
R2 irda;Protocole IrDA; D:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 K56;K56; D:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2003-04-24 391199]
R2 mdmxsdk;mdmxsdk; D:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; D:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; D:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2003-04-24 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; D:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2003-04-24 55936]
R2 PfModNT;PfModNT; \??\D:\WINDOWS\system32\PfModNT.sys []
R2 SoftFax;SoftFax; D:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2003-04-24 199711]
R2 tmcomm;tmcomm; \??\D:\WINDOWS\system32\drivers\tmcomm.sys []
R2 Tones;Tones; D:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2003-04-24 50751]
R2 V124;V124; D:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2003-04-24 488383]
R2 VMnetBridge;VMware Bridge Protocol; D:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2007-08-21 28592]
R2 VMnetuserif;VMware Network Application Interface; \??\D:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 VMparport;VMware VMparport; \??\D:\WINDOWS\system32\Drivers\VMparport.sys []
R2 vmx86;VMware vmx86; \??\D:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vstor2.sys []
R3 ALCXSENS;Service for WDM 3D Audio Driver; D:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-02 635281]
R3 ASAPIW2k;ASAPIW2K; D:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 ati2mtag;ati2mtag; D:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2005-06-29 1241088]
R3 avgntflt;avgntflt; \??\D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 CTL511Plus;Video Blaster WebCam 3/WebCam Plus (WDM); D:\WINDOWS\system32\DRIVERS\webc3vid.sys [2001-11-07 166504]
R3 GearAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; D:\WINDOWS\system32\DRIVERS\LHidFlt2.sys [2002-07-02 23854]
R3 LHidUsb;Logitech USB Receiver device driver; D:\WINDOWS\system32\drivers\LHidUsb.Sys [2002-07-02 40508]
R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; D:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys [2002-07-02 6030]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; D:\WINDOWS\system32\DRIVERS\LMouFlt2.sys [2002-07-02 70382]
R3 MarvinBus;Pinnacle Marvin Bus; D:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-06-21 78976]
R3 mouhid;Pilote HID de souris; D:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Pcouffin;VSO Software pcouffin; D:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-11-11 47360]
R3 PctvVirtualNdis;Pinnacle Virtual Miniport; D:\WINDOWS\system32\DRIVERS\PctvVirtualNdis.sys [2007-02-02 13696]
R3 Pfc;Padus ASPI Shell; D:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 Rasirda;Miniport réseau étendu (IrDA); D:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 tunmp;Pilote de carte miniport Tun Microsoft; D:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 ULI5261;ULi Based Ethernet NT Driver; D:\WINDOWS\System32\DRIVERS\ULILAN.SYS [2004-07-26 29696]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; D:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; D:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; D:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; D:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vmkbd;VMware kbd; \??\D:\WINDOWS\system32\drivers\VMkbd.sys []
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; D:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2007-08-21 16816]
R3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); D:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-05-04 402944]
R4 InCDfs;InCD File System; D:\WINDOWS\system32\drivers\InCDfs.sys [2004-03-24 99568]
S1 kbdhid;Pilote HID de clavier; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S2 CoachCap;Firstline FDC 2000 USB Video Capture V1.00; D:\WINDOWS\system32\drivers\CoachCap.sys [2002-03-03 93068]
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\D:\WINDOWS\System32\DRIVERS\ASPI32.sys []
S3 ATE_PROCMON;ATE_PROCMON; \??\D:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 basic2;basic2; D:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2003-04-24 67167]
S3 catchme;catchme; \??\D:\DOCUME~1\Jacques\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\D:\Program Files\HardwareDetection\driverhardwarev2.sys []
S3 ENTECH;ENTECH; \??\D:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); D:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
S3 hidgame;Activateur de port HID à manette de jeu Microsoft; D:\WINDOWS\system32\DRIVERS\hidgame.sys [2003-04-24 8576]
S3 hidusb;Pilote de classe HID Microsoft; D:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HSF_DP;HSF_DP; D:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
S3 hsf_msft;hsf_msft; D:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2003-04-24 542879]
S3 HSFHWBS2;HSFHWBS2; D:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
S3 IKFileSec;File Security Driver; D:\WINDOWS\system32\drivers\ikfilesec.sys [2008-06-02 42376]
S3 IKSysFlt;System Filter Driver; D:\WINDOWS\system32\drivers\iksysflt.sys [2008-06-02 66952]
S3 IKSysSec;System Security Driver; D:\WINDOWS\system32\drivers\iksyssec.sys [2008-06-10 81288]
S3 irsir;Pilote série infrarouge Microsoft; D:\WINDOWS\System32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 Ltn_stk7070P;PCTV based TV tuner device; D:\WINDOWS\system32\DRIVERS\Ltn_stk7070P.sys [2007-06-14 466048]
S3 Ltn_stkrc;PCTV Infrared Receiver; D:\WINDOWS\system32\DRIVERS\Ltn_stkrc.sys [2007-06-13 13440]
S3 MODEMC

Répondre à jpapiet

5

jpapiet, le 30 nov 2008 à 10:02:34

Logfile of random's system information tool 1.04 (written by random/random)
Run by Jacques at 2008-11-29 18:22:41
Microsoft Windows XP Édition familiale Service Pack 3
System drive D: has 10 GB (28%) free of 38 GB
Total RAM: 1023 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:23:11, on 29/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Defender\MsMpEng.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Ahead\InCD\InCDsrv.exe
D:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\RamBoost XP\rambxpfr.exe
D:\Program Files\Club-Internet\Lanceur\lanceur.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\WINDOWS\system32\CTSvcCDA.exe
D:\Program Files\EPSON\ESM2\eEBSVC.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\UPHClean\uphclean.exe
D:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
D:\WINDOWS\system32\vmnat.exe
D:\WINDOWS\system32\vmnetdhcp.exe
D:\Program Files\VMware\VMware Player\vmware-authd.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Documents and Settings\Jacques\Bureau\RSIT.exe
D:\Program Files\trend micro\Jacques.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
R3 - URLSearchHook: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {49F68B91-3571-4883-9CEA-181E40A6857E} - D:\WINDOWS\system32\fccdCSlI.dll (file missing)
O2 - BHO: (no name) - {54D14726-66BC-4235-87B3-1B4797E5B9B8} - D:\WINDOWS\system32\jkkLBrrQ.dll (file missing)
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - D:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - D:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpywareCleaner] D:\WINDOWS\system32\SpywareRemover.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RamBoostXp] D:\Program Files\RamBoost XP\rambxpfr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Club Internet.lnk = D:\Program Files\Club-Internet\Lanceur\lanceur.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Compare Prices with &Dealio - D:\Documents and Settings\Jacques\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: Post Image to Blog - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: S'abonner avec l'agrégateur par défaut - D:\Documents and Settings\Jacques\Application Data\RssBandit\iecontext_subscribefeed.htm
O8 - Extra context menu item: Tag This Image - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - D:\PROGRA~1\ALLOCA~1\allocam.exe
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - D:\PROGRA~1\ALLOCA~1\allocam.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - D:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - D:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://surechat.com:9000/Java/cfs31229.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/...
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,84/mcinsctl.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB50} (Sony SNC-CS3 Image Viewer) - http://82.127.17.206/home/SonySncCs3View.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://camera1.mairie-brest.fr/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,21/mcgdmgr.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: D:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL ogpncw.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - D:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Visualware CallerIP (CallerIP) - Unknown owner - D:\Program Files\CallerIP\cip-nt.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - D:\Program Files\EPSON\ESM2\eEBSVC.exe
O23 - Service: GoogleDesktopManager - Google - D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - D:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Canon BJ Memory Card Manager (oaa4aeyyeruo) - Unknown owner - D:\WINDOWS\system32\gamuj.exe (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: V2i Protector - PowerQuest Corporation - D:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - D:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - D:\WINDOWS\system32\vmnat.exe
End of file - 15476 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\yljihsyx.job
D:\WINDOWS\tasks\MP Scheduled Scan.job
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\Maintenance en 1 clic.job
D:\WINDOWS\tasks\User_Feed_Synchronization-{9E510C6E-0EDC-43C6-A4E1-3E43417E7DA0}.job
D:\WINDOWS\tasks\Norton Security Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-17 308832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49F68B91-3571-4883-9CEA-181E40A6857E}]
D:\WINDOWS\system32\fccdCSlI.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54D14726-66BC-4235-87B3-1B4797E5B9B8}]
D:\WINDOWS\system32\jkkLBrrQ.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
DealioBHO Class - D:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
ST - D:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-08 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [2006-10-26 440384]
{ecdee021-0d17-467f-a1ff-c7a115230949}
{6932D140-ABC4-4073-A44C-D4A541665E35} - ImageShack Toolbar - D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll [2008-01-29 626688]
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Vade Retro Outlook Express"=D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe [2006-02-16 295936]
"avgnt"=D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"QuickTime Task"=D:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SpywareCleaner"=D:\WINDOWS\system32\SpywareRemover.exe [2008-11-26 297697]
"TkBellExe"=D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-10-17 185872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RamBoostXp"=D:\Program Files\RamBoost XP\rambxpfr.exe [2004-03-09 1542144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti Trojan Elite]
D:\Program Files\Anti Trojan Elite\TJEnder.exe :NO []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-10-01 111936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiTrayTools]
D:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe [2007-05-22 521128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreativeMixer]
D:\Program Files\Creative\Audio2K\PROGRAM\CTMIX32.EXE [1999-11-18 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
D:\Program Files\DAP\DAP.EXE /STARTUP []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
D:\Program Files\eoRezo\EoEngine.exe [2008-01-08 561152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoNet]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoTraduction]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoWeather]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Framework Windows]
frmwrk32.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gafoh]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-08-14 1838592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
D:\Program Files\Google\Google Talk\googletalk.exe [2007-11-21 3297280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMC]
D:\Program Files\FriendFinder\FriendFinder Messenger 40\imc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
D:\Program Files\Ahead\InCD\InCD.exe [2004-03-24 1294446]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
D:\Program Files\Spyware Doctor\pctsTray.exe [2008-07-16 1166216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV]
D:\Program Files\eoRezo\EoTraduction\ItsTV.exe [2007-04-26 2908160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
D:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray2k]
D:\WINDOWS\system32\MMTray2k.exe [2001-11-01 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
D:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe [2006-04-21 438359]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
D:\Program Files\MSN Apps\Updater\01.03.0000.1005\fr\msnappau.exe [2004-08-13 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
D:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCLEPCI]
D:\PROGRA~1\PINNACLE\PPE\ppe.exe [2002-06-25 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
D:\Program Files\Picasa2\PicasaMediaDetector.exe [2008-08-21 443968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
D:\WINDOWS\system32\PSDrvCheck.exe [2004-03-10 406016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCLoader]
D:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCRemote]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RamBoostXp]
D:\Program Files\RamBoost XP\rambxpfr.exe [2004-03-09 1542144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster 2 d’Uniblue ]
D:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
D:\Program Files\Search Settings\SearchSettings.exe [2008-06-12 991584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
D:\WINDOWS\SOUNDMAN.EXE [2004-07-27 68096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StandardInstall]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k]
D:\Program Files\Multimedia Card Reader\shwicon2k.exe [2005-10-07 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-17 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TE_RegProtect]
D:\Program Files\Anti Trojan Elite\TERegPct.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-10-17 185872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
D:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-09-26 206184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Totocam]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent WiFi]
D:\Club-Internet\Wizard\Agent_wifi.exe [2006-05-23 897024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ub4TrayApp]
D:\Program Files\Astase\UltraBackup\4.0\bin\ubtray.exe [2004-10-10 1381888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
D:\WINDOWS\system32\dumprep 0 -u []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vaderetro Outlook]
D:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe [2006-07-22 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\viva]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
D:\Program Files\VMware\VMware Player\hqtray.exe [2007-08-21 55856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-30 4670704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
D:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Color Calibration.lnk]
D:\PROGRA~1\SEC\MAGICT~1.6\GAMMAT~1.EXE [2004-07-03 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
D:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2005-06-22 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
D:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
D:\PROGRA~1\CLUB-I~1\LECOMP~1\bin\matcli.exe [2005-06-03 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MagicTune 3.6.lnk]
D:\PROGRA~1\SEC\MAGICT~1.6\MAGICT~2.EXE [2004-12-30 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NaturalColorLoad.lnk]
D:\PROGRA~1\SEC\NATURA~1\NATURA~1.EXE [2002-04-12 155715]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
D:\PROGRA~1\Google\GOEAD5~1\GOOGLE~1.EXE [2008-10-08 161264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Jacques^Menu Démarrer^Programmes^Démarrage^Datecracker.exe.lnk]
E:\DICTIO~1\Vidal\DATECR~1\DATECR~1.EXE [2002-09-11 19968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Jacques^Menu Démarrer^Programmes^Démarrage^MS Office - Démarrage accéléré.lnk]
D:\Office\FASTBOOT.EXE [1996-03-08 14848]

D:\Documents and Settings\Jacques\Menu Démarrer\Programmes\Démarrage
Club Internet.lnk - D:\Program Files\Club-Internet\Lanceur\lanceur.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="D:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL ogpncw.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2005-06-29 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MCPClient]
D:\PROGRA~1\FICHIE~1\Stardock\mcpstub.dll [2005-01-31 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=D:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\KaZaA Lite\Kazaa.exe"="D:\Program Files\KaZaA Lite\Kazaa.exe:*:Enabled:Kazaa Lite"
"D:\Program Files\Messenger\msmsgs.exe"="D:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Program Files\Kazaa Lite K++\KazaaLite.kpp"="D:\Program Files\Kazaa Lite K++\KazaaLite.kpp:*:Enabled:KazaaLite"
"D:\Program Files\NetMeeting\conf.exe"="D:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"D:\Program Files\Shareaza\Shareaza.exe"="D:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza Ultimate File Sharing"
"D:\Program Files\Sierra On-Line\SIGSPat.exe"="D:\Program Files\Sierra On-Line\SIGSPat.exe:*:Enabled:SIGSPat"
"E:\JEUX\gamespyarcade\Aphex.exe"="E:\JEUX\gamespyarcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"D:\Program Files\GetAnonymous 2.1 Professional\GAPro.exe"="D:\Program Files\GetAnonymous 2.1 Professional\GAPro.exe:*:Enabled:GAPro"
"D:\Program Files\BitComet\BitComet.exe"="D:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"D:\Program Files\RssBandit\RSSBandit.exe"="D:\Program Files\RssBandit\RSSBandit.exe:*:Enabled:RSS Bandit"
"E:\JEUX\NovaLogic\Comanche 4\Update.exe"="E:\JEUX\NovaLogic\Comanche 4\Update.exe:*:Enabled:Update"
"D:\Program Files\InterVideo\DVD7\WinDVD.exe"="D:\Program Files\InterVideo\DVD7\WinDVD.exe:*:Enabled:WinDVD"
"E:\Program Files\GameSpy Arcade\Aphex.exe"="E:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"D:\Program Files\Ratajik Software\StationRipper\StationRipperConsole.exe"="D:\Program Files\Ratajik Software\StationRipper\StationRipperConsole.exe:*:Enabled:StationRipperConsole"
"D:\Program Files\Movie Collection\MovieCollection.exe"="D:\Program Files\Movie Collection\MovieCollection.exe:*:Enabled:Movie Collection 2005"
"D:\Program Files\Java\jdk1.5.0_06\jre\bin\java.exe"="D:\Program Files\Java\jdk1.5.0_06\jre\bin\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"D:\Program Files\Windows Media Player\wmplayer.exe"="D:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Lecteur Windows Media"
"E:\Program Files\SSI\Silent Hunter II\Shell\SH2.exe"="E:\Program Files\SSI\Silent Hunter II\Shell\SH2.exe:*:Enabled:SH2"
"D:\Documents and Settings\Jacques\Local Settings\Temp\j2eesdk-1_4_03-windows-ml.exe2\package\jre\bin\javaw.exe"="D:\Documents and Settings\Jacques\Local Settings\Temp\j2eesdk-1_4_03-windows-ml.exe2\package\jre\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"D:\Sun\AppServer\lib\appserv.exe"="D:\Sun\AppServer\lib\appserv.exe:*:Enabled:appserv"
"E:\jeux\MotoGP2\motogp2.exe"="E:\jeux\MotoGP2\motogp2.exe:*:Enabled:motogp2"
"D:\WINDOWS\System32\dplaysvr.exe"="D:\WINDOWS\System32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"E:\JEUX\Microsoft Games\Combat Flight Simulator\COMBATFS.EXE"="E:\JEUX\Microsoft Games\Combat Flight Simulator\COMBATFS.EXE:*:Enabled:Module Combat Simulator"
"D:\Program Files\eMule\emule.exe"="D:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"E:\JEUX\Infogrames\Grand Prix 4\GP4.exe"="E:\JEUX\Infogrames\Grand Prix 4\GP4.exe:*:Enabled:GP4"
"E:\jeux\Virtual Skipper 4 Demo\Vsk4Demo.exe"="E:\jeux\Virtual Skipper 4 Demo\Vsk4Demo.exe:*:Enabled:Vsk4Demo"
"D:\Program Files\uTorrent\utorrent.exe"="D:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"E:\jeux\skipper\Vsk3Demo\Vsk3Demo.exe"="E:\jeux\skipper\Vsk3Demo\Vsk3Demo.exe:*:Enabled:Vsk3Demo"
"E:\jeux\TrackMania Sunrise Extreme Demo\TmSunriseExtremeDemo.exe"="E:\jeux\TrackMania Sunrise Extreme Demo\TmSunriseExtremeDemo.exe:*:Enabled:TmSunriseExtremeDemo"
"D:\Downloads\visioclub.exe"="D:\Downloads\visioclub.exe:*:Enabled:Visioclub : webcam & free chat"
"D:\Program Files\Azureus\Azureus.exe"="D:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\sandra.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\sandra.exe:*:Enabled:SiSoftware Sandra Lite"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Allocam Multi Visio\allocam.exe"="D:\Program Files\Allocam Multi Visio\allocam.exe:*:Enabled:Multi Video"
"D:\PROGRA~1\ALLOCA~1\allocam.exe"="D:\PROGRA~1\ALLOCA~1\allocam.exe:*:Enabled:Multi Video"
"D:\Documents and Settings\Jacques\Local Settings\Temp\occ.exe"="D:\Documents and Settings\Jacques\Local Settings\Temp\occ.exe:*:Enabled:OneCC Module"
"D:\Program Files\MontrealAmateur\WebCam2000.exe"="D:\Program Files\MontrealAmateur\WebCam2000.exe:*:Enabled:MontrealAmateurCam Image Server"
"D:\Program Files\DAP\DAP.exe"="D:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"D:\Program Files\Yahoo!\Messenger\YServer.exe"="D:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"D:\Program Files\SecondLife\SLVoice.exe"="D:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
"D:\Program Files\Fichiers communs\AOL\Loader\aolload.exe"="D:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"D:\Program Files\AIM6\aim6.exe"="D:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"D:\Program Files\Internet Explorer\IEXPLORE.EXE"="D:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"D:\WINDOWS\System32\rtcshare.exe"="D:\WINDOWS\System32\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"D:\Program Files\RedlightCenter\RedLightCenter\Redlightcenter.exe"="D:\Program Files\RedlightCenter\RedLightCenter\Redlightcenter.exe:*:Enabled:Redlightcenter"
"D:\Program Files\Joost\xulrunner\tvprunner.exe"="D:\Program Files\Joost\xulrunner\tvprunner.exe:*:Enabled:tvprunner"
"D:\Program Files\adslTV\adsltv.exe"="D:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"D:\Program Files\Participatory Culture Foundation\Miro\Miro_Downloader.exe"="D:\Program Files\Participatory Culture Foundation\Miro\Miro_Downloader.exe:*:Enabled:Miro_Downloader"
"D:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="D:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"D:\Documents and Settings\Jacques\Application Data\U3\0000187DA571B3B4\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe"="D:\Documents and Settings\Jacques\Application Data\U3\0000187DA571B3B4\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe"="D:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe:*:Enabled:CrazyTalk"
"D:\Program Files\Sun\xVM VirtualBox\vboxwebsrv.exe"="D:\Program Files\Sun\xVM VirtualBox\vboxwebsrv.exe:*:Enabled:vboxwebsrv"
"D:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe"="D:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe:*:Enabled:VirtualBox"
"D:\Program Files\Google\Google Talk\googletalk.exe"="D:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\sandra.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\sandra.exe:*:Enabled:SiSoftware Sandra Lite"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{02da6cf7-59f2-11d9-97a3-806d6172696f}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aceb8c6f-cdbb-11dc-9a84-005056c00008}]
shell\AutoRun\command - G:\Begin.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc7a9db4-e5db-11db-84ee-00c0a8da3ecc}]
shell\AutoRun\command - G:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d0c254ad-1ccf-11dd-9b08-005056c00008}]
shell\AutoRun\command - K:\InstallTomTomHOME.exe

======File associations======

.scr - open - "%1" %*

======List of files/folders created in the last 1 months======

2008-11-29 18:22:42 ----D---- D:\Program Files\trend micro
2008-11-29 18:22:41 ----D---- D:\rsit
2008-11-28 18:35:07 ----SH---- D:\WINDOWS\system32\vijyyqcs.ini
2008-11-28 17:56:34 ----ASH---- D:\WINDOWS\system32\IlSCdccf.ini
2008-11-28 17:51:30 ----A---- D:\WINDOWS\system32\byXOighI.dll
2008-11-26 10:58:08 ----A---- D:\WINDOWS\system32\SpywareRemover.exe
2008-11-24 23:37:50 ----D---- D:\Program Files\Photo DVD Maker Professional
2008-11-24 17:04:00 ----D---- D:\Program Files\7-Zip
2008-11-20 18:28:06 ----D---- D:\WINDOWS\system32\Adobe
2008-11-19 19:40:39 ----D---- D:\Program Files\Free Video Converter
2008-11-19 19:32:56 ----D---- D:\Program Files\Fichiers communs\DVDVideoSoft
2008-11-18 21:51:09 ----A---- D:\WINDOWS\system32\D3DX9_40.dll
2008-11-18 21:51:09 ----A---- D:\WINDOWS\system32\d3dx10_40.dll
2008-11-18 21:51:09 ----A---- D:\WINDOWS\system32\D3DCompiler_40.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\XAudio2_3.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\XAudio2_2.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\XAPOFX1_2.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\XAPOFX1_1.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\xactengine3_3.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\X3DAudio1_5.dll
2008-11-18 21:51:07 ----A---- D:\WINDOWS\system32\xactengine3_2.dll
2008-11-18 21:51:07 ----A---- D:\WINDOWS\system32\D3DX9_39.dll
2008-11-18 21:51:07 ----A---- D:\WINDOWS\system32\d3dx10_39.dll
2008-11-18 21:51:07 ----A---- D:\WINDOWS\system32\D3DCompiler_39.dll
2008-11-18 21:51:06 ----A---- D:\WINDOWS\system32\XAudio2_1.dll
2008-11-18 21:51:06 ----A---- D:\WINDOWS\system32\XAPOFX1_0.dll
2008-11-18 21:51:05 ----A---- D:\WINDOWS\system32\xactengine3_1.dll
2008-11-18 21:51:05 ----A---- D:\WINDOWS\system32\X3DAudio1_4.dll
2008-11-18 21:51:05 ----A---- D:\WINDOWS\system32\d3dx10_38.dll
2008-11-18 21:51:05 ----A---- D:\WINDOWS\system32\D3DCompiler_38.dll
2008-11-18 21:51:04 ----A---- D:\WINDOWS\system32\XAudio2_0.dll
2008-11-18 21:51:04 ----A---- D:\WINDOWS\system32\xactengine3_0.dll
2008-11-18 21:51:04 ----A---- D:\WINDOWS\system32\X3DAudio1_3.dll
2008-11-18 21:51:04 ----A---- D:\WINDOWS\system32\D3DX9_38.dll
2008-11-18 21:51:02 ----A---- D:\WINDOWS\system32\d3dx10_37.dll
2008-11-18 21:51:02 ----A---- D:\WINDOWS\system32\D3DCompiler_37.dll
2008-11-18 21:50:54 ----A---- D:\WINDOWS\system32\D3DX9_37.dll
2008-11-18 21:49:34 ----D---- D:\WINDOWS\Logs
2008-11-18 21:49:04 ----A---- D:\WINDOWS\system32\ff_vfw.dll.manifest
2008-11-18 21:49:02 ----A---- D:\WINDOWS\system32\ff_vfw.dll
2008-11-18 21:49:01 ----A---- D:\WINDOWS\system32\pthreadGC2.dll
2008-11-18 21:48:50 ----HD---- D:\Documents and Settings\All Users\Application Data\{727691AA-C0CE-4AB4-8D16-F6558DFF5408}
2008-11-18 21:40:20 ----D---- D:\Program Files\Utherverse Digital Inc
2008-11-18 10:29:46 ----D---- D:\Program Files\iWizz
2008-11-17 10:19:43 ----D---- D:\Program Files\Sun
2008-11-15 19:54:14 ----D---- D:\MySlideshow
2008-11-15 18:14:52 ----A---- D:\WINDOWS\system32\swt-win32-3232.dll
2008-11-12 23:52:39 ----HD---- D:\WINDOWS\$NtUninstallKB957097$
2008-11-12 23:52:34 ----HD---- D:\WINDOWS\$NtUninstallKB954459$
2008-11-12 23:52:22 ----HD---- D:\WINDOWS\$NtUninstallKB955069$
2008-11-11 17:46:55 ----D---- D:\DVD-Slideshow
2008-11-11 00:21:00 ----A---- D:\Documents and Settings\Jacques\Application Data\inst.exe
2008-11-11 00:20:59 ----D---- D:\Documents and Settings\Jacques\Application Data\Vso
2008-11-11 00:20:49 ----A---- D:\WINDOWS\system32\sipr3260.dll
2008-11-11 00:20:49 ----A---- D:\WINDOWS\system32\drv43260.dll
2008-11-11 00:20:49 ----A---- D:\WINDOWS\system32\drv33260.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\system32\wvc1dmod.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\system32\vp7vfw.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\system32\drv23260.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\system32\cook3260.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\gdiplus.dll
2008-11-10 23:35:25 ----D---- D:\Program Files\EasyPhotoTools
2008-11-10 13:15:56 ----D---- D:\Program Files\Slideshow pro
2008-11-10 13:15:47 ----D---- D:\Program Files\mresreg
2008-11-10 11:03:52 ----D---- D:\Program Files\Fichiers communs\Skype
2008-11-07 19:49:18 ----D---- D:\Documents and Settings\Jacques\Application Data\Search Settings
2008-11-07 13:22:22 ----D---- D:\Program Files\Search Settings
2008-11-07 13:22:02 ----D---- D:\Program Files\Dealio
2008-11-07 13:21:56 ----D---- D:\Documents and Settings\Jacques\Application Data\Dealio
2008-11-07 13:21:12 ----A---- D:\WINDOWS\system32\SSubTmr6.dll
2008-11-07 13:21:12 ----A---- D:\WINDOWS\system32\msxml4a.dll
2008-11-07 13:21:11 ----D---- D:\Program Files\Free Easy Burner
2008-11-01 00:50:14 ----SHD---- D:\FOUND.010

======List of files/folders modified in the last 1 months======

2008-11-29 18:16:56 ----A---- D:\WINDOWS\SchedLgU.Txt
2008-11-29 09:37:56 ----A---- D:\WINDOWS\wininit.ini
2008-11-29 00:59:16 ----A---- D:\WINDOWS\win.ini
2008-11-29 00:59:16 ----A---- D:\WINDOWS\System.ini
2008-11-29 00:29:32 ----N---- D:\WINDOWS\system32\pxinsa64.exe
2008-11-29 00:29:32 ----N---- D:\WINDOWS\system32\pxhpinst.exe
2008-11-29 00:29:32 ----N---- D:\WINDOWS\system32\pxcpya64.exe
2008-11-29 00:29:28 ----N---- D:\WINDOWS\system32\pxsfs.dll
2008-11-29 00:29:26 ----N---- D:\WINDOWS\system32\pxwave.dll
2008-11-29 00:29:26 ----N---- D:\WINDOWS\system32\pxmas.dll
2008-11-29 00:29:26 ----N---- D:\WINDOWS\system32\pxdrv.dll
2008-11-29 00:29:26 ----N---- D:\WINDOWS\system32\px.dll
2008-11-28 14:09:42 ----A---- D:\WINDOWS\NeroDigital.ini
2008-11-28 14:09:38 ----A---- D:\WINDOWS\M3JP2K.INI
2008-11-08 23:50:04 ----A---- D:\WINDOWS\yesmessenger.ini
2008-11-04 01:10:26 ----A---- D:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD Athlon64; D:\WINDOWS\System32\DRIVERS\AmdK8.sys [2004-05-08 38912]
R1 atitray;atitray; \??\D:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys []
R1 avgio;avgio; \??\D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-26 75072]
R1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board; D:\WINDOWS\system32\drivers\DCxxMJPG.sys [2002-06-04 132940]
R1 InCDPass;InCDPass; D:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-03-24 27664]
R1 incdrm;InCD EasyWrite Reader; D:\WINDOWS\system32\drivers\incdrm.sys [2003-12-30 28080]
R1 MagicTune;MagicTune; D:\WINDOWS\system32\drivers\MTictwl.sys [2005-10-21 13396]
R1 NPPTNT2;NPPTNT2; \??\D:\WINDOWS\system32\npptNT2.sys []
R1 PCLEPCI;PCLEPCI; \??\D:\WINDOWS\system32\Drivers\PCLEPCI.SYS []
R1 PQIMount;PQIMount; D:\WINDOWS\system32\drivers\PQIMount.sys [2003-06-03 46900]
R1 PQNTDrv;PQNTDrv; D:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 prodrv06;StarForce Protection Environment Driver v6; D:\WINDOWS\System32\drivers\prodrv06.sys [2004-01-26 52224]
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; D:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 VBoxDrv;VirtualBox Service; D:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2008-10-23 96016]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; D:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2008-10-23 41744]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-24 12032]
R2 ASPI32;ASPI32; D:\WINDOWS\system32\drivers\ASPI32.sys [2002-07-17 16512]
R2 CdaC15BA;CdaC15BA; \??\D:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 Fallback;Fallback; D:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2003-04-24 289887]
R2 Fsks;Fsks; D:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2003-04-24 115807]
R2 GVCplDrv;GVCplDrv; D:\WINDOWS\system32\drivers\GVCplDrv.sys [2003-05-06 20156]
R2 hcmon;VMware hcmon; \??\D:\WINDOWS\system32\Drivers\hcmon.sys []
R2 irda;Protocole IrDA; D:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 K56;K56; D:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2003-04-24 391199]
R2 mdmxsdk;mdmxsdk; D:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; D:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; D:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2003-04-24 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; D:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2003-04-24 55936]
R2 PfModNT;PfModNT; \??\D:\WINDOWS\system32\PfModNT.sys []
R2 SoftFax;SoftFax; D:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2003-04-24 199711]
R2 tmcomm;tmcomm; \??\D:\WINDOWS\system32\drivers\tmcomm.sys []
R2 Tones;Tones; D:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2003-04-24 50751]
R2 V124;V124; D:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2003-04-24 488383]
R2 VMnetBridge;VMware Bridge Protocol; D:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2007-08-21 28592]
R2 VMnetuserif;VMware Network Application Interface; \??\D:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 VMparport;VMware VMparport; \??\D:\WINDOWS\system32\Drivers\VMparport.sys []
R2 vmx86;VMware vmx86; \??\D:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vstor2.sys []
R3 ALCXSENS;Service for WDM 3D Audio Driver; D:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-02 635281]
R3 ASAPIW2k;ASAPIW2K; D:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 ati2mtag;ati2mtag; D:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2005-06-29 1241088]
R3 avgntflt;avgntflt; \??\D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 CTL511Plus;Video Blaster WebCam 3/WebCam Plus (WDM); D:\WINDOWS\system32\DRIVERS\webc3vid.sys [2001-11-07 166504]
R3 GearAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; D:\WINDOWS\system32\DRIVERS\LHidFlt2.sys [2002-07-02 23854]
R3 LHidUsb;Logitech USB Receiver device driver; D:\WINDOWS\system32\drivers\LHidUsb.Sys [2002-07-02 40508]
R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; D:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys [2002-07-02 6030]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; D:\WINDOWS\system32\DRIVERS\LMouFlt2.sys [2002-07-02 70382]
R3 MarvinBus;Pinnacle Marvin Bus; D:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-06-21 78976]
R3 mouhid;Pilote HID de souris; D:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Pcouffin;VSO Software pcouffin; D:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-11-11 47360]
R3 PctvVirtualNdis;Pinnacle Virtual Miniport; D:\WINDOWS\system32\DRIVERS\PctvVirtualNdis.sys [2007-02-02 13696]
R3 Pfc;Padus ASPI Shell; D:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 Rasirda;Miniport réseau étendu (IrDA); D:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 tunmp;Pilote de carte miniport Tun Microsoft; D:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 ULI5261;ULi Based Ethernet NT Driver; D:\WINDOWS\System32\DRIVERS\ULILAN.SYS [2004-07-26 29696]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; D:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; D:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; D:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; D:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vmkbd;VMware kbd; \??\D:\WINDOWS\system32\drivers\VMkbd.sys []
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; D:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2007-08-21 16816]
R3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); D:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-05-04 402944]
R4 InCDfs;InCD File System; D:\WINDOWS\system32\drivers\InCDfs.sys [2004-03-24 99568]
S1 kbdhid;Pilote HID de clavier; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S2 CoachCap;Firstline FDC 2000 USB Video Capture V1.00; D:\WINDOWS\system32\drivers\CoachCap.sys [2002-03-03 93068]
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\D:\WINDOWS\System32\DRIVERS\ASPI32.sys []
S3 ATE_PROCMON;ATE_PROCMON; \??\D:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 basic2;basic2; D:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2003-04-24 67167]
S3 catchme;catchme; \??\D:\DOCUME~1\Jacques\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\D:\Program Files\HardwareDetection\driverhardwarev2.sys []
S3 ENTECH;ENTECH; \??\D:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); D:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
S3 hidgame;Activateur de port HID à manette de jeu Microsoft; D:\WINDOWS\system32\DRIVERS\hidgame.sys [2003-04-24 8576]
S3 hidusb;Pilote de classe HID Microsoft; D:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HSF_DP;HSF_DP; D:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
S3 hsf_msft;hsf_msft; D:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2003-04-24 542879]
S3 HSFHWBS2;HSFHWBS2; D:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
S3 IKFileSec;File Security Driver; D:\WINDOWS\system32\drivers\ikfilesec.sys [2008-06-02 42376]
S3 IKSysFlt;System Filter Driver; D:\WINDOWS\system32\drivers\iksysflt.sys [2008-06-02 66952]
S3 IKSysSec;System Security Driver; D:\WINDOWS\system32\drivers\iksyssec.sys [2008-06-10 81288]
S3 irsir;Pilote série infrarouge Microsoft; D:\WINDOWS\System32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 Ltn_stk7070P;PCTV based TV tuner device; D:\WINDOWS\system32\DRIVERS\Ltn_stk7070P.sys [2007-06-14 466048]
S3 Ltn_stkrc;PCTV Infrared Receiver; D:\WINDOWS\system32\DRIVERS\Ltn_stkrc.sys [2007-06-13 13440]
S3 MOinfo

Répondre à jpapiet

6

jlpjlp, le 30 nov 2008 à 10:44:00

Pour fusionner:

http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
_________________

telecharge combofix:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

__________________

Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

File::
D:\WINDOWS\tasks\yljihsyx.job
D:\WINDOWS\system32\fccdCSlI.dll
D:\WINDOWS\system32\jkkLBrrQ.dll
D:\Program Files\eoRezo\EoEngine.exe
D:\Program Files\Search Settings\SearchSettings.exe
D:\WINDOWS\system32\vijyyqcs.ini
D:\WINDOWS\system32\IlSCdccf.ini
D:\WINDOWS\system32\byXOighI.dll
D:\WINDOWS\system32\SpywareRemover.exe

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49F68B91-3571-4883-9CEA-181E40A6857E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54D14726-66BC-4235-87B3-1B4797E5B9B8}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareCleaner"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoNet]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoTraduction]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoWeather]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]

Enregistre ce fichier sous le nom CFscript (attention aux minuscules)

Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

Remets aussi un rapport Hijackthis

Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

Répondre à jlpjlp

7

jpapiet, le 30 nov 2008 à 13:59:30

ComboFix 08-11-29.03 - Jacques 2008-11-30 13:40:32.1 - [color=red][b]FAT32/b /colorx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.512 [GMT 1:00]
Lancé depuis: d:\documents and settings\Jacques\Bureau\ComboFix.exe
Commutateurs utilisés :: d:\documents and settings\Jacques\Bureau\CFscript.doc
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
d:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
d:\documents and settings\Jacques\Application Data\inst.exe
d:\documents and settings\Jacques\Local Settings\TempNER50C13CD5.EXE
d:\windows\sysdat.dll
d:\windows\system32\awowobes.ini
d:\windows\system32\byXOighI.dll
d:\windows\system32\idatonus.ini
d:\windows\system32\IlSCdccf.ini
d:\windows\system32\lukazuwi.dll
d:\windows\system32\peluloge.dll
d:\windows\system32\rabasasa.dll
d:\windows\system32\ranodenu.dll
d:\windows\system32\sebowowa.dll
d:\windows\system32\setup.ini
d:\windows\system32\sunotadi.dll
d:\windows\system32\taskmgr.com
d:\windows\system32\vijyyqcs.ini
d:\windows\system32\vohetufa.dll
d:\windows\Tasks\yljihsyx.job
d:\windows\winhelp.ini

----- BITS: Il y a peut-être des sites infectés -----

hxxp://childhe.com
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-28 au 2008-11-30 ))))))))))))))))))))))))))))))))))))
.

2008-11-29 18:22 . 2008-11-29 18:22 <REP> d-------- D:\rsit
2008-11-29 18:22 . 2008-11-29 18:22 <REP> d-------- d:\program files\trend micro
2008-11-26 10:58 . 2008-11-26 10:58 297,697 --a------ d:\windows\system32\SpywareRemover.exe
2008-11-24 23:37 . 2008-11-24 23:37 <REP> d-------- d:\program files\Photo DVD Maker Professional
2008-11-24 17:04 . 2008-11-24 17:04 <REP> d-------- d:\program files\7-Zip
2008-11-20 18:28 . 2008-11-20 18:28 <REP> d-------- d:\windows\system32\Adobe
2008-11-19 19:40 . 2008-11-19 19:40 <REP> d-------- d:\program files\Free Video Converter
2008-11-19 19:32 . 2008-11-19 19:32 <REP> d-------- d:\program files\Fichiers communs\DVDVideoSoft
2008-11-18 21:50 . 2008-03-05 15:56 3,786,760 --a------ d:\windows\system32\D3DX9_37.dll
2008-11-18 21:49 . 2008-11-18 21:49 <REP> d-------- d:\windows\Logs
2008-11-18 21:49 . 2007-04-24 16:30 60,273 --a------ d:\windows\system32\pthreadGC2.dll
2008-11-18 21:49 . 2008-03-04 12:33 7,680 --a------ d:\windows\system32\ff_vfw.dll
2008-11-18 21:49 . 2007-07-10 17:10 547 --a------ d:\windows\system32\ff_vfw.dll.manifest
2008-11-18 21:48 . 2008-11-18 21:48 <REP> d--h----- d:\documents and settings\All Users\Application Data\{727691AA-C0CE-4AB4-8D16-F6558DFF5408}
2008-11-18 21:40 . 2008-11-18 21:40 <REP> d-------- d:\program files\Utherverse Digital Inc
2008-11-18 10:30 . 2008-11-18 10:30 <REP> d-------- d:\documents and settings\Jacques\iWizz
2008-11-18 10:29 . 2008-11-18 10:29 <REP> d-------- d:\program files\iWizz
2008-11-18 10:29 . 2008-11-18 10:29 <REP> d-------- d:\documents and settings\Jacques\.bitrock
2008-11-17 10:26 . 2008-11-17 10:26 <REP> d-------- d:\documents and settings\Jacques\.VirtualBox
2008-11-17 10:19 . 2008-11-17 10:19 <REP> d-------- d:\program files\Sun
2008-11-17 10:19 . 2008-10-23 22:39 96,016 --a------ d:\windows\system32\drivers\VBoxDrv.sys
2008-11-17 10:19 . 2008-10-23 22:39 41,744 --a------ d:\windows\system32\drivers\VBoxUSBMon.sys
2008-11-15 19:54 . 2008-11-15 19:54 <REP> d-------- D:\MySlideshow
2008-11-15 18:14 . 2008-11-15 18:14 323,584 --a------ d:\windows\system32\swt-win32-3232.dll
2008-11-15 15:28 . 2007-05-23 18:28 5,627,904 --a------ d:\windows\system32\RLVirDev.ocx
2008-11-15 15:28 . 2006-05-16 11:58 73,728 --a------ d:\windows\system32\ISUSPM.cpl
2008-11-12 09:00 . 2008-09-04 18:16 1,106,944 --------- d:\windows\system32\dllcache\msxml3.dll
2008-11-12 09:00 . 2008-10-24 12:21 455,296 --------- d:\windows\system32\dllcache\mrxsmb.sys
2008-11-11 17:46 . 2008-11-11 17:46 <REP> d-------- D:\DVD-Slideshow
2008-11-11 00:21 . 2008-11-11 00:21 47,360 --a------ d:\documents and settings\Jacques\Application Data\pcouffin.sys
2008-11-11 00:20 . 2008-11-11 00:21 <REP> d-------- d:\documents and settings\Jacques\Application Data\Vso
2008-11-11 00:20 . 2004-05-04 11:53 1,645,320 --a------ d:\windows\gdiplus.dll
2008-11-11 00:20 . 2006-05-20 16:16 1,184,984 --a------ d:\windows\system32\wvc1dmod.dll
2008-11-11 00:20 . 2006-05-11 19:21 626,688 --a------ d:\windows\system32\vp7vfw.dll
2008-11-11 00:20 . 2006-09-29 12:24 217,127 --a------ d:\windows\system32\drv43260.dll
2008-11-11 00:20 . 2006-09-29 12:25 208,935 --a------ d:\windows\system32\drv33260.dll
2008-11-11 00:20 . 2006-09-29 12:26 176,165 --a------ d:\windows\system32\drv23260.dll
2008-11-11 00:20 . 2002-12-10 02:20 102,439 --a------ d:\windows\system32\sipr3260.dll
2008-11-11 00:20 . 2007-03-18 20:37 65,602 --a------ d:\windows\system32\cook3260.dll
2008-11-10 23:35 . 2008-11-10 23:35 <REP> d-------- d:\program files\EasyPhotoTools
2008-11-10 13:15 . 2008-11-10 13:15 <REP> d-------- d:\program files\Slideshow pro
2008-11-10 13:15 . 2008-11-10 13:15 <REP> d-------- d:\program files\mresreg
2008-11-10 11:04 . 2008-11-10 11:04 56 --ah----- d:\windows\system32\ezsidmv.dat
2008-11-10 11:03 . 2008-11-10 11:03 <REP> d-------- d:\program files\Fichiers communs\Skype
2008-11-07 19:49 . 2008-11-07 19:49 <REP> d-------- d:\documents and settings\Jacques\Application Data\Search Settings
2008-11-07 13:22 . 2008-11-07 13:22 <REP> d-------- d:\program files\Search Settings
2008-11-07 13:22 . 2008-11-07 13:22 <REP> d-------- d:\program files\Dealio
2008-11-07 13:21 . 2008-11-07 13:21 <REP> d-------- d:\program files\Free Easy Burner
2008-11-07 13:21 . 2008-11-07 13:21 <REP> d-------- d:\documents and settings\Jacques\Application Data\Dealio
2008-11-07 13:21 . 2006-11-18 11:38 200,704 --a------ d:\windows\system32\vbalExpBar6.ocx
2008-11-07 13:21 . 2003-04-18 15:29 44,544 --a------ d:\windows\system32\msxml4a.dll
2008-11-07 13:21 . 2003-01-26 12:41 40,960 --a------ d:\windows\system32\SSubTmr6.dll
2008-11-01 00:50 . 2008-11-01 00:50 <REP> d--hs---- D:\FOUND.010
2008-10-24 08:12 . 2008-10-15 18:35 337,408 --------- d:\windows\system32\dllcache\netapi32.dll
2008-10-20 00:32 . 2008-10-20 00:39 42 --a------ d:\windows\IniFile1.ini
2008-10-17 08:16 . 2008-10-17 08:16 <REP> d-------- d:\program files\Fichiers communs\xing shared
2008-10-16 23:25 . 2008-10-16 23:25 <REP> d-------- d:\program files\iTunes
2008-10-16 23:25 . 2008-10-16 23:25 <REP> d-------- d:\program files\iPod
2008-10-16 23:25 . 2008-10-16 23:25 <REP> d-------- d:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-16 23:14 . 2008-10-16 23:14 <REP> d-------- d:\program files\Bonjour
2008-10-15 08:10 . 2008-08-14 15:23 2,191,232 --------- d:\windows\system32\dllcache\ntoskrnl.exe
2008-10-15 08:10 . 2008-08-14 15:23 2,147,328 --------- d:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-15 08:10 . 2008-08-14 15:23 2,068,096 --------- d:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-15 08:10 . 2008-08-14 15:23 2,025,984 --------- d:\windows\system32\dllcache\ntkrpamp.exe
2008-10-15 08:10 . 2008-09-15 17:26 1,846,528 --------- d:\windows\system32\dllcache\win32k.sys
2008-10-15 08:10 . 2008-09-08 12:41 333,824 --------- d:\windows\system32\dllcache\srv.sys
2008-10-14 19:57 . 2008-10-14 19:57 <REP> d-------- d:\program files\FriendFinder
2008-10-11 00:25 . 2008-10-11 00:25 <REP> d-------- d:\program files\Micro Application
2008-10-01 17:42 . 2008-10-01 17:42 30,796 --ah----- d:\windows\system32\mlfcache.dat

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-28 23:29 44,944 ------w d:\windows\system32\drivers\pxhelp20.sys
2008-11-10 23:21 47,360 ----a-w d:\windows\system32\drivers\Pcouffin.sys
2008-10-27 09:04 70,992 ----a-w d:\windows\system32\XAPOFX1_2.dll
2008-10-27 09:04 514,384 ----a-w d:\windows\system32\XAudio2_3.dll
2008-10-27 09:04 235,856 ----a-w d:\windows\system32\xactengine3_3.dll
2008-10-27 09:04 23,376 ----a-w d:\windows\system32\X3DAudio1_5.dll
2008-10-24 11:21 455,296 ----a-w d:\windows\system32\drivers\mrxsmb.sys
2008-10-22 15:10 38,496 ----a-w d:\windows\system32\drivers\mbamswissarmy.sys
2008-10-22 15:10 15,504 ----a-w d:\windows\system32\drivers\mbam.sys
2008-10-17 07:15 499,712 ----a-w d:\windows\system32\msvcp71.dll
2008-10-15 22:43 599,570 ----a-w d:\windows\system32\x264vfw.dll
2008-10-10 03:52 452,440 ----a-w d:\windows\system32\d3dx10_40.dll
2008-10-10 03:52 4,379,984 ----a-w d:\windows\system32\D3DX9_40.dll
2008-10-10 03:52 2,036,576 ----a-w d:\windows\system32\D3DCompiler_40.dll
2008-10-03 18:12 6,066,176 ------w d:\windows\system32\dllcache\ieframe.dll
2008-09-30 15:43 1,286,152 ----a-w d:\windows\system32\msxml4.dll
2008-09-16 01:11 161,096 ----a-w d:\windows\system32\DivXCodecVersionChecker.exe
2008-09-15 16:26 1,846,528 ----a-w d:\windows\system32\win32k.sys
2008-09-10 01:15 1,307,648 ----a-w d:\windows\system32\msxml6.dll
2008-09-10 01:15 1,307,648 ------w d:\windows\system32\dllcache\msxml6.dll
2008-09-04 17:16 1,106,944 ----a-w d:\windows\system32\msxml3.dll
2008-08-29 09:18 87,336 ----a-w d:\windows\system32\dns-sd.exe
2008-08-29 08:53 61,440 ----a-w d:\windows\system32\dnssd.dll
2008-08-28 08:47 74,752 ----a-w d:\windows\system32\msw3prt.dll
2008-08-28 08:47 74,752 ------w d:\windows\system32\dllcache\msw3prt.dll
2008-08-28 08:47 105,472 ----a-w d:\windows\system32\win32spl.dll
2008-08-28 08:47 105,472 ------w d:\windows\system32\dllcache\win32spl.dll
2008-08-27 10:11 3,593,216 ----a-w d:\windows\system32\dllcache\mshtml.dll
2008-08-25 09:39 70,656 ------w d:\windows\system32\dllcache\ie4uinit.exe
2008-08-25 09:38 13,824 ------w d:\windows\system32\dllcache\ieudinit.exe
2008-08-23 06:56 635,848 ------w d:\windows\system32\dllcache\iexplore.exe
2008-08-23 06:54 161,792 ----a-w d:\windows\system32\dllcache\ieakui.dll
2008-08-14 14:23 2,191,232 ----a-w d:\windows\system32\ntoskrnl.exe
2008-08-14 14:23 2,068,096 ----a-w d:\windows\system32\ntkrnlpa.exe
2008-08-14 11:04 138,496 ------w d:\windows\system32\dllcache\afd.sys
2008-04-18 22:15 698 ----a-w d:\program files\cwviewer.ini
2008-04-18 22:15 520 ----a-w d:\program files\SurveyLens.ini
2008-04-18 22:15 0 ----a-w d:\program files\SL_jpapietCAM.ini
2008-04-07 23:12 32 ----a-w d:\documents and settings\All Users\Application Data\ezsid.dat
2007-01-04 10:54 119 ----a-w d:\program files\satsukidecodersettings.ini
2007-01-04 10:53 680 ----a-w d:\program files\mpc2.reg
2007-01-04 10:53 558 ----a-w d:\program files\mpc1.reg
2007-01-04 10:53 236 ----a-w d:\program files\mpc4.reg
2007-01-04 10:53 2,626 ----a-w d:\program files\mpc7.reg
2007-01-04 10:53 2,598 ----a-w d:\program files\mpc3.reg
2007-01-04 10:53 16,174 ----a-w d:\program files\mpc5.reg
2007-01-04 10:53 13,412 ----a-w d:\program files\mpc6.reg
2006-10-09 15:53 200,704 ----a-w d:\program files\Uninstall.exe
2006-10-09 15:53 1,200 ----a-w d:\program files\Uninstall.dat
2004-12-24 23:00 1,785,856 ----a-w d:\program files\cwviewer.exe
2004-11-28 23:00 1,171,456 ----a-w d:\program files\cwvs.exe
2004-02-28 23:00 79 ----a-w d:\program files\ttitrace.ini
1998-08-24 11:09 10,000 ----a-w d:\windows\inf\unregpn.exe
2007-05-14 08:43 10,646 --sha-w d:\windows\system32\KGyGaAvL.sys
2005-10-21 00:01 8 --sh--r d:\windows\system32\D5F73DD769.sys
2005-09-26 14:21 104 --sh--r d:\windows\system32\A95EF9BD22.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="d:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"RamBoostXp"="d:\program files\RamBoost XP\rambxpfr.exe" [2004-03-09 1542144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Vade Retro Outlook Express"="d:\progra~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2006-02-16 295936]
"avgnt"="d:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"SpywareCleaner"="d:\windows\system32\SpywareRemover.exe" [2008-11-26 297697]
"TkBellExe"="d:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-10-17 185872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="d:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="d:\windows\system32\tscupgrd.exe" [2004-08-19 44544]

d:\documents and settings\Jacques\Menu D‚marrer\Programmes\D‚marrage\
Club Internet.lnk - d:\program files\Club-Internet\Lanceur\lanceur.exe [2007-12-26 5484544]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 15:13 49152 d:\progra~1\FICHIE~1\stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.3iv0"= d:\progra~1\ACEMEG~1\SystemS\3ivx\3IVXVF~1.DLL
"vidc.3iv1"= d:\progra~1\ACEMEG~1\SystemS\3ivx\3IVXVF~1.DLL
"vidc.3iv2"= d:\progra~1\K-LITE~1\codecs\3IVXVF~1.DLL
"vidc.3ivd"= d:\progra~1\ACEMEG~1\SystemS\3ivx\3IVXVF~1.DLL
"vidc.div3"= DivXc32.dll
"vidc.div4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"vidc.vp31"= d:\progra~1\K-LITE~1\codecs\vp31vfw.dll
"VIDC.VDOM"= vdowave.drv
"VIDC.JPEG"= jpegCode.dll
"vidc.MJ2C"= M3JP2K32.dll
"msacm.dvacm"= d:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"VIDC.VP70"= d:\progra~1\K-LITE~1\codecs\vp7vfw.dll
"msacm.l3fhg"= d:\progra~1\K-LITE~1\codecs\l3codecp.acm
"VIDC.PIM1"= pclepim1.dll
"vidc.X264"= x264vfw.dll

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
backup=d:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Color Calibration.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Color Calibration.lnk
backup=d:\windows\pss\Color Calibration.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
backup=d:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=d:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
backup=d:\windows\pss\LE COMPAGNON CLUB.lnkCommon Startup
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MagicTune 3.6.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\MagicTune 3.6.lnk
backup=d:\windows\pss\MagicTune 3.6.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NaturalColorLoad.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\NaturalColorLoad.lnk
backup=d:\windows\pss\NaturalColorLoad.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=d:\windows\pss\Outil de mise à jour Google.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^Jacques^Menu Démarrer^Programmes^Démarrage^Datecracker.exe.lnk]
backup=d:\windows\pss\Datecracker.exe.lnkStartup

[HKLM\~\startupfolder\D:^Documents and Settings^Jacques^Menu Démarrer^Programmes^Démarrage^MS Office - Démarrage accéléré.lnk]
backup=d:\windows\pss\MS Office - Démarrage accéléré.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gafoh

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
d:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
d:\windows\system32\dumprep 0 -u [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\viva

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2005-06-23 20:33 57344 d:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-10-15 01:04 39792 d:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-10-01 12:57 111936 d:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiTrayTools]
--a------ 2007-05-22 11:04 521128 d:\program files\Ray Adams\ATI Tray Tools\atitray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreativeMixer]
--a------ 1999-11-18 06:01 20480 d:\program files\Creative\Audio2K\Program\Ctmix32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-14 04:34 15360 d:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
--a------ 2008-01-08 15:18 561152 d:\program files\eoRezo\EoEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2007-08-14 08:22 1838592 d:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
--a------ 2007-11-21 03:12 3297280 d:\program files\Google\Google Talk\googletalk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
--------- 2004-03-24 11:41 1294446 d:\program files\Ahead\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
--a------ 2008-07-16 09:16 1166216 d:\program files\Spyware Doctor\pctsTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV]
--a------ 2007-04-26 16:19 2908160 d:\program files\eoRezo\EoTraduction\ItsTV.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 18:57 289576 d:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2006-04-21 15:41 438359 d:\progra~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
--a------ 2004-08-13 17:41 86016 d:\program files\MSN Apps\Updater\[u]0/u1.03.0000.1005\fr\msnappau.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 d:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCLEPCI]
--a------ 2002-06-25 15:35 32768 d:\progra~1\Pinnacle\PPE\PPE.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a------ 2008-08-21 03:18 443968 d:\program files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
--a------ 2004-03-10 16:26 406016 d:\windows\system32\PSDrvCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 d:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RamBoostXp]
--a------ 2004-03-09 22:48 1542144 d:\program files\RamBoost XP\RAMBXPFR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-10-31 19:42 32768 d:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
--a------ 2008-06-12 16:57 991584 d:\program files\Search Settings\SearchSettings.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2007-06-13 08:16 528384 d:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
--------- 2008-09-16 12:16 1833296 d:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 04:27 144784 d:\program files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k]
--a------ 2005-10-07 16:42 139264 d:\program files\Multimedia Card Reader\shwicon2k.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-07-17 00:34 68856 d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-10-17 08:15 185872 d:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
--a------ 2008-09-26 15:50 206184 d:\program files\TomTom HOME 2\HOMERunner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent WiFi]
--------- 2006-05-23 19:24 897024 d:\club-internet\Wizard\Agent_wifi.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ub4TrayApp]
--a------ 2004-10-10 12:03 1381888 d:\program files\Astase\UltraBackup\4.0\bin\ubTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vaderetro Outlook]
--a------ 2006-07-22 11:59 44544 d:\progra~1\GOTOSO~1\VADERE~1\VrMoRegister.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
--a------ 2007-08-21 19:56 55856 d:\program files\VMware\VMware Player\hqtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-30 17:43 4670704 d:\program files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray2k]
--a------ 2001-11-01 00:52 57344 d:\windows\system32\MMTray2k.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2004-07-27 17:01 68096 d:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Messenger\\msmsgs.exe"=
"d:\\Program Files\\NetMeeting\\conf.exe"=
"d:\\Program Files\\Shareaza\\Shareaza.exe"=
"d:\\Program Files\\BitComet\\BitComet.exe"=
"d:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"=
"d:\\Program Files\\Ratajik Software\\StationRipper\\StationRipperConsole.exe"=
"d:\\Program Files\\Movie Collection\\MovieCollection.exe"=
"d:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"d:\\Sun\\AppServer\\lib\\appserv.exe"=
"e:\\jeux\\MotoGP2\\motogp2.exe"=
"d:\\WINDOWS\\System32\\dplaysvr.exe"=
"e:\\JEUX\\Microsoft Games\\Combat Flight Simulator\\COMBATFS.EXE"=
"d:\\Program Files\\eMule\\emule.exe"=
"e:\\JEUX\\Infogrames\\Grand Prix 4\\GP4.exe"=
"e:\\jeux\\Virtual Skipper 4 Demo\\Vsk4Demo.exe"=
"d:\\Program Files\\uTorrent\\utorrent.exe"=
"e:\\jeux\\skipper\\Vsk3Demo\\Vsk3Demo.exe"=
"e:\\jeux\\TrackMania Sunrise Extreme Demo\\TmSunriseExtremeDemo.exe"=
"d:\\Program Files\\Azureus\\Azureus.exe"=
"d:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\sandra.exe"=
"d:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\RpcSandraSrv.exe"=
"d:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\Win32\\RpcDataSrv.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Allocam Multi Visio\\allocam.exe"=
"d:\\PROGRA~1\\ALLOCA~1\\allocam.exe"=
"d:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"d:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"d:\\Program Files\\SecondLife\\SLVoice.exe"=
"d:\\Program Files\\Fichiers communs\\AOL\\Loader\\aolload.exe"=
"d:\\Program Files\\AIM6\\aim6.exe"=
"d:\\WINDOWS\\System32\\rtcshare.exe"=
"d:\\Program Files\\RedlightCenter\\RedLightCenter\\Redlightcenter.exe"=
"d:\\Program Files\\Joost\\xulrunner\\tvprunner.exe"=
"d:\\Program Files\\adslTV\\adsltv.exe"=
"d:\\Program Files\\Participatory Culture Foundation\\Miro\\Miro_Downloader.exe"=
"d:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"d:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\Program Files\\iTunes\\iTunes.exe"=
"d:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe"=
"d:\\Program Files\\Sun\\xVM VirtualBox\\vboxwebsrv.exe"=
"d:\\Program Files\\Sun\\xVM VirtualBox\\VirtualBox.exe"=
"d:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\WINDOWS\\Microsoft.NET\\Framework\\v3.0\\Windows Communication Foundation\\infocard.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9147:TCP"= 9147:TCP:BitComet 9147 TCP
"9147:UDP"= 9147:UDP:BitComet 9147 UDP
"6667:UDP"= 6667:UDP:TOTOCAM UDP
"6666:TCP"= 6666:TCP:TOTOCAM TCP
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R0 aliidex;aliidex;d:\windows\system32\drivers\aliidex.sys [2005-08-12 7040]
R0 aliperf;aliperf;d:\windows\system32\drivers\aliperf.sys [2005-08-12 7168]
R0 m5289;m5289;d:\windows\system32\DRIVERS\m5289.sys [2007-06-21 51840]
R0 pavboot;pavboot;d:\windows\system32\drivers\pavboot.sys [2008-07-18 28544]
R0 PQV2i;PQV2i;d:\windows\system32\drivers\PQV2i.sys [2003-06-03 123957]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);d:\windows\system32\drivers\sfsync03.sys [2005-12-06 35328]
R0 uliagpkx;ULi AGP Bus Filter Driver;d:\windows\system32\DRIVERS\agpkx.sys [2005-08-12 44928]
R1 atitray;atitray;\??\d:\program files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 18088]
R1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board;d:\windows\system32\drivers\DCxxMJPG.sys [2005-09-03 132940]
R1 PQIMount;PQIMount;d:\windows\system32\drivers\PQIMount.sys [2003-06-03 46900]
R1 VBoxDrv;VirtualBox Service;d:\windows\system32\DRIVERS\VBoxDrv.sys [2008-11-17 96016]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;d:\windows\system32\DRIVERS\VBoxUSBMon.sys [2008-11-17 41744]
R3 CTL511Plus;Video Blaster WebCam 3/WebCam Plus (WDM);d:\windows\system32\DRIVERS\webc3vid.sys [2007-07-20 166504]
R3 PctvVirtualNdis;Pinnacle Virtual Miniport;d:\windows\system32\DRIVERS\PctvVirtualNdis.sys [2008-04-12 13696]
R3 ULI5261;ULi Based Ethernet NT Driver;d:\windows\system32\DRIVERS\ULILAN.SYS [2005-08-12 29696]
S0 ElbyVCD;ElbyVCD;d:\windows\system32\DRIVERS\ElbyVCD.sys []
S2 CoachCap;Firstline FDC 2000 USB Video Capture V1.00;d:\windows\system32\drivers\CoachCap.sys [2002-03-03 93068]
S2 oaa4aeyyeruo;Canon BJ Memory Card Manager;d:\windows\system32\gamuj.exe []
S3 ASPI;Advanced SCSI Programming Interface Driver;\??\d:\windows\System32\DRIVERS\ASPI32.sys [2005-02-10 16512]
S3 ATE_PROCMON;ATE_PROCMON;\??\d:\program files\Anti Trojan Elite\ATEPMon.sys []
S3 CallerIP;Visualware CallerIP;d:\program files\CallerIP\cip-nt.exe [2005-12-09 21394]
S3 Ltn_stk7070P;PCTV based TV tuner device;d:\windows\system32\DRIVERS\Ltn_stk7070P.sys [2008-04-11 466048]
S3 Ltn_stkrc;PCTV Infrared Receiver;d:\windows\system32\DRIVERS\Ltn_stkrc.sys [2008-04-11 13440]
S3 Penet;PlaceEngine NDIS Protocol Driver;d:\windows\system32\DRIVERS\penet.sys [2007-10-23 21376]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);d:\windows\system32\DRIVERS\s125bus.sys [2008-05-26 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;d:\windows\system32\DRIVERS\s125mdfl.sys [2008-05-26 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;d:\windows\system32\DRIVERS\s125mdm.sys [2008-05-26 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);d:\windows\system32\DRIVERS\s125mgmt.sys [2008-05-26 100488]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;d:\windows\system32\DRIVERS\s125obex.sys [2008-05-26 98696]
S4 hpt3xx;hpt3xx; []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{02da6cf7-59f2-11d9-97a3-806d6172696f}]
\Shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aceb8c6f-cdbb-11dc-9a84-005056c00008}]
\Shell\AutoRun\command - G:\Begin.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc7a9db4-e5db-11db-84ee-00c0a8da3ecc}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d0c254ad-1ccf-11dd-9b08-005056c00008}]
\Shell\AutoRun\command - K:\InstallTomTomHOME.exe
.
Contenu du dossier 'Tâches planifiées'

2008-11-30 d:\windows\Tasks\MP Scheduled Scan.job
- d:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2008-11-13 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-11-28 d:\windows\Tasks\Maintenance en 1 clic.job
- d:\program files\TuneUp Utilities 2006\SystemOptimizer.exe []

2008-11-29 d:\windows\Tasks\User_Feed_Synchronization-{9E510C6E-0EDC-43C6-A4E1-3E43417E7DA0}.job
- d:\windows\system32\msfeedssync.exe [2006-10-17 11:58]

2008-11-21 d:\windows\Tasks\Norton Security Scan.job
- d:\program files\Norton Security Scan\Nss.exe [2007-09-18 23:42]
.
- - - - ORPHELINS SUPPRIMES - - - -

URLSearchHooks-{ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
BHO-{49F68B91-3571-4883-9CEA-181E40A6857E} - d:\windows\system32\fccdCSlI.dll
BHO-{54D14726-66BC-4235-87B3-1B4797E5B9B8} - d:\windows\system32\jkkLBrrQ.dll
BHO-{87ca771e-9fba-4c5c-9cee-d24d01aa5df0} - d:\windows\system32\peluloge.dll
Toolbar-{ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
WebBrowser-{ECDEE021-0D17-467F-A1FF-C7A115230949} - (no file)
MSConfigStartUp-Anti Trojan Elite - d:\program files\Anti Trojan Elite\TJEnder.exe
MSConfigStartUp-DownloadAccelerator - d:\program files\DAP\DAP.EXE
MSConfigStartUp-IMC - d:\program files\FriendFinder\FriendFinder Messenger 40\imc.exe
MSConfigStartUp-PMCLoader - d:\program files\Pinnacle\TVCenter Pro\PMCLoader.exe
MSConfigStartUp-RegistryBooster 2 d’Uniblue - d:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe
MSConfigStartUp-TE_RegProtect - d:\program files\Anti Trojan Elite\TERegPct.exe
MSConfigStartUp-Framework Windows - frmwrk32.exe

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-30 13:49:28
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(1632)
d:\windows\system32\Ati2evxx.dll
d:\progra~1\FICHIE~1\Stardock\mcpstub.dll
.
------------------------ Autres processus actifs ------------------------
.
d:\windows\SYSTEM32\ATI2EVXX.EXE
d:\program files\WINDOWS DEFENDER\MSMPENG.EXE
d:\program files\AHEAD\INCD\INCDSRV.EXE
d:\program files\FICHIERS COMMUNS\STARDOCK\SDMCP.EXE
d:\program files\LAVASOFT\AD-AWARE\AAWSERVICE.EXE
d:\windows\SYSTEM32\ATI2EVXX.EXE
d:\program files\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\SCHED.EXE
d:\program files\GOTO SOFTWARE\VADE RETRO\VADERETRO_OE.EXE
d:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
d:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
d:\program files\Bonjour\mDNSResponder.exe
d:\windows\system32\drivers\CDAC11BA.EXE
d:\windows\system32\CTSvcCDA.exe
d:\program files\EPSON\ESM2\eEBSVC.exe
d:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
d:\program files\UPHClean\uphclean.exe
d:\program files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
d:\program files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
d:\windows\system32\vmnat.exe
d:\windows\system32\vmnetdhcp.exe
d:\program files\VMware\VMware Player\vmware-authd.exe
.
**************************************************************************
.
Heure de fin: 2008-11-30 13:53:57 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-11-30 12:53:56

Avant-CF: 11 277 737 984 octets libres
Après-CF: 11,216,158,720 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[Boot Loader]
timeout=2
Default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[Operating Systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptOut
C:\="Microsoft Windows 98"

486 --- E O F --- 2008-11-28 16:16:18

rsit
Logfile of random's system information tool 1.04 (written by random/random)
Run by Jacques at 2008-11-30 13:57:46
Microsoft Windows XP Édition familiale Service Pack 3
System drive D: has 11 GB (29%) free of 38 GB
Total RAM: 1023 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:57:58, on 30/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Defender\MsMpEng.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Ahead\InCD\InCDsrv.exe
D:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\RamBoost XP\rambxpfr.exe
D:\Program Files\Club-Internet\Lanceur\lanceur.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\WINDOWS\system32\CTSvcCDA.exe
D:\Program Files\EPSON\ESM2\eEBSVC.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\UPHClean\uphclean.exe
D:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
D:\WINDOWS\system32\vmnat.exe
D:\WINDOWS\system32\vmnetdhcp.exe
D:\Program Files\VMware\VMware Player\vmware-authd.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\explorer.exe
D:\WINDOWS\system32\notepad.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Documents and Settings\Jacques\Bureau\infection\RSIT.exe
D:\Program Files\trend micro\Jacques.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - D:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - D:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpywareCleaner] D:\WINDOWS\system32\SpywareRemover.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RamBoostXp] D:\Program Files\RamBoost XP\rambxpfr.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "D:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Club Internet.lnk = D:\Program Files\Club-Internet\Lanceur\lanceur.exe
O8 - Extra context menu item: Compare Prices with &Dealio - D:\Documents and Settings\Jacques\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: Post Image to Blog - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: S'abonner avec l'agrégateur par défaut - D:\Documents and Settings\Jacques\Application Data\RssBandit\iecontext_subscribefeed.htm
O8 - Extra context menu item: Tag This Image - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - D:\PROGRA~1\ALLOCA~1\allocam.exe
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - D:\PROGRA~1\ALLOCA~1\allocam.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - D:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - D:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://surechat.com:9000/Java/cfs31229.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/...
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,84/mcinsctl.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB50} (Sony SNC-CS3 Image Viewer) - http://82.127.17.206/home/SonySncCs3View.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://camera1.mairie-brest.fr/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,21/mcgdmgr.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - D:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Visualware CallerIP (CallerIP) - Unknown owner - D:\Program Files\CallerIP\cip-nt.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - D:\Program Files\EPSON\ESM2\eEBSVC.exe
O23 - Service: GoogleDesktopManager - Google - D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - D:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Canon BJ Memory Card Manager (oaa4aeyyeruo) - Unknown owner - D:\WINDOWS\system32\gamuj.exe (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: V2i Protector - PowerQuest Corporation - D:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - D:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - D:\WINDOWS\system32\vmnat.exe
End of file - 15064 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\MP Scheduled Scan.job
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\Maintenance en 1 clic.job
D:\WINDOWS\tasks\User_Feed_Synchronization-{9E510C6E-0EDC-43C6-A4E1-3E43417E7DA0}.job
D:\WINDOWS\tasks\Norton Security Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-17 308832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
DealioBHO Class - D:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
ST - D:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-08 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [2006-10-26 440384]
{6932D140-ABC4-4073-A44C-D4A541665E35} - ImageShack Toolbar - D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll [2008-01-29 626688]
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Vade Retro Outlook Express"=D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe [2006-02-16 295936]
"avgnt"=D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"QuickTime Task"=D:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SpywareCleaner"=D:\WINDOWS\system32\SpywareRemover.exe [2008-11-26 297697]
"TkBellExe"=D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-10-17 185872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RamBoostXp"=D:\Program Files\RamBoost XP\rambxpfr.exe [2004-03-09 1542144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-10-01 111936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiTrayTools]
D:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe [2007-05-22 521128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreativeMixer]
D:\Program Files\Creative\Audio2K\PROGRAM\CTMIX32.EXE [1999-11-18 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
D:\Program Files\eoRezo\EoEngine.exe [2008-01-08 561152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-08-14 1838592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
D:\Program Files\Google\Google Talk\googletalk.exe [2007-11-21 3297280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
D:\Program Files\Ahead\InCD\InCD.exe [2004-03-24 1294446]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
D:\Program Files\Spyware Doctor\pctsTray.exe [2008-07-16 1166216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV]
D:\Program Files\eoRezo\EoTraduction\ItsTV.exe [2007-04-26 2908160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
D:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray2k]
D:\WINDOWS\system32\MMTray2k.exe [2001-11-01 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
D:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe [2006-04-21 438359]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
D:\Program Files\MSN Apps\Updater\01.03.0000.1005\fr\msnappau.exe [2004-08-13 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
D:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCLEPCI]
D:\PROGRA~1\PINNACLE\PPE\ppe.exe [2002-06-25 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
D:\Program Files\Picasa2\PicasaMediaDetector.exe [2008-08-21 443968]

[HKEY_LOCAL_MACHINE\software\microsoft

Répondre à jpapiet

8

jlpjlp, le 30 nov 2008 à 14:03:54

Analyse ceci sur virus total et colle le rapport: http://www.virustotal.com/fr/

d:\windows\system32\SpywareRemover.exe

______________

Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

/!\ Déconnectes toi et fermes toutes applications en cours

● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Répondre à jlpjlp

9

jpapiet, le 1 déc 2008 à 10:22:35

Salut
je maitrise mal la messagerie je voudrais simplement savoir si tu as recu les 2 derniers rapports virus total et ad-report le premier me parais bizard

Fichier SpywareRemover.exe reçu le 2008.11.29 18:09:27 (CET)
Situation actuelle: terminé

Résultat: 2/37 (5.41%)
Formaté
Impression des résultats <javascript:window.print()>
AntivirusVersionDernière mise à jourRésultatAhnLab-V32008.11.28.22008.11.29-AntiVir7.9.0.362008.11.28-Authentium5.1.0.42008.11.28-Avast4.8.1281.02008.11.28-AVG8.0.0.1992008.11.29-BitDefender7.22008.11.29-CAT-QuickHeal10.002008.11.29-ClamAV0.94.12008.11.29-DrWeb4.44.0.091702008.11.29-eSafe7.0.17.02008.11.27Suspicious FileeTrust-Vet31.6.62342008.11.28-Ewido4.02008.11.29-F-Prot4.4.4.562008.11.28-F-Secure8.0.14332.02008.11.29-Fortinet3.117.0.02008.11.29-GData192008.11.29-IkarusT3.1.1.45.02008.11.29-K7AntiVirus7.10.5382008.11.29Trojan.Win32.Malware.1Kaspersky7.0.0.1252008.11.29-McAfee54482008.11.28-McAfee+Artemis54482008.11.28-Microsoft1.41042008.11.29-NOD3236502008.11.28-Norman5.80.022008.11.28-Panda9.0.0.42008.11.29-PCTools4.4.2.02008.11.29-Prevx1V22008.11.29-Rising21.05.52.002008.11.29-SecureWeb-Gateway6.7.62008.11.28-Sophos4.36.02008.11.29-Sunbelt3.1.1832.22008.11.27-Symantec102008.11.29-TheHacker6.3.1.1.1662008.11.28-TrendMicro8.700.0.10042008.11.28-VBA323.12.8.92008.11.28-ViRobot2008.11.29.14922008.11.29-VirusBuster4.5.11.02008.11.29-
Information additionnelleFile size: 297697 bytesMD5...: 5b85194433538c0141788c157faef284SHA1..: cabb14e0feeda359766b62aec7eb40ad78097a4eSHA256: ab1cba446e7a8b716e5a09329c0bc66e437b3a04667fab9d2206f3f038b05242SHA512: 112fb4f09a2e2c0594a41b625f1625c7439949b4c4e5cdc250d7d35fee8eec59 c676f701882dc5ea0308668b5dc868ab9598bb13958a4390917ebc6afa5d57dd ssdeep: 6144:PknN4CVUIm6uk06ZLYgvBA+8xmrxgmA+3cclptVopAWm8mZbHQqpFm6pG:8 nNhuBoY8SorxgmA+nlvVlcmZb+r PEiD..: -TrID..: File type identification UPX compressed Win32 Executable (39.5%) Win32 EXE Yoda's Crypter (34.3%) Win32 Executable Generic (11.0%) Win32 Dynamic Link Library (generic) (9.8%) Generic Win/DOS Executable (2.5%)PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x499ca0 timedatestamp.....: 0x4850e379 (Thu Jun 12 08:51:05 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 UPX0 0x1000 0x61000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e UPX1 0x62000 0x38000 0x38000 7.93 429538adf33595d4ba93cc74210654de .rsrc 0x9a000 0x8000 0x7600 5.86 31a9f2914a1f6eaa22e4f831425a230c ( 13 imports ) > KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess > ADVAPI32.dll: RegCloseKey > COMCTL32.dll: ImageList_Create > comdlg32.dll: GetSaveFileNameW > GDI32.dll: LineTo > MPR.dll: WNetUseConnectionW > ole32.dll: CoInitialize > OLEAUT32.dll: - > SHELL32.dll: DragFinish > USER32.dll: GetDC > VERSION.dll: VerQueryValueW > WINMM.dll: timeGetTime > WSOCK32.dll: - ( 0 exports ) packers (Kaspersky): PE_Patch.UPX, UPXpackers (F-Prot): UPX

et voici ad-report

F --------- Logfile of AD-Remover 1.0.5.4 by C_XX ---------

# OPTION: Scan

START at: 14:35:53 | 30/11/2008
ON: Microsoft Windows XP [version 5.1.2600] ( Windows XP )
Internet Explorer: [7.0.5730.11]
EXECUTED FROM: D:\Program Files\Ad-remover\AD-Remover.bat
USER: Jacques ( Current user is an administrator )
PC: JACQUES-K9YXQVT
BOOT MODE: Normal
DRIVE(S): A:\
-
Systemdrive: D:\ (FAT32)

--------- [ RUNNING PROCESSES ] ---------

\SystemRoot\System32\smss.exe
\??\D:\WINDOWS\system32\csrss.exe
\??\D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Defender\MsMpEng.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Ahead\InCD\InCDsrv.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\RamBoost XP\rambxpfr.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\WINDOWS\system32\CTSvcCDA.exe
D:\Program Files\EPSON\ESM2\eEBSVC.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\UPHClean\uphclean.exe
D:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
D:\WINDOWS\system32\vmnat.exe
D:\WINDOWS\system32\vmnetdhcp.exe
D:\Program Files\VMware\VMware Player\vmware-authd.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Messenger\msmsgs.exe

---------------------------- [~> 41]

+---------------------------------------------------------------------------+
+------------------------------- SERVICES FOUND ..
+---------------------------------------------------------------------------+

+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS FOUND ..
+---------------------------------------------------------------------------+

"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}"
"HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EoEngine"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EoWeather_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EoTraduction_is1"

+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS FOUND ..
+---------------------------------------------------------------------------+

[29/08/2006 19:55|d--------] D:\Program Files\BoontyGames
[18/01/2006 13:12|d--------] D:\Program Files\EoRezo
[18/01/2006 13:12|d--------] D:\Documents and Settings\Jacques\Application Data\EoRezo

+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+

+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

...\8ud9b8it.default\prefs.js :

~~~~ Mozilla FireFox version 3.0.4 ~~~~

Start Page : "http://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"

+----------+

+---------------------------------------------------------------------------+

+--[HKEY_CURRENT_USER\...\Run]

ctfmon.exe REG_SZ D:\WINDOWS\system32\ctfmon.exe
RamBoostXp REG_SZ D:\Program Files\RamBoost XP\rambxpfr.exe

+--[HKEY_LOCAL_MACHINE\...\Run]

Vade Retro Outlook Express REG_SZ "D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
avgnt REG_SZ "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
QuickTime Task REG_SZ "D:\Program Files\QuickTime\qttask.exe" -atboottime
SpywareCleaner REG_SZ D:\WINDOWS\system32\SpywareRemover.exe
TkBellExe REG_SZ "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

+--[HKEY_USERS\.DEFAULT\...\Run]

CTFMON.EXE REG_SZ D:\WINDOWS\System32\CTFMON.EXE
DWQueuedReporting REG_SZ "D:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t

+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]

Start Page : hxxp://www.club-internet.fr

+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 119 lines ]
+---------------------------------------------------------------------------+

[ END at: 14:36:42 | 30/11/2008 ] - [ Time elapsed: 48.9 seconds ]
merci

Répondre à jpapiet

10

jlpjlp, le 1 déc 2008 à 10:26:16

Ok relance AD REMOVER choisi l'option B et coche BOONTY et EoREZO

et nettoie et colle nous le rapport

puis

télécharge OTMoveIt
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.

double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.
(attention bien mettre :files)

:files
d:\windows\system32\SpywareRemover.exe

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

______________________

remets ensuite un rapport hijakchits et colle un rapport ANTIVIR et dis tes soucis

Répondre à jlpjlp

11

jpapiet, le 1 déc 2008 à 10:39:30

F --------- Logfile of AD-Remover 1.0.5.4 by C_XX ---------

# OPTION: Clean

START at: 10:35:17 | 01/12/2008
ON: Microsoft Windows XP [version 5.1.2600] ( Windows XP )
Internet Explorer: [7.0.5730.11]

*** Limited to ***

Boonty/BoontyGames
Eorezo

******************

EXECUTED FROM: D:\Program Files\Ad-remover\AD-Remover.bat
USER: Jacques ( Current user is an administrator )
PC: JACQUES-K9YXQVT
BOOT MODE: Normal
DRIVE(S): A:\
-
Systemdrive: D:\ (FAT32)

--------- [ RUNNING PROCESSES ] ---------

\SystemRoot\System32\smss.exe
\??\D:\WINDOWS\system32\csrss.exe
\??\D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Defender\MsMpEng.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Ahead\InCD\InCDsrv.exe
D:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\RamBoost XP\rambxpfr.exe
D:\Program Files\Club-Internet\Lanceur\lanceur.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\WINDOWS\system32\CTSvcCDA.exe
D:\Program Files\EPSON\ESM2\eEBSVC.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\UPHClean\uphclean.exe
D:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
D:\WINDOWS\system32\vmnat.exe
D:\WINDOWS\system32\vmnetdhcp.exe
D:\Program Files\VMware\VMware Player\vmware-authd.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
D:\Program Files\Outlook Express\msimn.exe
D:\Program Files\Messenger\msmsgs.exe

---------------------------- [~> 45]

(!) ---- IE start pages reset

+---------------------------------------------------------------------------+
+------------------------------- SERVICES DELETED ..
+---------------------------------------------------------------------------+

+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS DELETED ..
+---------------------------------------------------------------------------+

"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}"
"HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EoEngine"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EoWeather_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EoTraduction_is1"

+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS DELETED ..
+---------------------------------------------------------------------------+

[29/08/2006 19:55|d--------] D:\Program Files\BoontyGames
[18/01/2006 13:12|d--------] D:\Program Files\EoRezo
[18/01/2006 13:12|d--------] D:\Documents and Settings\Jacques\Application Data\EoRezo

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.

+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+

+--[HKEY_CURRENT_USER\...\Run]

ctfmon.exe REG_SZ D:\WINDOWS\system32\ctfmon.exe
RamBoostXp REG_SZ D:\Program Files\RamBoost XP\rambxpfr.exe

+--[HKEY_LOCAL_MACHINE\...\Run]

Vade Retro Outlook Express REG_SZ "D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
avgnt REG_SZ "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
QuickTime Task REG_SZ "D:\Program Files\QuickTime\qttask.exe" -atboottime
SpywareCleaner REG_SZ D:\WINDOWS\system32\SpywareRemover.exe
TkBellExe REG_SZ "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

+--[HKEY_USERS\.DEFAULT\...\Run]

CTFMON.EXE REG_SZ D:\WINDOWS\System32\CTFMON.EXE
DWQueuedReporting REG_SZ "D:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t

+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 123 lines ]
+---------------------------------------------------------------------------+

[ END at: 10:37:59 | 01/12/2008 ] - [ Time elapsed: 2 minutes, 41 seconds ]

Répondre à jpapiet

13

jpapiet, le 1 déc 2008 à 10:51:18

========== FILES ==========
d:\windows\system32\SpywareRemover.exe moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 12012008_104353
Logfile of random's system information tool 1.04 (written by random/random)
Run by Jacques at 2008-12-01 10:50:33
Microsoft Windows XP Édition familiale Service Pack 3
System drive D: has 11 GB (28%) free of 38 GB
Total RAM: 1023 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:50:43, on 01/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Defender\MsMpEng.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Ahead\InCD\InCDsrv.exe
D:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\RamBoost XP\rambxpfr.exe
D:\Program Files\Club-Internet\Lanceur\lanceur.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\WINDOWS\system32\CTSvcCDA.exe
D:\Program Files\EPSON\ESM2\eEBSVC.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\UPHClean\uphclean.exe
D:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
D:\WINDOWS\system32\vmnat.exe
D:\WINDOWS\system32\vmnetdhcp.exe
D:\Program Files\VMware\VMware Player\vmware-authd.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
D:\Program Files\Outlook Express\msimn.exe
D:\Program Files\Messenger\msmsgs.exe
D:\WINDOWS\explorer.exe
D:\WINDOWS\system32\notepad.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Documents and Settings\Jacques\Bureau\infection\RSIT.exe
D:\Program Files\trend micro\Jacques.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - D:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - D:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpywareCleaner] D:\WINDOWS\system32\SpywareRemover.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RamBoostXp] D:\Program Files\RamBoost XP\rambxpfr.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "D:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Club Internet.lnk = D:\Program Files\Club-Internet\Lanceur\lanceur.exe
O8 - Extra context menu item: Compare Prices with &Dealio - D:\Documents and Settings\Jacques\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: Post Image to Blog - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: S'abonner avec l'agrégateur par défaut - D:\Documents and Settings\Jacques\Application Data\RssBandit\iecontext_subscribefeed.htm
O8 - Extra context menu item: Tag This Image - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - D:\PROGRA~1\ALLOCA~1\allocam.exe
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - D:\PROGRA~1\ALLOCA~1\allocam.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - D:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - D:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://surechat.com:9000/Java/cfs31229.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/...
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,84/mcinsctl.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB50} (Sony SNC-CS3 Image Viewer) - http://82.127.17.206/home/SonySncCs3View.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://camera1.mairie-brest.fr/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,21/mcgdmgr.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - D:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Visualware CallerIP (CallerIP) - Unknown owner - D:\Program Files\CallerIP\cip-nt.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - D:\Program Files\EPSON\ESM2\eEBSVC.exe
O23 - Service: GoogleDesktopManager - Google - D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - D:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Canon BJ Memory Card Manager (oaa4aeyyeruo) - Unknown owner - D:\WINDOWS\system32\gamuj.exe (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: V2i Protector - PowerQuest Corporation - D:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - D:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - D:\WINDOWS\system32\vmnat.exe
End of file - 15225 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\MP Scheduled Scan.job
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\Maintenance en 1 clic.job
D:\WINDOWS\tasks\User_Feed_Synchronization-{9E510C6E-0EDC-43C6-A4E1-3E43417E7DA0}.job
D:\WINDOWS\tasks\Norton Security Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-17 308832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
DealioBHO Class - D:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
ST - D:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-08 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [2006-10-26 440384]
{6932D140-ABC4-4073-A44C-D4A541665E35} - ImageShack Toolbar - D:\Program Files\ImageShackToolbar\ImageShackToolbar.dll [2008-01-29 626688]
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Vade Retro Outlook Express"=D:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe [2006-02-16 295936]
"avgnt"=D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"QuickTime Task"=D:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SpywareCleaner"=D:\WINDOWS\system32\SpywareRemover.exe []
"TkBellExe"=D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-10-17 185872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RamBoostXp"=D:\Program Files\RamBoost XP\rambxpfr.exe [2004-03-09 1542144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-10-01 111936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiTrayTools]
D:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe [2007-05-22 521128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreativeMixer]
D:\Program Files\Creative\Audio2K\PROGRAM\CTMIX32.EXE [1999-11-18 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-08-14 1838592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
D:\Program Files\Google\Google Talk\googletalk.exe [2007-11-21 3297280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
D:\Program Files\Ahead\InCD\InCD.exe [2004-03-24 1294446]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
D:\Program Files\Spyware Doctor\pctsTray.exe [2008-07-16 1166216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV]
D:\Program Files\eoRezo\EoTraduction\ItsTV.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
D:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray2k]
D:\WINDOWS\system32\MMTray2k.exe [2001-11-01 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
D:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe [2006-04-21 438359]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
D:\Program Files\MSN Apps\Updater\01.03.0000.1005\fr\msnappau.exe [2004-08-13 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
D:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCLEPCI]
D:\PROGRA~1\PINNACLE\PPE\ppe.exe [2002-06-25 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
D:\Program Files\Picasa2\PicasaMediaDetector.exe [2008-08-21 443968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
D:\WINDOWS\system32\PSDrvCheck.exe [2004-03-10 406016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RamBoostXp]
D:\Program Files\RamBoost XP\rambxpfr.exe [2004-03-09 1542144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
D:\Program Files\Search Settings\SearchSettings.exe [2008-06-12 991584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
D:\WINDOWS\SOUNDMAN.EXE [2004-07-27 68096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k]
D:\Program Files\Multimedia Card Reader\shwicon2k.exe [2005-10-07 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-17 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-10-17 185872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
D:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-09-26 206184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent WiFi]
D:\Club-Internet\Wizard\Agent_wifi.exe [2006-05-23 897024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ub4TrayApp]
D:\Program Files\Astase\UltraBackup\4.0\bin\ubtray.exe [2004-10-10 1381888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
D:\WINDOWS\system32\dumprep 0 -u []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vaderetro Outlook]
D:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe [2006-07-22 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
D:\Program Files\VMware\VMware Player\hqtray.exe [2007-08-21 55856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-30 4670704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
D:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Color Calibration.lnk]
D:\PROGRA~1\SEC\MAGICT~1.6\GAMMAT~1.EXE [2004-07-03 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
D:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2005-06-22 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
D:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
D:\PROGRA~1\CLUB-I~1\LECOMP~1\bin\matcli.exe [2005-06-03 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MagicTune 3.6.lnk]
D:\PROGRA~1\SEC\MAGICT~1.6\MAGICT~2.EXE [2004-12-30 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NaturalColorLoad.lnk]
D:\PROGRA~1\SEC\NATURA~1\NATURA~1.EXE [2002-04-12 155715]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
D:\PROGRA~1\Google\GOEAD5~1\GOOGLE~1.EXE [2008-10-08 161264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Jacques^Menu Démarrer^Programmes^Démarrage^Datecracker.exe.lnk]
E:\DICTIO~1\Vidal\DATECR~1\DATECR~1.EXE [2002-09-11 19968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Jacques^Menu Démarrer^Programmes^Démarrage^MS Office - Démarrage accéléré.lnk]
D:\Office\FASTBOOT.EXE [1996-03-08 14848]

D:\Documents and Settings\Jacques\Menu Démarrer\Programmes\Démarrage
Club Internet.lnk - D:\Program Files\Club-Internet\Lanceur\lanceur.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2005-06-29 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MCPClient]
D:\PROGRA~1\FICHIE~1\Stardock\mcpstub.dll [2005-01-31 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=D:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Messenger\msmsgs.exe"="D:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Program Files\NetMeeting\conf.exe"="D:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"D:\Program Files\Shareaza\Shareaza.exe"="D:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza Ultimate File Sharing"
"D:\Program Files\BitComet\BitComet.exe"="D:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"D:\Program Files\InterVideo\DVD7\WinDVD.exe"="D:\Program Files\InterVideo\DVD7\WinDVD.exe:*:Enabled:WinDVD"
"D:\Program Files\Ratajik Software\StationRipper\StationRipperConsole.exe"="D:\Program Files\Ratajik Software\StationRipper\StationRipperConsole.exe:*:Enabled:StationRipperConsole"
"D:\Program Files\Movie Collection\MovieCollection.exe"="D:\Program Files\Movie Collection\MovieCollection.exe:*:Enabled:Movie Collection 2005"
"D:\Program Files\Windows Media Player\wmplayer.exe"="D:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Lecteur Windows Media"
"D:\Sun\AppServer\lib\appserv.exe"="D:\Sun\AppServer\lib\appserv.exe:*:Enabled:appserv"
"E:\jeux\MotoGP2\motogp2.exe"="E:\jeux\MotoGP2\motogp2.exe:*:Enabled:motogp2"
"D:\WINDOWS\System32\dplaysvr.exe"="D:\WINDOWS\System32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"E:\JEUX\Microsoft Games\Combat Flight Simulator\COMBATFS.EXE"="E:\JEUX\Microsoft Games\Combat Flight Simulator\COMBATFS.EXE:*:Enabled:Module Combat Simulator"
"D:\Program Files\eMule\emule.exe"="D:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"E:\JEUX\Infogrames\Grand Prix 4\GP4.exe"="E:\JEUX\Infogrames\Grand Prix 4\GP4.exe:*:Enabled:GP4"
"E:\jeux\Virtual Skipper 4 Demo\Vsk4Demo.exe"="E:\jeux\Virtual Skipper 4 Demo\Vsk4Demo.exe:*:Enabled:Vsk4Demo"
"D:\Program Files\uTorrent\utorrent.exe"="D:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"E:\jeux\skipper\Vsk3Demo\Vsk3Demo.exe"="E:\jeux\skipper\Vsk3Demo\Vsk3Demo.exe:*:Enabled:Vsk3Demo"
"E:\jeux\TrackMania Sunrise Extreme Demo\TmSunriseExtremeDemo.exe"="E:\jeux\TrackMania Sunrise Extreme Demo\TmSunriseExtremeDemo.exe:*:Enabled:TmSunriseExtremeDemo"
"D:\Program Files\Azureus\Azureus.exe"="D:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\sandra.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\sandra.exe:*:Enabled:SiSoftware Sandra Lite"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Allocam Multi Visio\allocam.exe"="D:\Program Files\Allocam Multi Visio\allocam.exe:*:Enabled:Multi Video"
"D:\PROGRA~1\ALLOCA~1\allocam.exe"="D:\PROGRA~1\ALLOCA~1\allocam.exe:*:Enabled:Multi Video"
"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"D:\Program Files\Yahoo!\Messenger\YServer.exe"="D:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"D:\Program Files\SecondLife\SLVoice.exe"="D:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
"D:\Program Files\Fichiers communs\AOL\Loader\aolload.exe"="D:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"D:\Program Files\AIM6\aim6.exe"="D:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"D:\WINDOWS\System32\rtcshare.exe"="D:\WINDOWS\System32\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"D:\Program Files\RedlightCenter\RedLightCenter\Redlightcenter.exe"="D:\Program Files\RedlightCenter\RedLightCenter\Redlightcenter.exe:*:Enabled:Redlightcenter"
"D:\Program Files\Joost\xulrunner\tvprunner.exe"="D:\Program Files\Joost\xulrunner\tvprunner.exe:*:Enabled:tvprunner"
"D:\Program Files\adslTV\adsltv.exe"="D:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"D:\Program Files\Participatory Culture Foundation\Miro\Miro_Downloader.exe"="D:\Program Files\Participatory Culture Foundation\Miro\Miro_Downloader.exe:*:Enabled:Miro_Downloader"
"D:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="D:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe"="D:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe:*:Enabled:CrazyTalk"
"D:\Program Files\Sun\xVM VirtualBox\vboxwebsrv.exe"="D:\Program Files\Sun\xVM VirtualBox\vboxwebsrv.exe:*:Enabled:vboxwebsrv"
"D:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe"="D:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe:*:Enabled:VirtualBox"
"D:\Program Files\Google\Google Talk\googletalk.exe"="D:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"="D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe:*:Enabled:infocard"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\sandra.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\sandra.exe:*:Enabled:SiSoftware Sandra Lite"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe"="D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{02da6cf7-59f2-11d9-97a3-806d6172696f}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aceb8c6f-cdbb-11dc-9a84-005056c00008}]
shell\AutoRun\command - G:\Begin.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc7a9db4-e5db-11db-84ee-00c0a8da3ecc}]
shell\AutoRun\command - G:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d0c254ad-1ccf-11dd-9b08-005056c00008}]
shell\AutoRun\command - K:\InstallTomTomHOME.exe

======List of files/folders created in the last 1 months======

2008-12-01 10:43:53 ----D---- D:\_OTMoveIt
2008-11-30 14:35:24 ----D---- D:\Program Files\Ad-remover
2008-11-30 13:53:58 ----A---- D:\ComboFix.txt
2008-11-30 13:37:00 ----A---- D:\WINDOWS\zip.exe
2008-11-30 13:37:00 ----A---- D:\WINDOWS\VFIND.exe
2008-11-30 13:37:00 ----A---- D:\WINDOWS\SWXCACLS.exe
2008-11-30 13:37:00 ----A---- D:\WINDOWS\SWSC.exe
2008-11-30 13:37:00 ----A---- D:\WINDOWS\SWREG.exe
2008-11-30 13:37:00 ----A---- D:\WINDOWS\sed.exe
2008-11-30 13:37:00 ----A---- D:\WINDOWS\NIRCMD.exe
2008-11-30 13:37:00 ----A---- D:\WINDOWS\grep.exe
2008-11-30 13:37:00 ----A---- D:\WINDOWS\fdsv.exe
2008-11-30 13:36:53 ----D---- D:\WINDOWS\ERDNT
2008-11-30 13:36:53 ----D---- D:\Qoobox
2008-11-29 18:22:42 ----D---- D:\Program Files\trend micro
2008-11-29 18:22:41 ----D---- D:\rsit
2008-11-24 23:37:50 ----D---- D:\Program Files\Photo DVD Maker Professional
2008-11-24 17:04:00 ----D---- D:\Program Files\7-Zip
2008-11-20 18:28:06 ----D---- D:\WINDOWS\system32\Adobe
2008-11-19 19:40:39 ----D---- D:\Program Files\Free Video Converter
2008-11-19 19:32:56 ----D---- D:\Program Files\Fichiers communs\DVDVideoSoft
2008-11-18 21:51:09 ----A---- D:\WINDOWS\system32\D3DX9_40.dll
2008-11-18 21:51:09 ----A---- D:\WINDOWS\system32\d3dx10_40.dll
2008-11-18 21:51:09 ----A---- D:\WINDOWS\system32\D3DCompiler_40.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\XAudio2_3.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\XAudio2_2.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\XAPOFX1_2.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\XAPOFX1_1.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\xactengine3_3.dll
2008-11-18 21:51:08 ----A---- D:\WINDOWS\system32\X3DAudio1_5.dll
2008-11-18 21:51:07 ----A---- D:\WINDOWS\system32\xactengine3_2.dll
2008-11-18 21:51:07 ----A---- D:\WINDOWS\system32\D3DX9_39.dll
2008-11-18 21:51:07 ----A---- D:\WINDOWS\system32\d3dx10_39.dll
2008-11-18 21:51:07 ----A---- D:\WINDOWS\system32\D3DCompiler_39.dll
2008-11-18 21:51:06 ----A---- D:\WINDOWS\system32\XAudio2_1.dll
2008-11-18 21:51:06 ----A---- D:\WINDOWS\system32\XAPOFX1_0.dll
2008-11-18 21:51:05 ----A---- D:\WINDOWS\system32\xactengine3_1.dll
2008-11-18 21:51:05 ----A---- D:\WINDOWS\system32\X3DAudio1_4.dll
2008-11-18 21:51:05 ----A---- D:\WINDOWS\system32\d3dx10_38.dll
2008-11-18 21:51:05 ----A---- D:\WINDOWS\system32\D3DCompiler_38.dll
2008-11-18 21:51:04 ----A---- D:\WINDOWS\system32\XAudio2_0.dll
2008-11-18 21:51:04 ----A---- D:\WINDOWS\system32\xactengine3_0.dll
2008-11-18 21:51:04 ----A---- D:\WINDOWS\system32\X3DAudio1_3.dll
2008-11-18 21:51:04 ----A---- D:\WINDOWS\system32\D3DX9_38.dll
2008-11-18 21:51:02 ----A---- D:\WINDOWS\system32\d3dx10_37.dll
2008-11-18 21:51:02 ----A---- D:\WINDOWS\system32\D3DCompiler_37.dll
2008-11-18 21:50:54 ----A---- D:\WINDOWS\system32\D3DX9_37.dll
2008-11-18 21:49:34 ----D---- D:\WINDOWS\Logs
2008-11-18 21:49:04 ----A---- D:\WINDOWS\system32\ff_vfw.dll.manifest
2008-11-18 21:49:02 ----A---- D:\WINDOWS\system32\ff_vfw.dll
2008-11-18 21:49:01 ----A---- D:\WINDOWS\system32\pthreadGC2.dll
2008-11-18 21:48:50 ----HD---- D:\Documents and Settings\All Users\Application Data\{727691AA-C0CE-4AB4-8D16-F6558DFF5408}
2008-11-18 21:40:20 ----D---- D:\Program Files\Utherverse Digital Inc
2008-11-18 10:29:46 ----D---- D:\Program Files\iWizz
2008-11-17 10:19:43 ----D---- D:\Program Files\Sun
2008-11-15 19:54:14 ----D---- D:\MySlideshow
2008-11-15 18:14:52 ----A---- D:\WINDOWS\system32\swt-win32-3232.dll
2008-11-12 23:52:39 ----HD---- D:\WINDOWS\$NtUninstallKB957097$
2008-11-12 23:52:34 ----HD---- D:\WINDOWS\$NtUninstallKB954459$
2008-11-12 23:52:22 ----HD---- D:\WINDOWS\$NtUninstallKB955069$
2008-11-11 17:46:55 ----D---- D:\DVD-Slideshow
2008-11-11 00:20:59 ----D---- D:\Documents and Settings\Jacques\Application Data\Vso
2008-11-11 00:20:49 ----A---- D:\WINDOWS\system32\sipr3260.dll
2008-11-11 00:20:49 ----A---- D:\WINDOWS\system32\drv43260.dll
2008-11-11 00:20:49 ----A---- D:\WINDOWS\system32\drv33260.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\system32\wvc1dmod.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\system32\vp7vfw.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\system32\drv23260.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\system32\cook3260.dll
2008-11-11 00:20:48 ----A---- D:\WINDOWS\gdiplus.dll
2008-11-10 23:35:25 ----D---- D:\Program Files\EasyPhotoTools
2008-11-10 13:15:56 ----D---- D:\Program Files\Slideshow pro
2008-11-10 13:15:47 ----D---- D:\Program Files\mresreg
2008-11-10 11:03:52 ----D---- D:\Program Files\Fichiers communs\Skype
2008-11-07 19:49:18 ----D---- D:\Documents and Settings\Jacques\Application Data\Search Settings
2008-11-07 13:22:22 ----D---- D:\Program Files\Search Settings
2008-11-07 13:22:02 ----D---- D:\Program Files\Dealio
2008-11-07 13:21:56 ----D---- D:\Documents and Settings\Jacques\Application Data\Dealio
2008-11-07 13:21:12 ----A---- D:\WINDOWS\system32\SSubTmr6.dll
2008-11-07 13:21:12 ----A---- D:\WINDOWS\system32\msxml4a.dll
2008-11-07 13:21:11 ----D---- D:\Program Files\Free Easy Burner

======List of files/folders modified in the last 1 months======

2008-12-01 01:18:32 ----A---- D:\WINDOWS\SchedLgU.Txt
2008-11-30 13:49:36 ----A---- D:\WINDOWS\System.ini
2008-11-29 09:37:56 ----A---- D:\WINDOWS\wininit.ini
2008-11-29 00:59:16 ----A---- D:\WINDOWS\win.ini
2008-11-29 00:29:32 ----N---- D:\WINDOWS\system32\pxinsa64.exe
2008-11-29 00:29:32 ----N---- D:\WINDOWS\system32\pxhpinst.exe
2008-11-29 00:29:32 ----N---- D:\WINDOWS\system32\pxcpya64.exe
2008-11-29 00:29:28 ----N---- D:\WINDOWS\system32\pxsfs.dll
2008-11-29 00:29:26 ----N---- D:\WINDOWS\system32\pxwave.dll
2008-11-29 00:29:26 ----N---- D:\WINDOWS\system32\pxmas.dll
2008-11-29 00:29:26 ----N---- D:\WINDOWS\system32\pxdrv.dll
2008-11-29 00:29:26 ----N---- D:\WINDOWS\system32\px.dll
2008-11-28 14:09:42 ----A---- D:\WINDOWS\NeroDigital.ini
2008-11-28 14:09:38 ----A---- D:\WINDOWS\M3JP2K.INI
2008-11-08 23:50:04 ----A---- D:\WINDOWS\yesmessenger.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD Athlon64; D:\WINDOWS\System32\DRIVERS\AmdK8.sys [2004-05-08 38912]
R1 atitray;atitray; \??\D:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys []
R1 avgio;avgio; \??\D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-26 75072]
R1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board; D:\WINDOWS\system32\drivers\DCxxMJPG.sys [2002-06-04 132940]
R1 InCDPass;InCDPass; D:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-03-24 27664]
R1 incdrm;InCD EasyWrite Reader; D:\WINDOWS\system32\drivers\incdrm.sys [2003-12-30 28080]
R1 MagicTune;MagicTune; D:\WINDOWS\system32\drivers\MTictwl.sys [2005-10-21 13396]
R1 NPPTNT2;NPPTNT2; \??\D:\WINDOWS\system32\npptNT2.sys []
R1 PCLEPCI;PCLEPCI; \??\D:\WINDOWS\system32\Drivers\PCLEPCI.SYS []
R1 PQIMount;PQIMount; D:\WINDOWS\system32\drivers\PQIMount.sys [2003-06-03 46900]
R1 PQNTDrv;PQNTDrv; D:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 prodrv06;StarForce Protection Environment Driver v6; D:\WINDOWS\System32\drivers\prodrv06.sys [2004-01-26 52224]
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; D:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 VBoxDrv;VirtualBox Service; D:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2008-10-23 96016]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; D:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2008-10-23 41744]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-24 12032]
R2 ASPI32;ASPI32; D:\WINDOWS\system32\drivers\ASPI32.sys [2002-07-17 16512]
R2 CdaC15BA;CdaC15BA; \??\D:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 Fallback;Fallback; D:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2003-04-24 289887]
R2 Fsks;Fsks; D:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2003-04-24 115807]
R2 GVCplDrv;GVCplDrv; D:\WINDOWS\system32\drivers\GVCplDrv.sys [2003-05-06 20156]
R2 hcmon;VMware hcmon; \??\D:\WINDOWS\system32\Drivers\hcmon.sys []
R2 irda;Protocole IrDA; D:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 K56;K56; D:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2003-04-24 391199]
R2 mdmxsdk;mdmxsdk; D:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; D:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; D:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2003-04-24 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; D:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2003-04-24 55936]
R2 PfModNT;PfModNT; \??\D:\WINDOWS\system32\PfModNT.sys []
R2 SoftFax;SoftFax; D:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2003-04-24 199711]
R2 tmcomm;tmcomm; \??\D:\WINDOWS\system32\drivers\tmcomm.sys []
R2 Tones;Tones; D:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2003-04-24 50751]
R2 V124;V124; D:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2003-04-24 488383]
R2 VMnetBridge;VMware Bridge Protocol; D:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2007-08-21 28592]
R2 VMnetuserif;VMware Network Application Interface; \??\D:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 VMparport;VMware VMparport; \??\D:\WINDOWS\system32\Drivers\VMparport.sys []
R2 vmx86;VMware vmx86; \??\D:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vstor2.sys []
R3 ALCXSENS;Service for WDM 3D Audio Driver; D:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-02 635281]
R3 ASAPIW2k;ASAPIW2K; D:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 ati2mtag;ati2mtag; D:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2005-06-29 1241088]
R3 avgntflt;avgntflt; \??\D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 CTL511Plus;Video Blaster WebCam 3/WebCam Plus (WDM); D:\WINDOWS\system32\DRIVERS\webc3vid.sys [2001-11-07 166504]
R3 GearAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; D:\WINDOWS\system32\DRIVERS\LHidFlt2.sys [2002-07-02 23854]
R3 LHidUsb;Logitech USB Receiver device driver; D:\WINDOWS\system32\drivers\LHidUsb.Sys [2002-07-02 40508]
R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; D:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys [2002-07-02 6030]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; D:\WINDOWS\system32\DRIVERS\LMouFlt2.sys [2002-07-02 70382]
R3 MarvinBus;Pinnacle Marvin Bus; D:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-06-21 78976]
R3 mouhid;Pilote HID de souris; D:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Pcouffin;VSO Software pcouffin; D:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-11-11 47360]
R3 PctvVirtualNdis;Pinnacle Virtual Miniport; D:\WINDOWS\system32\DRIVERS\PctvVirtualNdis.sys [2007-02-02 13696]
R3 Pfc;Padus ASPI Shell; D:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 Rasirda;Miniport réseau étendu (IrDA); D:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 tunmp;Pilote de carte miniport Tun Microsoft; D:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 ULI5261;ULi Based Ethernet NT Driver; D:\WINDOWS\System32\DRIVERS\ULILAN.SYS [2004-07-26 29696]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; D:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; D:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; D:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; D:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vmkbd;VMware kbd; \??\D:\WINDOWS\system32\drivers\VMkbd.sys []
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; D:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2007-08-21 16816]
R3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); D:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-05-04 402944]
R4 InCDfs;InCD File System; D:\WINDOWS\system32\drivers\InCDfs.sys [2004-03-24 99568]
S1 kbdhid;Pilote HID de clavier; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S2 CoachCap;Firstline FDC 2000 USB Video Capture V1.00; D:\WINDOWS\system32\drivers\CoachCap.sys [2002-03-03 93068]
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\D:\WINDOWS\System32\DRIVERS\ASPI32.sys []
S3 ATE_PROCMON;ATE_PROCMON; \??\D:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 basic2;basic2; D:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2003-04-24 67167]
S3 CCDECODE;Décodeur sous-titre fermé; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\D:\Program Files\HardwareDetection\driverhardwarev2.sys []
S3 ENTECH;ENTECH; \??\D:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); D:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
S3 hidgame;Activateur de port HID à manette de jeu Microsoft; D:\WINDOWS\system32\DRIVERS\hidgame.sys [2003-04-24 8576]
S3 hidusb;Pilote de classe HID Microsoft; D:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HSF_DP;HSF_DP; D:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
S3 hsf_msft;hsf_msft; D:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2003-04-24 542879]
S3 HSFHWBS2;HSFHWBS2; D:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
S3 IKFileSec;File Security Driver; D:\WINDOWS\system32\drivers\ikfilesec.sys [2008-06-02 42376]
S3 IKSysFlt;System Filter Driver; D:\WINDOWS\system32\drivers\iksysflt.sys [2008-06-02 66952]
S3 IKSysSec;System Security Driver; D:\WINDOWS\system32\drivers\iksyssec.sys [2008-06-10 81288]
S3 irsir;Pilote série infrarouge Microsoft; D:\WINDOWS\System32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 Ltn_stk7070P;PCTV based TV tuner device; D:\WINDOWS\system32\DRIVERS\Ltn_stk7070P.sys [2007-06-14 466048]
S3 Ltn_stkrc;PCTV Infrared Receiver; D:\WINDOWS\system32\DRIVERS\Ltn_stkrc.sys [2007-06-13 13440]
S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; D:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 MPE;Filtre BDA MPE; D:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\D:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; D:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; D:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\D:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\D:\WINDOWS\system32\PCANDIS5.SYS []
S3 Penet;PlaceEngine NDIS Protocol Driver; D:\WINDOWS\system32\DRIVERS\penet.sys [2007-10-23 21376]
S3 Rksample;Rksample; D:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2003-04-24 57471]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\WINDOWS\System32\Drivers\RootMdm.sys [2003-04-24 5888]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); D:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; D:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; D:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); D:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 100488]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; D:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 SANDRA;SANDRA; \??\D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Sandra.sys []
S3 sbpci;Sound Blaster AudioPCI Audio Driver (WDM); D:\WINDOWS\system32\drivers\sbpci.sys [2000-08-14 495103]
S3 SLIP;Détrameur décalage BDA; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); D:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SunkFilt;Alcor Micro Corp Reader; \??\D:\WINDOWS\System32\Drivers\sunkfilt.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; D:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vmusb;VMware USB Client Driver; D:\WINDOWS\System32\Drivers\vmusb.sys [2007-08-21 30768]
S3 winachsf;winachsf; D:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S3 WSTCODEC;Codec Teletext standard; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-17 611664]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-24 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-24 151297]
R2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\System32\Ati2evxx.exe [2005-06-29 376832]
R2 Bonjour Service;Service Bonjour; D:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; D:\WINDOWS\system32\drivers\CDAC11BA.EXE [2006-08-29 54784]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; D:\WINDOWS\system32\CTSvcCDA.exe [1999-12-13 44032]
R2 EpsonBidirectionalService;EpsonBidirectionalService; D:\Program Files\EPSON\ESM2\eEBSVC.exe [2002-01-30 77824]
R2 gusvc;Google Updater Service; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-08 168432]
R2 InCDsrv;InCD Helper; D:\Program Files\Ahead\InCD\InCDsrv.exe [2004-03-24 876656]
R2 UPHClean;User Profile Hive Cleanup; D:\Program Files\UPHClean\uphclean.exe [2005-04-27 241725]
R2 V2i Protector;V2i Protector; D:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe [2003-06-03 1200128]
R2 VMAuthdService;VMware Authorization Service; D:\Program Files\VMware\VMware Player\vmware-authd.exe [2007-08-21 109104]
R2 VMnetDHCP;VMw

Répondre à jpapiet

12

jlpjlp, le 1 déc 2008 à 10:41:11

Ok fais la suite

je risque d'être absent mais je finirai

Répondre à jlpjlp

14

jlpjlp, le 1 déc 2008 à 10:58:19

Ok ca a l'air bon
comme je vais être absent quelques jours...

_______________

si tout s'est bien passé:

désactive la restauration système pour purger les virus qui seraient dedans (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre) puis
redémarre ton ordi réactive la

________________

vérifie avec antivir que c'est bon!

_______________

a plus

pour protéger gratos ton ordi

http://www.commentcamarche.net/telecharger/logiciel 4 securite

mettre un antivirus

ANTIVIR (en anglais mais très efficace) ou AVG8 ou (AVAST )
http://www.malekal.com/tutorial_antivir.php (merci Malekal)
-------------
des anti-espions :
MalwareByte's Anti-Malware + SPYBOT +/- si tea timer non active de spybot:
WINDOWS DEFENDER ou SPYWARE TERMINATOR

+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...

Rq : spybot et ad-aware ont sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de (Windows) ou mieux Online armor ou KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit) ou COMODO

http://www.commentcamarche.net/telecharger/telecharger 34055356 online armor personal firewall
http://www.01net.com/telecharger/windows/Securite/firewall/fiches/39911.html
http://forum.pcastuces.com/sujet.asp?f=25&s=35606
http://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
http://manuelsdaide.com/Internet/Jetico/firewall.htm
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm

-----------
CCLEANER pour effacer les traces de surf
---------
naviguer avec firefox ou safari ou opera et non internet explorer plus touché par les virus
http://www.mozilla-europe.org/fr/products/firefox/

Répondre à jlpjlp

15

jpapiet, le 1 déc 2008 à 11:46:00

J'ai desactiver la resto du systeme rebooter le systeme qui me parait clean sans message d'erreur
remis la resto systeme actuellement antivir tourne
je te remercie pour ta patience
Jacques

Répondre à jpapiet

16

jpapiet, le 1 déc 2008 à 15:12:00

Analyse avec ANTIVIR

Avira AntiVir Personal
Report file date: lundi 1 décembre 2008 11:47

Scanning for 1060765 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: JACQUES-K9YXQVT

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 26/11/2008 14:02:50
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:42
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:20
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:54
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 21:46:14
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 23:09:38
ANTIVIR2.VDF : 7.1.0.160 571392 Bytes 30/11/2008 19:30:56
ANTIVIR3.VDF : 7.1.0.161 2048 Bytes 30/11/2008 19:30:56
Engineversion : 8.2.0.36
AEVDF.DLL : 8.1.0.6 102772 Bytes 16/10/2008 17:59:58
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 12/11/2008 07:55:36
AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 23:10:18
AERDL.DLL : 8.1.1.3 438645 Bytes 05/11/2008 22:14:42
AEPACK.DLL : 8.1.3.4 393591 Bytes 12/11/2008 07:55:30
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 07/11/2008 23:10:18
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 07/11/2008 23:10:10
AEHELP.DLL : 8.1.2.0 119159 Bytes 19/11/2008 09:19:50
AEGEN.DLL : 8.1.1.6 323955 Bytes 28/11/2008 16:15:14
AEEMU.DLL : 8.1.0.9 393588 Bytes 16/10/2008 17:59:52
AECORE.DLL : 8.1.5.2 172405 Bytes 28/11/2008 16:15:12
AEBB.DLL : 8.1.0.3 53618 Bytes 16/10/2008 17:59:50
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:06
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:02
AVREP.DLL : 8.0.0.2 98344 Bytes 01/08/2008 07:11:38
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:42
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:24
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:50
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:04
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:42
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:12
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:08
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:38

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, F:, J:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: lundi 1 décembre 2008 11:47

The scan of running processes will be started
Scan process 'AVWSC.EXE' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'msimn.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'vmware-authd.exe' - '1' Module(s) have been scanned
Scan process 'vmnetdhcp.exe' - '1' Module(s) have been scanned
Scan process 'VMNAT.EXE' - '1' Module(s) have been scanned
Scan process 'VMOUNT2.EXE' - '1' Module(s) have been scanned
Scan process 'PQV2iSvc.exe' - '1' Module(s) have been scanned
Scan process 'uphclean.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'eEBSvc.exe' - '1' Module(s) have been scanned
Scan process 'Ctsvccda.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'LANCEUR.EXE' - '1' Module(s) have been scanned
Scan process 'RAMBXPFR.EXE' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'Vaderetro_oe.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SDMCP.EXE' - '1' Module(s) have been scanned
Scan process 'INCDSRV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
49 processes with 49 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Boot sector 'J:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '60' files ).

Starting the file scan:

Begin scan in 'C:\'
Begin scan in 'D:\'
D:\pagefile.sys
[WARNING] The file could not be opened!
D:\hiberfil.sys
[WARNING] The file could not be opened!
D:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
D:\Qoobox\Quarantine\D\WINDOWS\system32\byXOighI.dll.vir
[DETECTION] Is the TR/Monder.aane Trojan
[NOTE] The file was deleted!
D:\Qoobox\Quarantine\D\WINDOWS\system32\ranodenu.dll.vir
[DETECTION] Is the TR/Spy.Agent.fdp Trojan
[NOTE] The file was deleted!
D:\Qoobox\Quarantine\D\WINDOWS\system32\sebowowa.dll.vir
[DETECTION] Is the TR/Monder.aamw Trojan
[NOTE] The file was deleted!
D:\Qoobox\Quarantine\D\WINDOWS\system32\sunotadi.dll.vir
[DETECTION] Is the TR/Monder.aamw Trojan
[NOTE] The file was deleted!
D:\Qoobox\Quarantine\D\WINDOWS\system32\vohetufa.dll.vir
[DETECTION] Is the TR/Spy.Agent.fdp Trojan
[NOTE] The file was deleted!
Begin scan in 'E:\'
Begin scan in 'F:\'
F:\PERSO\NOTES_MICRO\JFAU0035_M6NET_FR.EXE
--> 7373896.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was deleted!
F:\System Volume Information\_restore{85CAEA1F-BBDA-49D1-8B3F-5F1F0FE78EC5}\RP1\A0000001.EXE
--> 7373896.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was deleted!
Begin scan in 'J:\' <DISQUESATA>
J:\pagefile.sys
[WARNING] The file could not be opened!

End of the scan: lundi 1 décembre 2008 14:02
Used time: 2:15:09 Hour(s)

The scan has been done completely.

23535 Scanning directories
776700 Files were scanned
7 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
7 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
4 Files cannot be scanned
776689 Files not concerned
9810 Archives were scanned
4 Warnings
7 Notes

analyse avec ANTIVIR
au revoir
et merci encore
jacques

Répondre à jpapiet

18

jlpjlp, le 6 déc 2008 à 20:37:03

Ok vire ce qui est dans le dossier quarantine:

en allant dans poste de travail puis

D:\Qoobox\Quarantine

____________________

ensuite vire ce qui est en quarantaine dans antivir

puis desactive ta restauration puis redemarre puis réactive la

refais un scan antivir pour voir et dis si encore des soucis

a plus

Répondre à jlpjlp

19

jpapiet, le 8 déc 2008 à 13:24:51

Salut
je n'ai plus de probleme sinon une chose que je ne comprends pas
je te mets le compte rendu ATIVIR

Avira AntiVir Personal
Report file date: lundi 8 décembre 2008 08:30

Scanning for 1076607 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: JACQUES-K9YXQVT

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 26/11/2008 14:02:50
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:42
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:20
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:54
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 21:46:14
ANTIVIR1.VDF : 7.1.0.197 1170432 Bytes 07/12/2008 22:54:04
ANTIVIR2.VDF : 7.1.0.198 2048 Bytes 07/12/2008 22:54:08
ANTIVIR3.VDF : 7.1.0.199 2048 Bytes 07/12/2008 22:54:08
Engineversion : 8.2.0.42
AEVDF.DLL : 8.1.0.6 102772 Bytes 16/10/2008 17:59:58
AESCRIPT.DLL : 8.1.1.17 336251 Bytes 04/12/2008 22:54:08
AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 23:10:18
AERDL.DLL : 8.1.1.3 438645 Bytes 05/11/2008 22:14:42
AEPACK.DLL : 8.1.3.4 393591 Bytes 12/11/2008 07:55:30
AEOFFICE.DLL : 8.1.0.32 196987 Bytes 05/12/2008 22:53:46
AEHEUR.DLL : 8.1.0.74 1519990 Bytes 04/12/2008 22:54:06
AEHELP.DLL : 8.1.2.0 119159 Bytes 19/11/2008 09:19:50
AEGEN.DLL : 8.1.1.6 323955 Bytes 28/11/2008 16:15:14
AEEMU.DLL : 8.1.0.9 393588 Bytes 16/10/2008 17:59:52
AECORE.DLL : 8.1.5.2 172405 Bytes 28/11/2008 16:15:12
AEBB.DLL : 8.1.0.3 53618 Bytes 16/10/2008 17:59:50
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:06
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:02
AVREP.DLL : 8.0.0.2 98344 Bytes 01/08/2008 07:11:38
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:42
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:24
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:50
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:04
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:42
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:12
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:08
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:38

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, F:, J:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: lundi 8 décembre 2008 08:30

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'vmware-authd.exe' - '1' Module(s) have been scanned
Scan process 'vmnetdhcp.exe' - '1' Module(s) have been scanned
Scan process 'VMNAT.EXE' - '1' Module(s) have been scanned
Scan process 'VMOUNT2.EXE' - '1' Module(s) have been scanned
Scan process 'PQV2iSvc.exe' - '1' Module(s) have been scanned
Scan process 'uphclean.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'eEBSvc.exe' - '1' Module(s) have been scanned
Scan process 'Ctsvccda.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'LANCEUR.EXE' - '1' Module(s) have been scanned
Scan process 'RAMBXPFR.EXE' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'Vaderetro_oe.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SDMCP.EXE' - '1' Module(s) have been scanned
Scan process 'INCDSRV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
43 processes with 43 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Boot sector 'J:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '58' files ).

Starting the file scan:

Begin scan in 'C:\'
Begin scan in 'D:\'
D:\pagefile.sys
[WARNING] The file could not be opened!
D:\hiberfil.sys
[WARNING] The file could not be opened!
D:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\'
Begin scan in 'F:\'
Begin scan in 'J:\' <DISQUESATA>
J:\pagefile.sys
[WARNING] The file could not be opened!

End of the scan: lundi 8 décembre 2008 10:08
Used time: 1:37:53 Hour(s)

The scan has been done completely.

23550 Scanning directories
859891 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
4 Files cannot be scanned
859887 Files not concerned
11288 Archives were scanned
4 Warnings
0 Notes

le s 4 fichiers en warnings je ne peux pas les afficher meme en option "voir les fichiers cachés" dans l'explorateur
si tu peux m'expliquer

merci

jacques

Répondre à jpapiet

20

jpapiet, le 8 déc 2008 à 13:24:53

Salut
je n'ai plus de probleme sinon une chose que je ne comprends pas
je te mets le compte rendu ATIVIR

Avira AntiVir Personal
Report file date: lundi 8 décembre 2008 08:30

Scanning for 1076607 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: JACQUES-K9YXQVT

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 26/11/2008 14:02:50
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:42
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:20
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:54
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 21:46:14
ANTIVIR1.VDF : 7.1.0.197 1170432 Bytes 07/12/2008 22:54:04
ANTIVIR2.VDF : 7.1.0.198 2048 Bytes 07/12/2008 22:54:08
ANTIVIR3.VDF : 7.1.0.199 2048 Bytes 07/12/2008 22:54:08
Engineversion : 8.2.0.42
AEVDF.DLL : 8.1.0.6 102772 Bytes 16/10/2008 17:59:58
AESCRIPT.DLL : 8.1.1.17 336251 Bytes 04/12/2008 22:54:08
AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 23:10:18
AERDL.DLL : 8.1.1.3 438645 Bytes 05/11/2008 22:14:42
AEPACK.DLL : 8.1.3.4 393591 Bytes 12/11/2008 07:55:30
AEOFFICE.DLL : 8.1.0.32 196987 Bytes 05/12/2008 22:53:46
AEHEUR.DLL : 8.1.0.74 1519990 Bytes 04/12/2008 22:54:06
AEHELP.DLL : 8.1.2.0 119159 Bytes 19/11/2008 09:19:50
AEGEN.DLL : 8.1.1.6 323955 Bytes 28/11/2008 16:15:14
AEEMU.DLL : 8.1.0.9 393588 Bytes 16/10/2008 17:59:52
AECORE.DLL : 8.1.5.2 172405 Bytes 28/11/2008 16:15:12
AEBB.DLL : 8.1.0.3 53618 Bytes 16/10/2008 17:59:50
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:06
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:02
AVREP.DLL : 8.0.0.2 98344 Bytes 01/08/2008 07:11:38
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:42
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:24
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:50
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:04
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:42
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:12
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:08
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:38

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, F:, J:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: lundi 8 décembre 2008 08:30

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'vmware-authd.exe' - '1' Module(s) have been scanned
Scan process 'vmnetdhcp.exe' - '1' Module(s) have been scanned
Scan process 'VMNAT.EXE' - '1' Module(s) have been scanned
Scan process 'VMOUNT2.EXE' - '1' Module(s) have been scanned
Scan process 'PQV2iSvc.exe' - '1' Module(s) have been scanned
Scan process 'uphclean.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'eEBSvc.exe' - '1' Module(s) have been scanned
Scan process 'Ctsvccda.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'LANCEUR.EXE' - '1' Module(s) have been scanned
Scan process 'RAMBXPFR.EXE' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'Vaderetro_oe.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SDMCP.EXE' - '1' Module(s) have been scanned
Scan process 'INCDSRV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
43 processes with 43 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Boot sector 'J:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '58' files ).

Starting the file scan:

Begin scan in 'C:\'
Begin scan in 'D:\'
D:\pagefile.sys
[WARNING] The file could not be opened!
D:\hiberfil.sys
[WARNING] The file could not be opened!
D:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\'
Begin scan in 'F:\'
Begin scan in 'J:\' <DISQUESATA>
J:\pagefile.sys
[WARNING] The file could not be opened!

End of the scan: lundi 8 décembre 2008 10:08
Used time: 1:37:53 Hour(s)

The scan has been done completely.

23550 Scanning directories
859891 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
4 Files cannot be scanned
859887 Files not concerned
11288 Archives were scanned
4 Warnings
0 Notes

le s 4 fichiers en warnings je ne peux pas les afficher meme en option "voir les fichiers cachés" dans l'explorateur
si tu peux m'expliquer

merci

jacques

Répondre à jpapiet

21

jlpjlp, le 8 déc 2008 à 13:36:16

Ces warning sont normaux! on les a tous pas de souci!

utilise pour supprimer tes traces

CCLEANER: (lance un nettoyage et répare 3 fois le registre) sans installer la barre yahoo
(dans les options puis avancé :désactive la case: effacer les fichiers de plus de 48 heures)
http://www.malekal.com/tutorial_CCleaner.php
http://www.01net.com/...

________________

pour virer ce qui a été utilisé:

Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

___________________

désactive la restauration système pour purger les virus qui seraient dedans (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre) puis réactive la

voilà c'est bon!

pour protéger gratos ton ordi

http://www.commentcamarche.net/telecharger/logiciel 4 securite

mettre un antivirus

ANTIVIR (en anglais mais très efficace) ou AVG8 ou (AVAST )
http://www.malekal.com/tutorial_antivir.php (merci Malekal)
-------------
des anti-espions :
MalwareByte's Anti-Malware + SPYBOT +/- si tea timer non active de spybot:
WINDOWS DEFENDER ou SPYWARE TERMINATOR

+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...

Rq : spybot et ad-aware ont sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de (Windows) ou mieux Online armor ou KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit) ou COMODO

http://www.commentcamarche.net/telecharger/telecharger 34055356 online armor personal firewall
http://www.01net.com/telecharger/windows/Securite/firewall/fiches/39911.html
http://forum.pcastuces.com/sujet.asp?f=25&s=35606
http://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
http://manuelsdaide.com/Internet/Jetico/firewall.htm
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm

-----------
CCLEANER pour effacer les traces de surf
---------
naviguer avec firefox ou safari ou opera et non internet explorer plus touché par les virus
http://www.mozilla-europe.org/fr/products/firefox/

Répondre à jlpjlp

22

jpapiet, le 8 déc 2008 à 14:23:28

[ Rapport ToolsCleaner version 2.2.6 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

D:\VundoFix.txt: trouvé !
D:\Combofix.txt: trouvé !
D:\fixnavi.txt: trouvé !
D:\GenProc.txt: trouvé !
D:\TB.txt: trouvé !
D:\*.msnfix: trouvé !
D:\Combofix: trouvé !
D:\Rsit: trouvé !
D:\WINDOWS\msnfix.txt: trouvé !
D:\WINDOWS\*.msnfix: trouvé !
D:\WINDOWS\system32\*.msnfix: trouvé !
D:\WINDOWS\Downloaded Program Files\*.msnfix: trouvé !
D:\Documents and Settings\Jacques\Bureau\infection\hijackthis.log: trouvé !
D:\Documents and Settings\Jacques\Bureau\infection\OTMoveIt3.exe: trouvé !
D:\Documents and Settings\Jacques\Bureau\infection\Rsit.exe: trouvé !
D:\Program Files\trend micro\HijackThis.exe: trouvé !
D:\Program Files\trend micro\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

D:\Program Files\trend micro\HijackThis.exe: supprimé !
D:\VundoFix.txt: supprimé !
D:\Combofix.txt: supprimé !
D:\fixnavi.txt: supprimé !
D:\GenProc.txt: supprimé !
D:\TB.txt: supprimé !
D:\*.msnfix: ERREUR DE SUPPRESSION !!
D:\WINDOWS\msnfix.txt: supprimé !
D:\WINDOWS\*.msnfix: ERREUR DE SUPPRESSION !!
D:\WINDOWS\system32\*.msnfix: ERREUR DE SUPPRESSION !!
D:\WINDOWS\Downloaded Program Files\*.msnfix: ERREUR DE SUPPRESSION !!
D:\Documents and Settings\Jacques\Bureau\infection\hijackthis.log: supprimé !
D:\Documents and Settings\Jacques\Bureau\infection\OTMoveIt3.exe: supprimé !
D:\Documents and Settings\Jacques\Bureau\infection\Rsit.exe: supprimé !
D:\Program Files\trend micro\hijackthis.log: supprimé !
D:\Combofix: supprimé !
D:\Rsit: supprimé !

Point de restauration crée !
Corbeille vidée!
Fichiers temporaires nettoyés !
Sauvegarde du registre crée !
je pense que tout a marché
Jacques

Répondre à jpapiet

26

jpapiet, le 8 déc 2008 à 14:44:47

Ok c'est fait
et merci encore
jacques

Répondre à jpapiet

23

jlpjlp, le 8 déc 2008 à 14:28:22

Ok reste a virer manuellement msnfix

Répondre à jlpjlp

24

jpapiet, le 8 déc 2008 à 14:42:22

Ww.MSNFix
REGEDIT.MSNFix
tmp.MSNFix
voila les 3 msnfix que je trouve celui qui m'inquiete est regedit.msnfix
pourquoi regedit?
merci

Répondre à jpapiet

25

jlpjlp, le 8 déc 2008 à 14:42:55

Ok vire les tous
et pas d'inquiétude !

Répondre à jlpjlp