besoin d'aide virus infostealer-bzup. scan hijackthis

bonjour, voila je suis infecté par le virus spyware.infotealer-bzup (un truc du style) et mon antivirus fsecure a jour n'arrive pas a l'enlever.
j'ai donc fai un scan hijackthis mais c apres que je sais pas quoi faire. merci de votre aide.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54:31, on 07/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\system32\\spoolsv.exe
C:\\WINDOWS\\Explorer.EXE
C:\\Program Files\\Pack Sécurité\\Common\\FSM32.EXE
C:\\WINDOWS\\ZSSnp211.exe
C:\\WINDOWS\\Domino.exe
C:\\WINDOWS\\system32\\ctfmon.exe
C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe
C:\\Program Files\\TomTom HOME 2\\HOMERunner.exe
C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe
C:\\WINDOWS\\system32\\msiconf.exe
C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe
C:\\Program Files\\CA\\SharedComponents\\CA_LIC\\lic98rmt.exe
C:\\Program Files\\CyberLink\\PowerCinema\\Kernel\\TV\\CLCapSvc.exe
C:\\Program Files\\CyberLink\\Shared Files\\CLML_NTService\\CLMLServer.exe
C:\\Program Files\\Pack Sécurité\\Anti-Virus\\fsgk32st.exe
C:\\Program Files\\CyberLink\\Shared Files\\CLML_NTService\\CLMLService.exe
C:\\Program Files\\Pack Sécurité\\Common\\FSMA32.EXE
C:\\Program Files\\Pack Sécurité\\Anti-Virus\\FSGK32.EXE
C:\\WINDOWS\\system32\\hasplms.exe
C:\\Program Files\\Pack Sécurité\\Common\\FSMB32.EXE
C:\\WINDOWS\\System32\\svchost.exe
C:\\Program Files\\CA\\SharedComponents\\CA_LIC\\LogWatNT.exe
C:\\WINDOWS\\system32\\nvsvc32.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\Program Files\\CyberLink\\PowerCinema\\Kernel\\TV\\CLSched.exe
C:\\Program Files\\Pack Sécurité\\Common\\FCH32.EXE
C:\\Program Files\\Pack Sécurité\\Common\\FAMEH32.EXE
C:\\Program Files\\Pack Sécurité\\Anti-Virus\\fsqh.exe
C:\\Program Files\\Pack Sécurité\\FSGUI\\fsguidll.exe
C:\\Program Files\\Pack Sécurité\\FSAUA\\program\\fsaua.exe
C:\\Program Files\\Pack Sécurité\\Anti-Virus\\fssm32.exe
C:\\Program Files\\Pack Sécurité\\FWES\\Program\\fsdfwd.exe
C:\\Program Files\\Pack Sécurité\\FSAUA\\program\\fsus.exe
C:\\Program Files\\Pack Sécurité\\Anti-Virus\\fsav32.exe
C:\\Program Files\\Pack Sécurité\\FSGUI\\fsavgui.exe
C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe
C:\\Program Files\\Windows Live\\Messenger\\usnsvc.exe
C:\\Program Files\\Mozilla Firefox\\firefox.exe
C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.orange.fr
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://www.carrefour.fr/
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.ustart.org
R1 - HKCU\\Software\\Microsoft\\Internet Connection Wizard,ShellNext = http://www.cegetel.net/
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = Liens
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\\Program Files\\EoRezo\\EoAdv\\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.6.0_03\\bin\\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\\program files\\google\\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\\Program Files\\Google\\GoogleToolbarNotifier\\3.1.807.1746\\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\\PROGRA~1\\FlashFXP\\IEFlash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\\program files\\google\\googletoolbar1.dll
O4 - HKLM\\..\\Run: [F-Secure Manager] "C:\\Program Files\\Pack Sécurité\\Common\\FSM32.EXE" /splash
O4 - HKLM\\..\\Run: [F-Secure TNB] "C:\\Program Files\\Pack Sécurité\\FSGUI\\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [QuickTime Task] "C:\\Program Files\\QuickTime\\qttask.exe" -atboottime
O4 - HKLM\\..\\Run: [ZSSnp211] C:\\WINDOWS\\ZSSnp211.exe
O4 - HKLM\\..\\Run: [Domino] C:\\WINDOWS\\Domino.exe
O4 - HKCU\\..\\Run: [NBJ] "C:\\Program Files\\Ahead\\Nero BackItUp\\NBJ.exe"
O4 - HKCU\\..\\Run: [ctfmon.exe] C:\\WINDOWS\\system32\\ctfmon.exe
O4 - HKCU\\..\\Run: [swg] C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe
O4 - HKCU\\..\\Run: [WOOKIT] C:\\PROGRA~1\\Wanadoo\\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\\..\\Run: [SpybotSD TeaTimer] C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe
O4 - HKCU\\..\\Run: [TomTomHOME.exe] "C:\\Program Files\\TomTom HOME 2\\HOMERunner.exe"
O4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe
O4 - HKCU\\..\\Run: [msiexec.exe] msiconf.exe
O4 - HKCU\\..\\RunOnce: [gi819766163] "C:\\DOCUME~1\\Anthony\\LOCALS~1\\Temp\\gi44PIO5.exe" /resume:"C:\\DOCUME~1\\Anthony\\LOCALS~1\\Temp\\2H44PI6F" /exename:"C:\\Documents and Settings\\Anthony\\Application Data\\Mozilla\\Firefox\\Profiles\\s9ma7shr.default\\extensions\\{bb628310-0ab7-11db-9cd8-0800200c9a66}\\setup.exe"
O4 - HKUS\\S-1-5-18\\..\\Run: [Nokia.PCSync] C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\\.DEFAULT\\..\\Run: [Nokia.PCSync] C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: &Google Search - res://C:\\Program Files\\Google\\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\\Program Files\\AOL Toolbar\\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Backward &Links - res://C:\\Program Files\\Google\\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\\Program Files\\Google\\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\\Program Files\\Google\\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.carrefour.fr/
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 7743015284
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{90EFEA42-6472-4424-8CEF-722F7CFCFB95}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\\PROGRA~1\\WI1F86~1\\MESSEN~1\\MSGRAP~1.DLL
O20 - Winlogon Notify: UpdateNf - C:\\WINDOWS\\
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\\Program Files\\Fichiers communs\\Autodesk Shared\\Service\\AdskScSrv.exe
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\\Program Files\\CA\\SharedComponents\\CA_LIC\\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Unknown owner - C:\\Program Files\\CA\\SharedComponents\\CA_LIC\\lic98rmtd.exe (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\\Program Files\\CyberLink\\PowerCinema\\Kernel\\TV\\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\\Program Files\\CyberLink\\PowerCinema\\Kernel\\TV\\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\\Program Files\\CyberLink\\Shared Files\\CLML_NTService\\CLMLServer.exe
O23 - Service: F-Secure BlackLight Sensor - Unknown owner - C:\\WINDOWS\\TEMP\\F-Secure\\Anti-Virus\\fsblsrv.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\\Program Files\\Pack Sécurité\\Anti-Virus\\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\\Program Files\\Pack Sécurité\\FSAUA\\program\\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\\Program Files\\Pack Sécurité\\FWES\\Program\\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\\Program Files\\Pack Sécurité\\Common\\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\\WINDOWS\\system32\\hasplms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Fichiers communs\\InstallShield\\Driver\\1050\\Intel 32\\IDriverT.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\\Program Files\\CA\\SharedComponents\\CA_LIC\\LogWatNT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007\\Win32\\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007\\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\\Program Files\\PC Connectivity Solution\\ServiceLayer.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\\PROGRA~1\\COMMON~1\\X10\\Common\\x10nets.exe

--
End of file - 10660 bytes

-----------\\ ToolBar S&D 1.2.6 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Anthony ( Administrator )
BOOT : Normal boot
Antivirus : F-Secure Anti-Virus 2007 7.02 7.02 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:115 Go (Free:50 Go)
D:\ (Local Disk) - NTFS - Total:113 Go (Free:27 Go)
E:\ (Local Disk) - FAT32 - Total:3 Go (Free:1 Go)
F:\ (CD or DVD)
G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
H:\ (CD or DVD)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (USB)

"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 07/12/2008|13:09 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\DOCUME~1\Anthony\Cookies\anthony@mysearch[1].txt
C:\Program Files\PlayMP3z
C:\Program Files\PlayMP3z\uninstall.exe

-----------\\ Extensions

(Anthony) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Start Page"="http://www.orange.fr"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.carrefour.fr/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.ustart.org"
"Default_Search_URL"="http://www.google.com/ie"


--------------------\\ Recherche d'autres infections

1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2008|13:11 - Option : [1]

-----------\\ Fin du rapport a 13:11:22,89

http://www.mediafire.com/?sharekey [...] b6cf06eb49


DDS (Version 1.0) - NTFSx86
Run by Anthony at 13:56:21,73 on 07/12/2008
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.416 [GMT 1:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\WINDOWS\ZSSnp211.exe
C:\WINDOWS\Domino.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\msiconf.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Sécurité\FSAUA\program\fsus.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Anthony\Bureau\gmer\gmer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Anthony\Bureau\dds.scr

============== Pseudo HJT Report ===============

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://www.orange.fr
mDefault_Page_URL = hxxp://www.carrefour.fr/
mStart Page = hxxp://www.ustart.org
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.cegetel.net/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: {64F56FC1-1272-44CD-BA6E-39723696E350} - c:\program files\eorezo\eoadv\EoRezoBHO.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\3.1.807.1746\swg.dll
BHO: {E5A1691B-D188-4419-AD02-90002030B8EE} - c:\progra~1\flashfxp\IEFlash.dll
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
uRun: [NBJ] "c:\program files\ahead\nero backitup\NBJ.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [WOOKIT] c:\progra~1\wanadoo\GestMaj.exe GestionnaireInternet.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\HOMERunner.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [msiexec.exe] msiconf.exe
uRunOnce: [gi819766163] "c:\docume~1\anthony\locals~1\temp\gi44pio5.exe" /resume:"c:\docume~1\anthony\locals~1\temp\2h44pi6f" /exename:"c:\documents and settings\anthony\application data\mozilla\firefox\profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe"
mRun: [F-Secure Manager] "c:\program files\pack sécurité\common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "c:\program files\pack sécurité\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [ZSSnp211] c:\windows\ZSSnp211.exe
mRun: [Domino] c:\windows\Domino.exe
dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Recherche AOL Toolbar - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
IE: Backward &Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cac&hed Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: Si&milar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\program files\pack se9,curite9,\fsps\program\FSLSP.DLL
TCP: {90EFEA42-6472-4424-8CEF-722F7CFCFB95} = 80.10.246.130 81.253.149.10
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\fichiers communs\microsoft shared\web folders\PKMCDO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-2-25 58128]
R1 F-Secure HIPS;F-Secure HIPS;\??\c:\program files\pack sécurité\hips\fshs.sys [2008-2-25 41184]
R2 aksfridge;aksfridge;\??\c:\windows\system32\drivers\aksfridge.sys [2008-9-20 351744]
R2 CA_LIC_CLNT;CA License Client;"c:\program files\ca\sharedcomponents\ca_lic\lic98rmt.exe" [2003-10-12 143360]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;"c:\program files\pack sécurité\anti-virus\fsgk32st.exe" [2008-2-25 48072]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run []
R2 LogWatch;Event Log Watch;"c:\program files\ca\sharedcomponents\ca_lic\LogWatNT.exe" [2002-9-20 53248]
R2 U3SHLPDR;U3SHLPDR;\??\c:\windows\system32\drivers\U3SHLPDR.SYS [2006-1-5 3445]
R3 CardReaderFilter;Card Reader Filter;\??\c:\windows\system32\drivers\USBCRFT.SYS [2004-10-14 13440]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2004-10-5 1272000]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;\??\c:\program files\pack sécurité\anti-virus\minifilter\fsgk.sys [2008-2-25 59760]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [2004-10-5 24704]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter;\??\c:\windows\system32\drivers\NSDriver.sys []
S3 CA_LIC_SRVR;CA License Server;"c:\program files\ca\sharedcomponents\ca_lic\lic98rmtd.exe" []
S3 DCamUSBPremier;Premier USB Video Camera;c:\windows\system32\drivers\mpixvid.sys [2006-10-9 81633]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-11-29 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-11-29 8320]
S3 SDVC04;USB DVC Service;c:\windows\system32\drivers\SDVC04.sys [2007-3-20 42413]
S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);c:\windows\system32\drivers\v800bus.sys [2004-8-30 52416]
S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter;c:\windows\system32\drivers\v800mdfl.sys [2004-8-30 6160]
S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver;c:\windows\system32\drivers\v800mdm.sys [2004-8-30 84544]
S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\v800mgmt.sys [2004-8-30 77760]
S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface;c:\windows\system32\drivers\v800obex.sys [2004-8-30 75584]
S3 VendorJoystickEnabler;XCtrl XBOX Control HID Minidriver r1;c:\windows\system32\drivers\xctrl.sys [2006-5-31 16834]
S3 xbreader;ActionReplay XBox Driver (xbreader.sys);c:\windows\system32\drivers\xbreader.sys [2006-5-31 19677]
S4 F-Secure Filter;F-Secure File System Filter;\??\c:\program files\pack sécurité\anti-virus\win2k\FSfilter.sys [2008-2-25 40048]
S4 F-Secure Recognizer;F-Secure File System Recognizer;\??\c:\program files\pack sécurité\anti-virus\win2k\FSrec.sys [2008-2-25 25456]

=============== Created Last 30 ================

2008-12-07 13:16 250 a------- c:\windows\gmer.ini
2008-12-07 13:09 <DIR> --d----- C:\ToolBar SD
2008-12-07 12:34 <DIR> --d----- c:\program files\Trend Micro
2008-12-07 11:30 80,896 a------- c:\windows\system32\msiconf.exe
2008-12-07 11:30 0 a------- c:\windows\system32\updatenf.dll
2008-12-07 11:30 0 a------- c:\windows\system32\api32.dll
2008-12-06 23:10 54,156 a---h--- c:\windows\QTFont.qfn
2008-12-06 23:10 1,409 a------- c:\windows\QTFont.for
2008-12-06 09:55 <DIR> --d----- c:\windows\l2schemas
2008-12-06 09:55 <DIR> --d----- c:\windows\system32\fr
2008-12-06 09:55 <DIR> --d----- c:\windows\system32\bits
2008-12-06 09:44 <DIR> --d----- c:\windows\ServicePackFiles
2008-12-06 09:33 <DIR> --d----- c:\windows\EHome
2008-11-29 21:00 26,112 a------- c:\windows\system32\drivers\usbser.sys
2008-11-29 21:00 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2008-11-29 21:00 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-11-29 20:59 14,640 -------- c:\windows\system32\spmsgXP_2k3.dll
2008-11-29 20:55 8,064 a------- c:\windows\system32\drivers\usbser_lowerfltj.sys
2008-11-29 20:55 8,064 a------- c:\windows\system32\drivers\usbser_lowerflt.sys
2008-11-29 20:55 22,016 a------- c:\windows\system32\drivers\ccdcmbo.sys
2008-11-29 20:55 1,112,288 a------- c:\windows\system32\wdfcoinstaller01007.dll
2008-11-29 20:55 659,968 a------- c:\windows\system32\nmwcdcocls.dll
2008-11-29 20:55 17,664 a------- c:\windows\system32\drivers\ccdcmb.sys
2008-11-29 20:54 8,320 a------- c:\windows\system32\drivers\nmwcdnsuc.sys
2008-11-29 20:54 138,112 a------- c:\windows\system32\drivers\nmwcdnsu.sys
2008-11-29 20:51 <DIR> --d----- c:\program files\MSXML 6.0
2008-11-23 14:47 63,442 a------- C:\RECUP2.DOC
2008-11-23 14:47 900 a------- C:\RECUP1.DOC
2008-11-23 11:33 44,520 a------- c:\windows\system\FA123ALG.TTF
2008-11-23 11:33 41,796 a------- c:\windows\system\FA123GRF.TTF
2008-11-12 12:48 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys

==================== Find3M ====================

2008-12-06 16:02 470,578 a------- c:\windows\system32\perfh00C.dat
2008-12-06 16:02 76,388 a------- c:\windows\system32\perfc00C.dat
2008-12-06 11:36 96,384 a------- c:\windows\system32\drivers\sptd1357.sys
2008-12-06 09:58 76,507 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-11-18 08:45 1,804 a------- c:\docume~1\anthony\applic~1\wklnhst.dat
2008-10-24 12:21 455,296 a------- c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-15 16:26 1,846,528 a------- c:\windows\system32\win32k.sys
2008-09-15 08:56 91,136 a------- c:\windows\system32\nmwcdcls.dll
2008-09-10 02:15 1,307,648 a------- c:\windows\system32\msxml6.dll
2008-04-16 20:18 93,704 a------- c:\docume~1\anthony\applic~1\GDIPFONTCACHEV1.DAT
2007-12-27 10:27 152 a------- c:\documents and settings\anthony\brdgInst.bat
2005-09-03 22:52 1,313 a------- c:\documents and settings\anthony\file1.exe
2008-04-14 03:33 65,024 a--sh--- c:\windows\system32\asycfilt.dll
2008-04-14 03:33 617,472 a--sh--- c:\windows\system32\comctl32.dll
2008-04-14 03:33 1,028,096 a--sh--- c:\windows\system32\mfc42.dll
2004-08-05 13:00 57,344 a--sh--- c:\windows\system32\mfc42loc.dll
2008-04-14 03:33 413,696 a--sh--- c:\windows\system32\msvcp60.dll
2008-04-14 03:33 343,040 a--sh--- c:\windows\system32\msvcrt.dll
2004-08-05 13:00 253,952 a--sh--- c:\windows\system32\msvcrt20.dll
2008-04-14 03:33 551,936 a--sh--- c:\windows\system32\oleaut32.dll
2008-04-14 03:33 84,992 a--sh--- c:\windows\system32\olepro32.dll
2008-04-14 03:33 30,749 a--sh--- c:\windows\system32\vbajet32.dll
2000-04-26 13:34 368,912 a--sh--- c:\windows\system32\VBAR332.DLL

============= FINISH: 13:56:51,96 ===============

SDFix: Version 1.240
Run by Anthony on 07/12/2008 at 15:23

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:\Program Files\PlayMP3z\uninstall.exe - Deleted
C:\DOCUME~1\Anthony\LOCALS~1\Temp\TMP69.tmp - Deleted
C:\Documents and Settings\All Users\Bureau\Best BDSM P0rn.url - Deleted
C:\Documents and Settings\All Users\Bureau\Gay Fetish Sex.url - Deleted
C:\WINDOWS\system32\msiconf.exe - Deleted



Folder C:\Program Files\PlayMP3z - Removed


Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-07 15:34:02
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s0"=dword:a9688daa
"s1"=dword:30b0a071
"s2"=dword:9f5ad16c
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:75,4d,a5,f9,33,83,51,8c,e8,d4,8b,d5,c0,24,b3,16,ff,c8,94,a9,d9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:75,4d,a5,f9,33,83,51,8c,e8,d4,8b,d5,c0,24,b3,16,ff,c8,94,a9,d9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:75,4d,a5,f9,33,83,51,8c,e8,d4,8b,d5,c0,24,b3,16,ff,c8,94,a9,d9,..

scanning hidden registry entries ...

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{070CEF85-8652-0D70-35C9-21C788FF0505}]
"paodnibpkmffhoahbieooikhbdlmkgcc"=hex:6a,61,6b,61,69,6e,70,64,61,6a,65,69,61,6c,6c,64,64,69,68,6c,00,..
"oaiephocbigdhpebcpfmnaacfnjfpc"=hex:6a,61,6b,61,69,6e,70,64,61,6a,65,69,61,6c,6c,64,64,69,68,6c,00,..
"kaaelphfichmnbbepepkjd"=hex:62,61,6d,61,00,e4

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner"
"D:\\mes documents\\Anthony\\logiciel\\jeux\\Dawn of War\\W40k.exe"="D:\\mes documents\\Anthony\\logiciel\\jeux\\Dawn of War\\W40k.exe:*:Enabled:W40K"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Visicom Media\\FTP Expert 3\\ftpxpert3.exe"="C:\\Program Files\\Visicom Media\\FTP Expert 3\\ftpxpert3.exe:*:Enabled:AceFTP v3"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"="C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"="C:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Tue 15 Nov 2005 78,104 A.SHR --- "C:\Program Files\Autodesk DWF Viewer\Setup.exe"
Thu 24 Nov 2005 17,920 A.SHR --- "C:\Program Files\Autodesk DWF Viewer\_Setup.dll"
Thu 24 Nov 2005 12,880 A.SHR --- "C:\Program Files\Autodesk DWF Viewer\_Setupx.dll"
Mon 14 Apr 2008 1,695,232 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Mon 14 Apr 2008 65,024 A.SH. --- "C:\WINDOWS\system32\asycfilt.dll"
Mon 14 Apr 2008 617,472 A.SH. --- "C:\WINDOWS\system32\comctl32.dll"
Mon 14 Apr 2008 1,028,096 A.SH. --- "C:\WINDOWS\system32\mfc42.dll"
Thu 5 Aug 2004 57,344 A.SH. --- "C:\WINDOWS\system32\mfc42loc.dll"
Mon 14 Apr 2008 413,696 A.SH. --- "C:\WINDOWS\system32\msvcp60.dll"
Mon 14 Apr 2008 343,040 A.SH. --- "C:\WINDOWS\system32\msvcrt.dll"
Thu 5 Aug 2004 253,952 A.SH. --- "C:\WINDOWS\system32\msvcrt20.dll"
Mon 14 Apr 2008 551,936 A.SH. --- "C:\WINDOWS\system32\oleaut32.dll"
Mon 14 Apr 2008 84,992 A.SH. --- "C:\WINDOWS\system32\olepro32.dll"
Mon 14 Apr 2008 30,749 A.SH. --- "C:\WINDOWS\system32\vbajet32.dll"
Wed 26 Apr 2000 368,912 A.SH. --- "C:\WINDOWS\system32\VBAR332.DLL"
Thu 28 Jul 2005 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 19 Oct 2008 42,264,576 ...H. --- "C:\Documents and Settings\Anthony\Bureau\~WRL3003.tmp"
Tue 15 Nov 2005 78,104 A.SHR --- "C:\Program Files\Autodesk\Autodesk DWF Viewer\Setup.exe"
Thu 24 Nov 2005 17,920 A.SHR --- "C:\Program Files\Autodesk\Autodesk DWF Viewer\_Setup.dll"
Thu 24 Nov 2005 12,880 A.SHR --- "C:\Program Files\Autodesk\Autodesk DWF Viewer\_Setupx.dll"
Wed 22 Dec 2004 76,568 ..SHR --- "C:\Program Files\Autodesk1\Autodesk DWF Viewer\Setup.exe"
Wed 22 Dec 2004 16,384 A.SHR --- "C:\Program Files\Autodesk1\Autodesk DWF Viewer\_Setup.dll"
Thu 20 Jan 2005 11,344 A.SHR --- "C:\Program Files\Autodesk1\Autodesk DWF Viewer\_Setupx.dll"
Fri 13 Feb 2004 36,864 A..HR --- "C:\Program Files\JoWooD\SpellForce\ar2.exe"
Sun 7 Sep 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1191\A0279681.sys"
Sat 13 Sep 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1192\A0279708.sys"
Sun 14 Sep 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1200\A0280245.sys"
Mon 22 Sep 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1223\A0282177.sys"
Sun 19 Oct 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1229\A0282646.sys"
Tue 28 Oct 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1251\A0284895.sys"
Sat 22 Nov 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1257\A0285387.sys"
Sat 29 Nov 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1258\A0286291.sys"
Sat 29 Nov 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1264\A0291196.sys"
Sat 6 Dec 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1266\A0291505.sys"
Sat 8 Dec 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 7 Dec 2008 108 A..H. --- "C:\Program Files\Common Files\X10\Common\x10prod.sys"
Tue 3 Apr 2007 20,480 ...H. --- "C:\Documents and Settings\Anthony\Application Data\Microsoft\Word\~WRL0368.tmp"

Finished!


rapport dds

DDS (Version 1.0) - NTFSx86
Run by Anthony at 15:43:28,46 on 07/12/2008
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.530 [GMT 1:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Sécurité\FSAUA\program\fsus.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\WINDOWS\ZSSnp211.exe
C:\WINDOWS\Domino.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Anthony\Bureau\dds.scr

============== Pseudo HJT Report ===============

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://www.orange.fr
mDefault_Page_URL = hxxp://www.carrefour.fr/
mStart Page = hxxp://www.ustart.org
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.cegetel.net/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: {64F56FC1-1272-44CD-BA6E-39723696E350} - c:\program files\eorezo\eoadv\EoRezoBHO.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\3.1.807.1746\swg.dll
BHO: {E5A1691B-D188-4419-AD02-90002030B8EE} - c:\progra~1\flashfxp\IEFlash.dll
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
uRun: [NBJ] "c:\program files\ahead\nero backitup\NBJ.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [WOOKIT] c:\progra~1\wanadoo\GestMaj.exe GestionnaireInternet.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\HOMERunner.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [msiexec.exe] msiconf.exe
uRunOnce: [gi819766163] "c:\docume~1\anthony\locals~1\temp\gi44pio5.exe" /resume:"c:\docume~1\anthony\locals~1\temp\2h44pi6f" /exename:"c:\documents and settings\anthony\application data\mozilla\firefox\profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe"
mRun: [F-Secure Manager] "c:\program files\pack sécurité\common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "c:\program files\pack sécurité\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [ZSSnp211] c:\windows\ZSSnp211.exe
mRun: [Domino] c:\windows\Domino.exe
dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Recherche AOL Toolbar - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
IE: Backward &Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cac&hed Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: Si&milar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\program files\pack se9,curite9,\fsps\program\FSLSP.DLL
TCP: {90EFEA42-6472-4424-8CEF-722F7CFCFB95} = 80.10.246.1 81.253.149.2
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\fichiers communs\microsoft shared\web folders\PKMCDO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-2-25 58128]
R1 F-Secure HIPS;F-Secure HIPS;\??\c:\program files\pack sécurité\hips\fshs.sys [2008-2-25 41184]
R2 aksfridge;aksfridge;\??\c:\windows\system32\drivers\aksfridge.sys [2008-9-20 351744]
R2 CA_LIC_CLNT;CA License Client;"c:\program files\ca\sharedcomponents\ca_lic\lic98rmt.exe" [2003-10-12 143360]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;"c:\program files\pack sécurité\anti-virus\fsgk32st.exe" [2008-2-25 48072]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run []
R2 LogWatch;Event Log Watch;"c:\program files\ca\sharedcomponents\ca_lic\LogWatNT.exe" [2002-9-20 53248]
R2 U3SHLPDR;U3SHLPDR;\??\c:\windows\system32\drivers\U3SHLPDR.SYS [2006-1-5 3445]
R3 CardReaderFilter;Card Reader Filter;\??\c:\windows\system32\drivers\USBCRFT.SYS [2004-10-14 13440]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2004-10-5 1272000]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;\??\c:\program files\pack sécurité\anti-virus\minifilter\fsgk.sys [2008-2-25 59760]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [2004-10-5 24704]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter;\??\c:\windows\system32\drivers\NSDriver.sys []
S3 CA_LIC_SRVR;CA License Server;"c:\program files\ca\sharedcomponents\ca_lic\lic98rmtd.exe" []
S3 DCamUSBPremier;Premier USB Video Camera;c:\windows\system32\drivers\mpixvid.sys [2006-10-9 81633]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-11-29 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-11-29 8320]
S3 SDVC04;USB DVC Service;c:\windows\system32\drivers\SDVC04.sys [2007-3-20 42413]
S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);c:\windows\system32\drivers\v800bus.sys [2004-8-30 52416]
S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter;c:\windows\system32\drivers\v800mdfl.sys [2004-8-30 6160]
S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver;c:\windows\system32\drivers\v800mdm.sys [2004-8-30 84544]
S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\v800mgmt.sys [2004-8-30 77760]
S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface;c:\windows\system32\drivers\v800obex.sys [2004-8-30 75584]
S3 VendorJoystickEnabler;XCtrl XBOX Control HID Minidriver r1;c:\windows\system32\drivers\xctrl.sys [2006-5-31 16834]
S3 xbreader;ActionReplay XBox Driver (xbreader.sys);c:\windows\system32\drivers\xbreader.sys [2006-5-31 19677]
S4 F-Secure Filter;F-Secure File System Filter;\??\c:\program files\pack sécurité\anti-virus\win2k\FSfilter.sys [2008-2-25 40048]
S4 F-Secure Recognizer;F-Secure File System Recognizer;\??\c:\program files\pack sécurité\anti-virus\win2k\FSrec.sys [2008-2-25 25456]

=============== Created Last 30 ================

2008-12-07 15:21 579,584 ac------ c:\windows\system32\dllcache\user32.dll
2008-12-07 15:16 <DIR> --d----- c:\windows\ERUNT
2008-12-07 15:12 <DIR> --d----- C:\SDFix
2008-12-07 15:00 <DIR> --d----- c:\program files\Exterminate It!
2008-12-07 13:16 250 a------- c:\windows\gmer.ini
2008-12-07 13:09 <DIR> --d----- C:\ToolBar SD
2008-12-07 12:34 <DIR> --d----- c:\program files\Trend Micro
2008-12-07 11:30 0 a------- c:\windows\system32\updatenf.dll
2008-12-07 11:30 0 a------- c:\windows\system32\api32.dll
2008-12-06 23:10 54,156 a---h--- c:\windows\QTFont.qfn
2008-12-06 23:10 1,409 a------- c:\windows\QTFont.for
2008-12-06 09:55 <DIR> --d----- c:\windows\l2schemas
2008-12-06 09:55 <DIR> --d----- c:\windows\system32\fr
2008-12-06 09:55 <DIR> --d----- c:\windows\system32\bits
2008-12-06 09:44 <DIR> --d----- c:\windows\ServicePackFiles
2008-12-06 09:33 <DIR> --d----- c:\windows\EHome
2008-11-29 21:00 26,112 a------- c:\windows\system32\drivers\usbser.sys
2008-11-29 21:00 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2008-11-29 21:00 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-11-29 20:59 14,640 -------- c:\windows\system32\spmsgXP_2k3.dll
2008-11-29 20:55 8,064 a------- c:\windows\system32\drivers\usbser_lowerfltj.sys
2008-11-29 20:55 8,064 a------- c:\windows\system32\drivers\usbser_lowerflt.sys
2008-11-29 20:55 22,016 a------- c:\windows\system32\drivers\ccdcmbo.sys
2008-11-29 20:55 1,112,288 a------- c:\windows\system32\wdfcoinstaller01007.dll
2008-11-29 20:55 659,968 a------- c:\windows\system32\nmwcdcocls.dll
2008-11-29 20:55 17,664 a------- c:\windows\system32\drivers\ccdcmb.sys
2008-11-29 20:54 8,320 a------- c:\windows\system32\drivers\nmwcdnsuc.sys
2008-11-29 20:54 138,112 a------- c:\windows\system32\drivers\nmwcdnsu.sys
2008-11-29 20:51 <DIR> --d----- c:\program files\MSXML 6.0
2008-11-23 14:47 63,442 a------- C:\RECUP2.DOC
2008-11-23 14:47 900 a------- C:\RECUP1.DOC
2008-11-23 11:33 44,520 a------- c:\windows\system\FA123ALG.TTF
2008-11-23 11:33 41,796 a------- c:\windows\system\FA123GRF.TTF
2008-11-12 12:48 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys

==================== Find3M ====================

2008-12-06 16:02 470,578 a------- c:\windows\system32\perfh00C.dat
2008-12-06 16:02 76,388 a------- c:\windows\system32\perfc00C.dat
2008-12-06 11:36 96,384 a------- c:\windows\system32\drivers\sptd1357.sys
2008-12-06 09:58 76,507 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-11-18 08:45 1,804 a------- c:\docume~1\anthony\applic~1\wklnhst.dat
2008-10-24 12:21 455,296 a------- c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-15 16:26 1,846,528 a------- c:\windows\system32\win32k.sys
2008-09-15 08:56 91,136 a------- c:\windows\system32\nmwcdcls.dll
2008-09-10 02:15 1,307,648 a------- c:\windows\system32\msxml6.dll
2008-04-16 20:18 93,704 a------- c:\docume~1\anthony\applic~1\GDIPFONTCACHEV1.DAT
2007-12-27 10:27 152 a------- c:\documents and settings\anthony\brdgInst.bat
2005-09-03 22:52 1,313 a------- c:\documents and settings\anthony\file1.exe
2008-04-14 03:33 65,024 a--sh--- c:\windows\system32\asycfilt.dll
2008-04-14 03:33 617,472 a--sh--- c:\windows\system32\comctl32.dll
2008-04-14 03:33 1,028,096 a--sh--- c:\windows\system32\mfc42.dll
2004-08-05 13:00 57,344 a--sh--- c:\windows\system32\mfc42loc.dll
2008-04-14 03:33 413,696 a--sh--- c:\windows\system32\msvcp60.dll
2008-04-14 03:33 343,040 a--sh--- c:\windows\system32\msvcrt.dll
2004-08-05 13:00 253,952 a--sh--- c:\windows\system32\msvcrt20.dll
2008-04-14 03:33 551,936 a--sh--- c:\windows\system32\oleaut32.dll
2008-04-14 03:33 84,992 a--sh--- c:\windows\system32\olepro32.dll
2008-04-14 03:33 30,749 a--sh--- c:\windows\system32\vbajet32.dll
2000-04-26 13:34 368,912 a--sh--- c:\windows\system32\VBAR332.DLL

============= FINISH: 15:43:56,21 ===============


voila les deux rapports.

Logfile of random's system information tool 1.04 (written by random/random)
Run by Anthony at 2008-12-07 17:21:44
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 52 GB (44%) free of 119 GB
Total RAM: 1023 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:21:55, on 07/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Sécurité\FSAUA\program\fsus.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\WINDOWS\ZSSnp211.exe
C:\WINDOWS\Domino.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Anthony\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Anthony.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.carrefour.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.cegetel.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msiexec.exe] msiconf.exe
O4 - HKCU\..\RunOnce: [gi819766163] "C:\DOCUME~1\Anthony\LOCALS~1\Temp\gi44PIO5.exe" /resume:"C:\DOCUME~1\Anthony\LOCALS~1\Temp\2H44PI6F" /exename:"C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe"
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.carrefour.fr/
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 7743015284
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{90EFEA42-6472-4424-8CEF-722F7CFCFB95}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: UpdateNf - C:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Unknown owner - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 10501 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Scheduled scanning task.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
EoBho Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-10-11 753664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-16 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2005-05-04 191096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-10-11 753664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"=C:\Program Files\Pack Sécurité\Common\FSM32.EXE [2007-05-28 183208]
"F-Secure TNB"=C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe [2007-05-28 740208]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-09-29 4603904]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-01-31 385024]
"ZSSnp211"=C:\WINDOWS\ZSSnp211.exe [2007-04-06 57344]
"Domino"=C:\WINDOWS\Domino.exe [2006-08-18 49152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2004-07-26 1867776]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-17 68856]
"WOOKIT"=C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
"msiexec.exe"=msiconf.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"gi819766163"=C:\DOCUME~1\Anthony\LOCALS~1\Temp\gi44PIO5.exe /resume:C:\DOCUME~1\Anthony\LOCALS~1\Temp\2H44PI6F /exename:C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\UpdateNf]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"AllowLegacyWebView"=
"AllowUnhashedWebView"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe"="C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner"
"D:\mes documents\Anthony\logiciel\jeux\Dawn of War\W40k.exe"="D:\mes documents\Anthony\logiciel\jeux\Dawn of War\W40k.exe:*:Enabled:W40K"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe"="C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe:*:Enabled:AceFTP v3"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2008-12-07 17:21:44 ----D---- C:\rsit
2008-12-07 15:33:19 ----D---- C:\Documents and Settings\Anthony\Application Data\WinRAR
2008-12-07 15:16:21 ----D---- C:\WINDOWS\ERUNT
2008-12-07 15:12:17 ----D---- C:\SDFix
2008-12-07 15:00:59 ----D---- C:\Program Files\Exterminate It!
2008-12-07 13:16:19 ----A---- C:\WINDOWS\gmer.ini
2008-12-07 13:16:17 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-12-07 13:16:17 ----A---- C:\WINDOWS\gmer.exe
2008-12-07 13:16:17 ----A---- C:\WINDOWS\gmer.dll
2008-12-07 13:09:36 ----A---- C:\TB.txt
2008-12-07 13:09:00 ----D---- C:\ToolBar SD
2008-12-07 12:34:06 ----D---- C:\Program Files\Trend Micro
2008-12-07 11:30:54 ----HD---- C:\WINDOWS\$NtUninstallKB950762-v3$
2008-12-07 11:30:53 ----A---- C:\WINDOWS\system32\updatenf.dll
2008-12-07 11:30:53 ----A---- C:\WINDOWS\system32\api32.dll
2008-12-07 09:51:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-07 09:51:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-06 11:37:37 ----D---- C:\WINDOWS\Prefetch
2008-12-06 10:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-06 10:03:04 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-06 10:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-06 10:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-06 10:02:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-06 10:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-12-06 10:02:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-06 10:01:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-06 10:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-12-06 10:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-06 10:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-06 10:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-06 10:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-06 10:00:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-06 10:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-12-06 10:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-06 10:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-06 10:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-06 10:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-12-06 09:59:56 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-06 09:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-06 09:55:35 ----D---- C:\WINDOWS\l2schemas
2008-12-06 09:55:33 ----D---- C:\WINDOWS\system32\fr
2008-12-06 09:55:28 ----D---- C:\WINDOWS\system32\bits
2008-12-06 09:44:31 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-06 09:33:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-06 09:33:24 ----D---- C:\WINDOWS\EHome
2008-11-29 20:59:50 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2008-11-29 20:59:32 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2008-11-29 20:55:39 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2008-11-29 20:55:39 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2008-11-29 20:51:08 ----D---- C:\Program Files\MSXML 6.0
2008-11-12 20:01:58 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2008-11-12 20:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

======List of files/folders modified in the last 1 months======

2008-12-07 17:21:48 ----D---- C:\WINDOWS\TEMP
2008-12-07 15:42:01 ----D---- C:\Program Files\Mozilla Firefox
2008-12-07 15:33:57 ----RD---- C:\Program Files
2008-12-07 15:33:18 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-07 15:29:36 ----A---- C:\WINDOWS\ModemLog_Modem standard GSM.txt
2008-12-07 15:29:31 ----A---- C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt
2008-12-07 15:27:41 ----D---- C:\WINDOWS\system32
2008-12-07 15:21:54 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-07 15:21:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-07 15:16:21 ----D---- C:\WINDOWS
2008-12-07 15:13:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-07 13:16:17 ----D---- C:\WINDOWS\system32\drivers
2008-12-07 11:56:01 ----D---- C:\Program Files\LimeWire
2008-12-07 10:45:59 ----HD---- C:\WINDOWS\inf
2008-12-07 10:15:32 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-07 10:00:27 ----D---- C:\Program Files\Wanadoo
2008-12-07 09:51:38 ----A---- C:\WINDOWS\imsins.BAK
2008-12-07 08:42:38 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-07 08:39:15 ----SHD---- C:\Config.Msi
2008-12-06 16:02:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-06 11:41:19 ----SHD---- C:\WINDOWS\Installer
2008-12-06 11:40:04 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-06 11:38:24 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-06 11:37:40 ----A---- C:\WINDOWS\setuplog.txt
2008-12-06 11:37:11 ----D---- C:\WINDOWS\system32\Setup
2008-12-06 11:37:11 ----D---- C:\WINDOWS\AppPatch
2008-12-06 11:37:10 ----D---- C:\WINDOWS\system32\wbem
2008-12-06 11:37:09 ----RSD---- C:\WINDOWS\Fonts
2008-12-06 11:36:16 ----D---- C:\WINDOWS\security
2008-12-06 09:59:58 ----D---- C:\Program Files\Messenger
2008-12-06 09:56:25 ----D---- C:\WINDOWS\WinSxS
2008-12-06 09:56:11 ----D---- C:\WINDOWS\network diagnostic
2008-12-06 09:56:11 ----D---- C:\WINDOWS\ime
2008-12-06 09:56:10 ----D---- C:\WINDOWS\Help
2008-12-06 09:55:37 ----D---- C:\WINDOWS\system32\usmt
2008-12-06 09:55:37 ----D---- C:\WINDOWS\system32\fr-fr
2008-12-06 09:55:35 ----D---- C:\Program Files\Internet Explorer
2008-12-06 09:55:28 ----D---- C:\WINDOWS\PeerNet
2008-12-06 09:55:26 ----D---- C:\Program Files\Movie Maker
2008-12-06 09:44:23 ----D---- C:\WINDOWS\system32\Restore
2008-12-06 09:44:23 ----D---- C:\WINDOWS\system32\npp
2008-12-06 09:44:21 ----D---- C:\WINDOWS\msagent
2008-12-06 09:44:19 ----D---- C:\WINDOWS\srchasst
2008-12-06 09:44:16 ----D---- C:\Program Files\NetMeeting
2008-12-06 09:44:14 ----D---- C:\WINDOWS\system32\Com
2008-12-06 09:44:11 ----D---- C:\Program Files\Windows NT
2008-12-06 09:44:11 ----D---- C:\Program Files\Windows Media Player
2008-12-06 09:44:10 ----D---- C:\Program Files\Outlook Express
2008-12-06 09:44:07 ----D---- C:\Program Files\Fichiers communs\System
2008-12-06 09:43:49 ----D---- C:\WINDOWS\system32\oobe
2008-12-06 09:43:46 ----D---- C:\WINDOWS\system
2008-12-06 09:39:08 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-30 13:27:54 ----D---- C:\Program Files\eMule
2008-11-29 21:16:06 ----D---- C:\WINDOWS\Minidump
2008-11-29 20:58:24 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia
2008-11-29 20:55:54 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2008-11-29 20:55:45 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-29 20:55:05 ----D---- C:\Program Files\Nokia
2008-11-29 20:49:41 ----D---- C:\Program Files\Fichiers communs\Nokia
2008-11-23 18:55:26 ----A---- C:\WINDOWS\FA123.INI
2008-11-23 11:58:15 ----D---- C:\FA-123
2008-11-18 18:33:59 ----D---- C:\WINDOWS\system32\FxsTmp
2008-11-16 15:19:39 ----D---- C:\Documents and Settings\Anthony\Application Data\AdobeUM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-08-25 2432]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-08-25 2560]
R1 F-Secure HIPS;F-Secure HIPS; \??\C:\Program Files\Pack Sécurité\HIPS\fshs.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-01-20 31644]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-12-30 21275]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R2 U3SHLPDR;U3SHLPDR; \??\C:\WINDOWS\System32\Drivers\U3SHLPDR.SYS []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2003-09-29 22912]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
R3 Cap7134;MEDION (7134) WDM Video Capture; C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 350752]
R3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS []
R3 catchme;catchme; \??\C:\DOCUME~1\Anthony\LOCALS~1\Temp\catchme.sys []
R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2004-10-01 1272000]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2003-03-28 3840]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\Pack Sécurité\Anti-Virus\minifilter\fsgk.sys []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2004-10-14 28352]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-09-29 2744640]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3; C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 24704]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
R3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-05-04 380928]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DCamUSBPremier;Premier USB Video Camera; C:\WINDOWS\System32\Drivers\mpixvid.sys [2004-06-29 81633]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-23 223128]
S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-12-07 85969]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2006-04-23 10345]
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 SDVC04;USB DVC Service; C:\WINDOWS\System32\Drivers\SDVC04.sys [2003-05-22 42413]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TIEHDUSB;TIEHDUSB; C:\WINDOWS\system32\drivers\tiehdusb.sys [2004-02-04 49536]
S3 U2SP;USB to Serial Converter Driver(Philips); C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys [2003-05-14 23948]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM); C:\WINDOWS\system32\DRIVERS\v800bus.sys [2004-08-09 52416]
S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\v800mdfl.sys [2004-08-09 6160]
S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\v800mdm.sys [2004-08-09 84544]
S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\v800mgmt.sys [2004-08-09 77760]
S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\v800obex.sys [2004-08-09 75584]
S3 VendorJoystickEnabler;XCtrl XBOX Control HID Minidriver r1; C:\WINDOWS\System32\Drivers\xctrl.sys [2002-12-05 16834]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S3 X10UIF;%DESCRIPTION%; C:\WINDOWS\System32\Drivers\x10uif.sys [2001-11-14 10761]
S3 XBCD;XBCD Kernel Module; C:\WINDOWS\System32\Drivers\xbcd.sys [2004-02-11 17700]
S3 xbreader;ActionReplay XBox Driver (xbreader.sys); C:\WINDOWS\System32\Drivers\xbreader.sys [2001-01-02 19677]
S3 ZSMC211;ZSMC USB PC Camera (ZS0211); C:\WINDOWS\System32\Drivers\ZS211.sys [2007-08-03 1470592]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\Pack Sécurité\Anti-Virus\Win2K\FSfilter.sys []
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\Pack Sécurité\Anti-Virus\Win2K\FSrec.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]
R2 CA_LIC_CLNT;CA License Client; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2003-10-12 143360]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2005-05-23 221281]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2005-05-23 110687]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-23 61440]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe [2007-05-28 48072]
R2 FSMA;FSMA; C:\Program Files\Pack Sécurité\Common\FSMA32.EXE [2007-05-28 113576]
R2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2007-03-15 535807]
R2 LogWatch;Event Log Watch; C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-09-29 127043]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe [2007-05-28 457584]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe [2007-05-28 453488]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2006-10-15 77944]
S3 CA_LIC_SRVR;CA License Server; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 SandraDataSrv;Sandra Data Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe [2006-05-05 117288]
S3 SandraTheSrv;Sandra Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe [2006-05-05 1120808]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]

-----------------EOF-----------------



info.txt logfile of random's system information tool 1.04 2008-12-07 17:21:59

======Uninstall list======

-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
-->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3D Home Architect Home Design Deluxe 6-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D781A6EC-12AC-4993-BF13-B4CF12F1F20C}
ABC (remove only)-->C:\Program Files\ABC\Uninstall.exe
ActionReplay Xbox-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Datel\ActionReplay Xbox\Uninst.isu"
Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Photoshop 7.0.1-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 6.0.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A00000000001}
Adobe® Flash® Media Encoder-->MsiExec.exe /I{C6FCE47C-70E0-4480-BC2B-28DF47D4494C}
Advanced Archive Password Recovery (remove only)-->C:\Program Files\ElcomSoft\ARCHPR\uninstall.exe
Age of Empires III-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{485775E8-AEB8-46BD-922B-242879E03DD5}
Agere Systems PCI Soft Modem-->agrsmdel
AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Apple Mobile Device Support-->MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Audacity 1.2.4-->"C:\Program Files\Audacity\unins000.exe"
AutoCAD 2006 - Français-->MsiExec.exe /I{5783F2D7-4001-040C-0002-0060B0CE6BBA}
Autodesk DWF Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove
Azureus-->C:\Program Files\Azureus\Uninstall.exe
Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x40c -removeonly
Broderbund Home Design 5.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A4D17B9E-1DE6-47FE-9AA2-A4D26AECD8AF}
CASIO Add-in Installer-->C:\WINDOWS\uninst.exe -f"C:\Program Files\CASIO\Add-in Installer\DeIsL2.isu" -cC:\PROGRA~1\CASIO\ADD-IN~1\_ISREG32.DLL
CloneCD-->"C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Program Files\SlySoft\CloneCD"
CloneDVD-->"C:\Program Files\Elaborate Bytes\CloneDVD\CloneDVD-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD"
C-Media High Definition Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
ContextTool-->C:\Program Files\ContextTool\uninstall.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Creatix V.92 Data Fax Modem-->agrsmdel
DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
Deer Hunter 2004 - Legendary Hunting-->"C:\Program Files\Atari\Deer Hunter 2004\unins000.exe"
Digital Camera Driver-->C:\PROGRA~1\DIGITA~1\UNWISE.EXE C:\PROGRA~1\DIGITA~1\INSTALL.LOG
Ecran de veille AOL Photos-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
Elaborate Bytes Locale Editor-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Elaborate Bytes\Locale Editor\Uninst.isu"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}\SETUP.EXE" -l0x40c UNINST
EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST
EPSON Image Clip Palette-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{314F6D08-A8B7-11D8-8446-0050BA1D384D}\Setup.exe" -l0x40c -u
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall
Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Exterminate It!-->C:\Program Files\Exterminate It!\ExterminateIt_Uninst.exe
EZface ActiveX 207-->C:\PROGRA~1\EZFace\ActiveX\uninst.bat 207 C:\PROGRA~1\EZFace\ActiveX
FileZilla Client 3.0.8.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Flash to Video Encoder-->"C:\Program Files\GeoVid\Flash to Video Encoder\unins000.exe"
Flash100 1.31-->C:\Program Files\Flash100\uninst.exe
FlashFXP v3-->"C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u
F-Secure Anti-Virus 2007-->"C:\Program Files\Pack Sécurité\FSGUI\PostInstall.exe" /tUnInstall
FTP Expert 3-->"C:\Program Files\Visicom Media\FTP Expert 3\uninst-ftp.exe"
Fx-Interface 1.9.6-->"C:\Program Files\CASIO\Fx-Interface\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Video Player-->"C:\Program Files\Google\Google Video Player\Uninstall.exe"
GTA San Andreas-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c -removeonly
Hamachi 0.9.9.9-->C:\Program Files\Hamachi\uninstall.exe
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Documents and Settings\Anthony\Bureau\HijackThis.exe" /uninstall
Home Cinema-->"C:\Program Files\Uninstall_PCM.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
i-minitel ADSL-->C:\PROGRA~1\MINITE~1\UNWISE.EXE C:\PROGRA~1\MINITE~1\INSTALL.LOG
Information sur votre PC-->MsiExec.exe /I{36D6F663-DF15-45BD-B0C6-4B909308E3B6}
iPhoto Plus 4-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\iPhoto Plus 4\DeIsL1.isu"
J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire PRO 4.12.3-->"C:\Program Files\LimeWire\uninstall.exe"
Ma-Config.com plugin-->MsiExec.exe /I{6F06A42D-525C-49ED-8622-E16790956CD8}
Macromedia Dreamweaver 8-->MsiExec.exe /I{5FD788ED-1A37-4496-9BDD-463F493B27FA}
Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Macromedia HomeSite+-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D3562E7-C795-4B5D-A091-6DAA3FF0DF3B}\Setup.exe"
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Medion Flash XL 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA1CB7AC-E221-4822-A789-0ADB051DC498}\Setup.exe" -l0x9 -wUninst
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Micro Application - Architecte 3D 2001-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Architecte 3D 2001\446894.isu"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Age of Empires II-->"C:\Program Files\Microsoft Games\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional-->MsiExec.exe /I{9211040C-6000-11D3-8CFE-0050048383C9}
Microsoft Picture It! Express 2001-->MsiExec.exe /I{FB10FE1A-9906-44A1-B8AB-B70B19FEAB58}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Multimedia Keyboard Driver Ver1.0 (KB-0108)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF262740-C85A-11D5-BBEC-00D0B740900A}\Setup.exe"
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x40c -uninst
MyPhoneExplorer-->C:\Program Files\MyPhoneExplorer\uninstall.exe
Nero Suite-->C:\Program Files\Fichiers communs\Ahead\Uninstall\setup.exe /uninstall
NFS Underground-->C:\Program Files\EA GAMES\NFS Underground\EAUninstall.exe
Nokia Connectivity Cable Driver-->MsiExec.exe /X{CBDE9C7D-CF52-4558-B23E-B66359CB586A}
Nokia Flashing Cable Driver-->MsiExec.exe /X{2A0A6470-FD0F-4F45-9B11-85F3167DB943}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Nokia_PC_Suite_6_84_10_3_fre_web.exe
Nokia PC Suite-->MsiExec.exe /I{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}
Nokia Software Updater-->MsiExec.exe /X{0332234E-09D1-4B74-A5F3-73E34BA29F5B}
Nokia Video Manager-->"C:\Documents and Settings\All Users\Application Data\Installations\{B4F13167-DC71-4bda-B149-0396C63DF63B}\NokiaVideoManager_1_5_20(2).exe" /MAINTENANCE /SILENT="SGWLRPFCE" /LANG="1036" /O=";EXTUNINSTALL=1"
Nokia Video Manager-->MsiExec.exe /I{B4F13167-DC71-4BDA-B149-0396C63DF63B}
Non-admin TD driver Uninstallation-->C:\WINDOWS\ImationFlashManagerDriver-Setup.exe /U
Nosferatu-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5619E54-805A-4627-8E81-5F8712E7F7E9}\Setup.exe" -l0x40c
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Package de pilotes Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_044C8712DB44F83D9DE6C376991EE9254E0A69E4\pccswpddriver.inf
Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
Package de pilotes Windows - Nokia Modem (05/24/2007 6.84.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
PANZERS - Phase1-->C:\PROGRA~1\PANZER~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\PANZER~1\UNINST~1\INSTALL.LOG
Patch FR Messenger 8.0.0328-->C:\Program Files\MSN Messenger\Uninstal.exe
PC Connectivity Solution-->MsiExec.exe /I{99A40651-0BC2-4095-8F9A-A40FAB224FEF}
PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
PDF Editeur 2-->C:\WINDOWS\cadkasdeinst01f.exe "C:\Program Files\PDF Editeur 2"
PDF Editor 2-->C:\WINDOWS\cadkasdeinst01e.exe "C:\Program Files\PDF Editor 2"
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
PDF-to-Word 2.5 Demo-->C:\PROGRA~1\BLUESQ~1\demos\UNWISE.EXE /U C:\PROGRA~1\BLUESQ~1\demos\pdf2word.log
Permis de construire Expert CAD-->"C:\Program Files\Anuman Interactive\Permis de construire Expert CAD\unins000.exe"
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PIF DESIGNER-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x40c anything
PowerCinema 4.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" -uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
Ralink Wireless LAN Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAB1F336-1B7C-4057-A7BC-2922CD82A781}\setup.exe" -l0x9 -removeonly
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RETScreen Version 4-->MsiExec.exe /I{E9021599-1E2A-4027-A1CC-40E42A08603C}
RETScreen-->MsiExec.exe /X{FEA36347-ADBE-423F-A1B2-74A3C3BCE15E}
Roxio PhotoSuite 5-->MsiExec.exe /I{607CE53B-0999-4F3B-8FF1-DB1AA47548A8}
Samsung Camcorder USB-D04 Capture Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A94AAFAF-9FBA-43F9-A79C-70AC38761811}\Setup.exe" -l0x9 customuninstall
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung DVC Media 6.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01DEE483-F613-4CB0-BC48-93AA2C1AD12F}\setup.exe" -l0x40c
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
SCM de BigCoincoin 1.3-->"C:\Program Files\SCM de BigCoincoin\uninstall.exe"
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\INSTALL.LOG
SiSoftware Sandra Lite 2007 (Win64/32/CE)-->"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\unins000.exe"
Sony Ericsson File Manager-->MsiExec.exe /X{60E5B847-2353-4AE3-829E-685937EDDC40}
Sony Ericsson Image Editor-->MsiExec.exe /X{4FB0FB47-8F1D-4339-8BE9-39819362AE05}
Sony Ericsson MMS Backup Manager-->MsiExec.exe /X{01587449-5BFC-4A22-B0BC-7041CA504990}
Sony Ericsson MMS Home Studio-->MsiExec.exe /X{83E9FDFD-B4E9-4FB7-A767-8339664CDE96}
Sony Ericsson Mobile Networking Wizard-->MsiExec.exe /X{4588138D-4194-41F9-BAD7-8CB886C9AD4F}
Sony Ericsson Sound Editor-->MsiExec.exe /X{8DD641C2-FFEC-4AED-A339-88BACFC60C39}
Sony Ericsson Sync Station-->MsiExec.exe /X{F2CE6BD0-54CD-4A53-BBB5-409D74B28EDD}
Sony Ericsson Themes Creator 1.71-->C:\Program Files\Sony Ericsson\Themes Creator\Uninstall.exe
Sony Ericsson Update Service-->"C:\Program Files\Sony Ericsson\Update Service\Uninstall Service de Mise à Jour Sony Ericsson.exe"
SpellForce-->C:\PROGRA~1\JoWooD\SPELLF~1\unwise.exe C:\PROGRA~1\JoWooD\SPELLF~1\install.log
SWF Video Converter 3.0 (build 3.0.18.56)-->"C:\Program Files\Eltima Software\SWF Video Converter\unins000.exe"
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
TextBridge Classic-->"C:\PROGRA~1\TEXTBR~1\bin\setup.exe" -funinstal.ins
TI Connect 1.5-->MsiExec.exe /I{A8B94669-8654-4126-BD28-D0D2412CDED6}
TI NoteFolio Creator 1.0-->C:\PROGRA~1\TIEDUC~1\TINOTE~1\UNWISE.EXE C:\PROGRA~1\TIEDUC~1\TINOTE~1\INSTALL.LOG
TI StudyCards Creator 2.0-->C:\PROGRA~1\TIEDUC~1\TISTUD~1\UNWISE.EXE C:\PROGRA~1\TIEDUC~1\TISTUD~1\INSTALL.LOG
TImeSpan Creator 1.0-->C:\PROGRA~1\TIEDUC~1\TIMESP~1\UNWISE.EXE C:\PROGRA~1\TIEDUC~1\TIMESP~1\INSTALL.LOG
TomTom HOME-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TopStyle Lite (Version 3.0)-->C:\WINDOWS\unlite3.exe "C:\Program Files\Bradbury\TopStyle3"
TYPSoft FTP Server-->"C:\TYPSoft FTP Server\unins000.exe"
Ultimate ZIP Cracker Trial version-->C:\Program Files\UZC Trial\UZC.EXE /uninstall
Update Service-->"C:\Documents and Settings\Anthony\Bureau\Uninstall Update Service\Uninstall Update Service.exe"
Utilitaire de sauvegarde Windows-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
WildTangent Web Driver-->C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows Driver Package - SafeNet, Inc. (SNTNLUSB) USB (03/09/2006 7.3.0.0)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\sntnlusb_9A62A041D7FB7541888119E83EC5EB90C7FD7B01\sntnlusb.inf
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Safety Scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wolfenstein - Enemy Territory-->C:\PROGRA~1\WOLFEN~1\Uninstall\Unwise.exe /u C:\PROGRA~1\WOLFEN~1\Uninstall\Install.log
X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
ZSMC USB PC Camera (ZS0211)-->C:\Program Files\InstallShield Installation Information\{44D02D8B-FFB3-4245-8D26-68D10B4C4023}\setup.exe -runfromtemp -l0x040c -removeonly

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: F-Secure Anti-Virus 2007 7.02

======Envir

========== PROCESSES ==========
Process explorer.exe killed successfully.
Unable to kill process: C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe
Unable to kill process: C:\DOCUME~1\Anthony\LOCALS~1\Temp\gi44PIO5.exe
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\AVPF61.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\AVPF62.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\nvcbin.def.93FA4FCC.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12072008_195755

Files moved on Reboot...
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\WINDOWS\temp\AVPF61.tmp moved successfully.
C:\WINDOWS\temp\AVPF62.tmp moved successfully.
File move failed. C:\WINDOWS\temp\nvcbin.def.93FA4FCC.TMP scheduled to be moved on reboot.



Logfile of random's system information tool 1.04 (written by random/random)
Run by Anthony at 2008-12-07 20:06:35
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 55 GB (46%) free of 119 GB
Total RAM: 1023 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06:46, on 07/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe
C:\Program Files\Pack Sécurité\FSAUA\program\fsus.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\WINDOWS\ZSSnp211.exe
C:\WINDOWS\Domino.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Anthony\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Anthony.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.carrefour.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.cegetel.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.carrefour.fr/
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 7743015284
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{90EFEA42-6472-4424-8CEF-722F7CFCFB95}: NameServer = 80.10.246.130 81.253.149.10
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: UpdateNf - C:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Unknown owner - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 9990 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Scheduled scanning task.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-10-11 753664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-16 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2005-05-04 191096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-10-11 753664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"=C:\Program Files\Pack Sécurité\Common\FSM32.EXE [2007-05-28 183208]
"F-Secure TNB"=C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe [2007-05-28 740208]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-09-29 4603904]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-01-31 385024]
"ZSSnp211"=C:\WINDOWS\ZSSnp211.exe [2007-04-06 57344]
"Domino"=C:\WINDOWS\Domino.exe [2006-08-18 49152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2004-07-26 1867776]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-17 68856]
"WOOKIT"=C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\UpdateNf]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"AllowLegacyWebView"=
"AllowUnhashedWebView"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe"="C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner"
"D:\mes documents\Anthony\logiciel\jeux\Dawn of War\W40k.exe"="D:\mes documents\Anthony\logiciel\jeux\Dawn of War\W40k.exe:*:Enabled:W40K"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe"="C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe:*:Enabled:AceFTP v3"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2008-12-07 19:57:55 ----D---- C:\_OTMoveIt
2008-12-07 17:21:44 ----D---- C:\rsit
2008-12-07 15:33:19 ----D---- C:\Documents and Settings\Anthony\Application Data\WinRAR
2008-12-07 15:16:21 ----D---- C:\WINDOWS\ERUNT
2008-12-07 15:12:17 ----D---- C:\SDFix
2008-12-07 15:00:59 ----D---- C:\Program Files\Exterminate It!
2008-12-07 13:16:19 ----A---- C:\WINDOWS\gmer.ini
2008-12-07 13:16:17 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-12-07 13:16:17 ----A---- C:\WINDOWS\gmer.exe
2008-12-07 13:16:17 ----A---- C:\WINDOWS\gmer.dll
2008-12-07 13:09:36 ----A---- C:\TB.txt
2008-12-07 13:09:00 ----D---- C:\ToolBar SD
2008-12-07 12:34:06 ----D---- C:\Program Files\Trend Micro
2008-12-07 11:30:54 ----HD---- C:\WINDOWS\$NtUninstallKB950762-v3$
2008-12-07 11:30:53 ----A---- C:\WINDOWS\system32\updatenf.dll
2008-12-07 11:30:53 ----A---- C:\WINDOWS\system32\api32.dll
2008-12-07 09:51:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-07 09:51:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-06 11:37:37 ----D---- C:\WINDOWS\Prefetch
2008-12-06 10:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-06 10:03:04 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-06 10:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-06 10:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-06 10:02:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-06 10:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-12-06 10:02:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-06 10:01:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-06 10:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-12-06 10:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-06 10:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-06 10:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-06 10:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-06 10:00:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-06 10:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-12-06 10:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-06 10:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-06 10:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-06 10:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-12-06 09:59:56 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-06 09:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-06 09:55:35 ----D---- C:\WINDOWS\l2schemas
2008-12-06 09:55:33 ----D---- C:\WINDOWS\system32\fr
2008-12-06 09:55:28 ----D---- C:\WINDOWS\system32\bits
2008-12-06 09:44:31 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-06 09:33:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-06 09:33:24 ----D---- C:\WINDOWS\EHome
2008-11-29 20:59:50 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2008-11-29 20:59:32 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2008-11-29 20:55:39 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2008-11-29 20:55:39 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2008-11-29 20:51:08 ----D---- C:\Program Files\MSXML 6.0
2008-11-12 20:01:58 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2008-11-12 20:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

======List of files/folders modified in the last 1 months======

2008-12-07 20:06:45 ----D---- C:\WINDOWS\TEMP
2008-12-07 20:04:38 ----D---- C:\Program Files\Mozilla Firefox
2008-12-07 20:02:18 ----A---- C:\WINDOWS\ModemLog_Modem standard GSM.txt
2008-12-07 20:02:13 ----A---- C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt
2008-12-07 20:00:47 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-07 18:02:02 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-07 15:33:57 ----RD---- C:\Program Files
2008-12-07 15:33:18 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-07 15:27:41 ----D---- C:\WINDOWS\system32
2008-12-07 15:21:54 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-07 15:21:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-07 15:16:21 ----D---- C:\WINDOWS
2008-12-07 13:16:17 ----D---- C:\WINDOWS\system32\drivers
2008-12-07 11:56:01 ----D---- C:\Program Files\LimeWire
2008-12-07 10:45:59 ----HD---- C:\WINDOWS\inf
2008-12-07 10:00:27 ----D---- C:\Program Files\Wanadoo
2008-12-07 09:51:38 ----A---- C:\WINDOWS\imsins.BAK
2008-12-07 08:42:38 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-07 08:39:15 ----SHD---- C:\Config.Msi
2008-12-06 16:02:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-06 11:41:19 ----SHD---- C:\WINDOWS\Installer
2008-12-06 11:40:04 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-06 11:38:24 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-06 11:37:40 ----A---- C:\WINDOWS\setuplog.txt
2008-12-06 11:37:11 ----D---- C:\WINDOWS\system32\Setup
2008-12-06 11:37:11 ----D---- C:\WINDOWS\AppPatch
2008-12-06 11:37:10 ----D---- C:\WINDOWS\system32\wbem
2008-12-06 11:37:09 ----RSD---- C:\WINDOWS\Fonts
2008-12-06 11:36:16 ----D---- C:\WINDOWS\security
2008-12-06 09:59:58 ----D---- C:\Program Files\Messenger
2008-12-06 09:56:25 ----D---- C:\WINDOWS\WinSxS
2008-12-06 09:56:11 ----D---- C:\WINDOWS\network diagnostic
2008-12-06 09:56:11 ----D---- C:\WINDOWS\ime
2008-12-06 09:56:10 ----D---- C:\WINDOWS\Help
2008-12-06 09:55:37 ----D---- C:\WINDOWS\system32\usmt
2008-12-06 09:55:37 ----D---- C:\WINDOWS\system32\fr-fr
2008-12-06 09:55:35 ----D---- C:\Program Files\Internet Explorer
2008-12-06 09:55:28 ----D---- C:\WINDOWS\PeerNet
2008-12-06 09:55:26 ----D---- C:\Program Files\Movie Maker
2008-12-06 09:44:23 ----D---- C:\WINDOWS\system32\Restore
2008-12-06 09:44:23 ----D---- C:\WINDOWS\system32\npp
2008-12-06 09:44:21 ----D---- C:\WINDOWS\msagent
2008-12-06 09:44:19 ----D---- C:\WINDOWS\srchasst
2008-12-06 09:44:16 ----D---- C:\Program Files\NetMeeting
2008-12-06 09:44:14 ----D---- C:\WINDOWS\system32\Com
2008-12-06 09:44:11 ----D---- C:\Program Files\Windows NT
2008-12-06 09:44:11 ----D---- C:\Program Files\Windows Media Player
2008-12-06 09:44:10 ----D---- C:\Program Files\Outlook Express
2008-12-06 09:44:07 ----D---- C:\Program Files\Fichiers communs\System
2008-12-06 09:43:49 ----D---- C:\WINDOWS\system32\oobe
2008-12-06 09:43:46 ----D---- C:\WINDOWS\system
2008-12-06 09:39:08 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-30 13:27:54 ----D---- C:\Program Files\eMule
2008-11-29 21:16:06 ----D---- C:\WINDOWS\Minidump
2008-11-29 20:58:24 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia
2008-11-29 20:55:54 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2008-11-29 20:55:45 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-29 20:55:05 ----D---- C:\Program Files\Nokia
2008-11-29 20:49:41 ----D---- C:\Program Files\Fichiers communs\Nokia
2008-11-23 18:55:26 ----A---- C:\WINDOWS\FA123.INI
2008-11-23 11:58:15 ----D---- C:\FA-123
2008-11-18 18:33:59 ----D---- C:\WINDOWS\system32\FxsTmp
2008-11-16 15:19:39 ----D---- C:\Documents and Settings\Anthony\Application Data\AdobeUM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-08-25 2432]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-08-25 2560]
R1 F-Secure HIPS;F-Secure HIPS; \??\C:\Program Files\Pack Sécurité\HIPS\fshs.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-01-20 31644]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-12-30 21275]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R2 U3SHLPDR;U3SHLPDR; \??\C:\WINDOWS\System32\Drivers\U3SHLPDR.SYS []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2003-09-29 22912]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
R3 Cap7134;MEDION (7134) WDM Video Capture; C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 350752]
R3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS []
R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2004-10-01 1272000]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2003-03-28 3840]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\Pack Sécurité\Anti-Virus\minifilter\fsgk.sys []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2004-10-14 28352]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-09-29 2744640]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3; C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 24704]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
R3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-05-04 380928]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 catchme;catchme; \??\C:\DOCUME~1\Anthony\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DCamUSBPremier;Premier USB Video Camera; C:\WINDOWS\System32\Drivers\mpixvid.sys [2004-06-29 81633]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-23 223128]
S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-12-07 85969]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2006-04-23 10345]
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 SDVC04;USB DVC Service; C:\WINDOWS\System32\Drivers\SDVC04.sys [2003-05-22 42413]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TIEHDUSB;TIEHDUSB; C:\WINDOWS\system32\drivers\tiehdusb.sys [2004-02-04 49536]
S3 U2SP;USB to Serial Converter Driver(Philips); C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys [2003-05-14 23948]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM); C:\WINDOWS\system32\DRIVERS\v800bus.sys [2004-08-09 52416]
S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\v800mdfl.sys [2004-08-09 6160]
S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\v800mdm.sys [2004-08-09 84544]
S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\v800mgmt.sys [2004-08-09 77760]
S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\v800obex.sys [2004-08-09 75584]
S3 VendorJoystickEnabler;XCtrl XBOX Control HID Minidriver r1; C:\WINDOWS\System32\Drivers\xctrl.sys [2002-12-05 16834]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S3 X10UIF;%DESCRIPTION%; C:\WINDOWS\System32\Drivers\x10uif.sys [2001-11-14 10761]
S3 XBCD;XBCD Kernel Module; C:\WINDOWS\System32\Drivers\xbcd.sys [2004-02-11 17700]
S3 xbreader;ActionReplay XBox Driver (xbreader.sys); C:\WINDOWS\System32\Drivers\xbreader.sys [2001-01-02 19677]
S3 ZSMC211;ZSMC USB PC Camera (ZS0211); C:\WINDOWS\System32\Drivers\ZS211.sys [2007-08-03 1470592]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\Pack Sécurité\Anti-Virus\Win2K\FSfilter.sys []
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\Pack Sécurité\Anti-Virus\Win2K\FSrec.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]
R2 CA_LIC_CLNT;CA License Client; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2003-10-12 143360]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2005-05-23 221281]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2005-05-23 110687]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-23 61440]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe [2007-05-28 48072]
R2 FSMA;FSMA; C:\Program Files\Pack Sécurité\Common\FSMA32.EXE [2007-05-28 113576]
R2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2007-03-15 535807]
R2 LogWatch;Event Log Watch; C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-09-29 127043]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe [2007-05-28 457584]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe [2007-05-28 453488]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2006-10-15 77944]
S3 CA_LIC_SRVR;CA License Server; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 SandraDataSrv;Sandra Data Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe [2006-05-05 117288]
S3 SandraTheSrv;Sandra Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe [2006-05-05 1120808]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]

-----------------EOF-----------------


voila! alors tu cherche quoi dans tou ça tu peu m'expliquer ou pas?

oui sa me parrait tout bien. merci mais que regarde tu car je m'y connais un peu en informatique et j'aimerais bien comprendre pour pouvoir peut etre agir seul.

-----------\\ ToolBar S&D 1.2.6 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Anthony ( Administrator )
BOOT : Normal boot
Antivirus : F-Secure Anti-Virus 2007 7.02 7.02 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:115 Go (Free:53 Go)
D:\ (Local Disk) - NTFS - Total:113 Go (Free:27 Go)
E:\ (Local Disk) - FAT32 - Total:3 Go (Free:1 Go)
F:\ (CD or DVD)
G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
H:\ (CD or DVD)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (USB)

"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 11/12/2008|13:31 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(Anthony) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Start Page"="http://www.orange.fr"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.carrefour.fr/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.ustart.org"
"Default_Search_URL"="http://www.google.com/ie"


--------------------\\ Recherche d'autres infections



1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2008|13:11 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 11/12/2008|13:32 - Option : [1]

-----------\\ Fin du rapport a 13:32:22,96


voila apres una analyse par malware..... il ma trouver 9 infections, j'ai suivis tes conseils pour les suprimer sa a été tout bien, plus au, il y a le rapport de toolbar-s&d. le probleme est que mon pc est toujour super lent pour ouvrir des pages internet, et que de temps en temps mon anti-virus me trouve un fichier infecter alors qu'il n'y a pas ou peu de trafic sur mon pc (juste surfer et msn). j'ai fais une analyse complete avec mon antivirus (f-secure) et il ne trouve rien d'autre.
je pense qu'il y a encore un truc qui traine.
merci de ton aide