Fenêtres intempestives

Salut,

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit\.

Merci Destrio5 d'avoir répondu si rapidement ! Merci
Voici les rapports :

Logfile of random's system information tool 1.05 (written by random/random)
Run by v.Rosset at 2009-02-22 17:14:20
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 7 GB (19%) free of 39 GB
Total RAM: 1503 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:14:22, on 2009-02-22
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\v.Rosset\Bureau\RSIT.exe
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\v.Rosset.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~1\Flashget\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [mspd] "C:\WINDOWS\system32\mspd.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [KernelFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Enregistreur Vidéo Internet : rechercher des streams vidéo - file://D:\Programmes\scan.vbs
O8 - Extra context menu item: Ouvrir avec Enregistreur Vidéo Internet - file://D:\Programmes\anchor.vbs
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Programmes\Flashget\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Programmes\Flashget\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {B794C572-4E4D-4D4B-A115-25DBEB29EA71} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {DFD9C994-2EF1-4B7F-92B5-98E2D0A7CEB7} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.registrefoncier.gouv.qc.ca/Sirf/Script/14_05...
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTS...
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_0...
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.registrefoncier.gouv.qc.ca/Sirf/Script/14_05...
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15103/CTP...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/VF82C~1.ROS/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg

--
End of file - 10172 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\RegTool Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - D:\PROGRA~1\Flashget\jccatch.dll [2006-05-16 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-02 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-02 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-02 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"mspd"=C:\WINDOWS\system32\mspd.exe [2003-08-27 389632]
"ISUSPM Startup"=c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe [2004-07-27 221184]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep.exe [2008-04-13 10752]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-02 136600]
"SpySweeper"=C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-02-22 509784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cld2000.exe]
C:\Program Files\Calendrier\Cld2000.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MétéoIMédia]
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-15 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\prunnet]
C:\WINDOWS\system32\prunnet.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster 2 d’Uniblue ]
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegTool]
C:\Program Files\RegTool\RegTool.exe -boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-11-21 1687552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-11-27 180269]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherEye]
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2002-08-12 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^v.Rosset^Menu Démarrer^Programmes^Démarrage^Pense-bête.lnk]
C:\PROGRA~1\MINDSC~1\PRINTM~1\PMREMIND.EXE [2006-05-23 2344920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Programmes\VLC\vlc.exe"="D:\Programmes\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programmes\Azureus\Azureus\Azureus.exe"="D:\Programmes\Azureus\Azureus\Azureus.exe:*:Enabled:Azureus"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"D:\Programmes\Azureus\Azureus.exe"="D:\Programmes\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe"="C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:* isabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:* isabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:* isabled:Windows Messenger"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e341aa0-9cb1-11dd-ac7e-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58611ed2-98ae-11dd-ac6a-000ae6896f3f}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95a972c0-d18e-11da-a70f-000ae6896f3f}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22b4960-987f-11dd-ac68-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe


======List of files/folders created in the last 1 months======

2009-02-22 17:14:20 ----D---- C:\rsit
2009-02-22 08:32:22 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-21 20:39:57 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-02-21 18:07:12 ----A---- C:\WINDOWS\system32\capicom.dll
2009-02-21 18:05:43 ----D---- C:\Program Files\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2009-02-21 18:05:43 ----A---- C:\WINDOWS\WRSetup.dll
2009-02-20 19:32:31 ----D---- C:\Program Files\VS Revo Group
2009-02-15 22:43:32 ----D---- C:\Program Files\Learning Essentials
2009-02-15 22:43:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-02-15 22:43:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-02-15 22:43:10 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-02-15 22:43:09 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-02-15 22:43:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-02-15 08:51:47 ----D---- C:\Program Files\Fichiers communs\Skype
2009-02-14 22:25:46 ----D---- C:\Program Files\PowerISO
2009-02-14 11:02:58 ----A---- C:\fixnavi.txt
2009-02-13 22:57:13 ----A---- C:\Program Files\HJTInstall.exe
2009-02-12 15:47:39 ----D---- C:\Malwarebytes' Anti-Malware
2009-02-10 07:50:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware(2)
2009-02-08 19:41:28 ----D---- C:\Documents and Settings\v.Rosset\Application Data\DAEMON Tools Lite
2009-02-08 08:36:32 ----D---- C:\Avenger
2009-02-08 08:36:31 ----A---- C:\avenger.txt
2009-02-07 12:09:09 ----A---- C:\Program Files\Vuze_4.1.0.2_windows.exe
2009-02-06 19:29:52 ----D---- C:\Documents and Settings\v.Rosset\Application Data\RegTool
2009-02-06 15:42:52 ----A---- C:\WINDOWS\Sysvxd.exe
2009-02-06 09:03:23 ----D---- C:\Program Files\WinAVI Video Converter
2009-02-02 15:21:15 ----D---- C:\Program Files\Microsoft Encarta
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Flood Light Games
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\All Users\Application Data\Flood Light Games
2009-01-23 22:14:35 ----D---- C:\Documents and Settings\v.Rosset\Application Data\U3

======List of files/folders modified in the last 1 months======

2009-02-22 16:53:00 ----D---- C:\Program Files\Mozilla Thunderbird
2009-02-22 16:48:25 ----D---- C:\Program Files\Mozilla Firefox
2009-02-22 16:36:55 ----D---- C:\WINDOWS\Prefetch
2009-02-22 16:35:42 ----D---- C:\WINDOWS\Temp
2009-02-22 16:34:11 ----SD---- C:\WINDOWS\Tasks
2009-02-22 16:32:42 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-22 16:32:39 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-22 16:03:27 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-02-22 16:02:19 ----A---- C:\WINDOWS\DVDRegionFree.INI
2009-02-22 12:10:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-22 08:47:37 ----RSH---- C:\boot.ini
2009-02-22 08:47:37 ----AC---- C:\WINDOWS\win.ini
2009-02-22 08:47:37 ----AC---- C:\WINDOWS\system.ini
2009-02-22 08:45:11 ----RD---- C:\Program Files
2009-02-22 08:45:11 ----D---- C:\Program Files\Adobe
2009-02-22 08:44:50 ----D---- C:\Program Files\Free FLV Converter
2009-02-22 08:44:21 ----D---- C:\Program Files\VSO
2009-02-22 08:42:28 ----D---- C:\Program Files\Lavasoft
2009-02-22 08:36:14 ----D---- C:\WINDOWS
2009-02-22 08:34:11 ----D---- C:\WINDOWS\system32\drivers
2009-02-22 08:32:22 ----SHD---- C:\WINDOWS\Installer
2009-02-22 08:32:21 ----D---- C:\Config.Msi
2009-02-22 08:22:25 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Skype
2009-02-22 08:20:18 ----D---- C:\Documents and Settings\v.Rosset\Application Data\skypePM
2009-02-21 21:16:59 ----D---- C:\WINDOWS\system32\DirectX
2009-02-21 21:16:58 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Azureus
2009-02-21 21:16:57 ----RSD---- C:\WINDOWS\assembly
2009-02-21 21:11:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-21 20:41:32 ----HD---- C:\WINDOWS\inf
2009-02-21 20:39:52 ----D---- C:\WINDOWS\WinSxS
2009-02-21 19:14:55 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-21 19:14:55 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Lavasoft
2009-02-21 18:07:12 ----D---- C:\WINDOWS\system32
2009-02-21 15:42:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-18 08:42:46 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Vso
2009-02-16 09:30:18 ----SD---- C:\Documents and Settings\v.Rosset\Application Data\Microsoft
2009-02-15 22:43:15 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-15 08:51:48 ----RD---- C:\Program Files\Skype
2009-02-15 08:51:48 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-02-15 08:51:47 ----D---- C:\Program Files\Fichiers communs
2009-02-12 19:20:18 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-12 19:20:18 ----D---- C:\WINDOWS\Debug
2009-02-11 15:18:38 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 15:18:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-11 15:18:16 ----D---- C:\Program Files\Internet Explorer
2009-02-11 15:18:06 ----D---- C:\WINDOWS\ie7updates
2009-02-10 13:04:06 ----D---- C:\WINDOWS\system32\config
2009-02-10 13:03:42 ----D---- C:\WINDOWS\system32\wbem
2009-02-10 13:03:42 ----D---- C:\WINDOWS\Registration
2009-02-10 13:03:09 ----D---- C:\WINDOWS\speech
2009-02-10 13:03:09 ----D---- C:\WINDOWS\Help
2009-02-09 23:15:02 ----D---- C:\WINDOWS\system
2009-02-09 22:39:06 ----D---- C:\WINDOWS\msagent
2009-02-09 22:35:17 ----D---- C:\WINDOWS\system32\Macromed
2009-02-07 16:58:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2009-02-07 13:36:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-06 22:10:55 ----AC---- C:\WINDOWS\WININIT.INI
2009-02-06 21:29:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-06 20:16:52 ----A---- C:\WINDOWS\system32\338fa633-.txt
2009-02-06 20:15:31 ----D---- C:\Program Files\CCleaner
2009-02-06 20:02:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-06 14:51:12 ----D---- C:\Program Files\MediaCoder
2009-02-05 16:11:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-04 22:15:18 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-02-03 18:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-03 12:02:16 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-27 11:02:41 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2005-10-22 311680]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2005-10-22 119168]
R1 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2005-11-21 50176]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.0.1; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2006-03-08 19915]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-21 8064]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2005-10-22 27264]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 OM518P;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\om518vid.sys [2002-06-27 185256]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-06-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 RT2500;Linksys Wireless-G PCI Adapter Driver; C:\WINDOWS\System32\DRIVERS\RT2500.sys [2005-04-21 242176]
R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2003-09-02 166912]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-02-26 370048]
S1 seneka;seneka; C:\WINDOWS\system32\drivers\senekatyxumqwr.sys []
S2 ADSEXPB;ADS DVD Xpress B; C:\WINDOWS\System32\Drivers\adsexpb.sys [2003-10-08 32084]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\drivers\zumbus.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Jukebox3;Jukebox3; C:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2006-01-19 17280]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2005-10-22 27136]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2008-05-21 34576]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-03-09 37768]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-02 152984]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-22 950096]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-11-22 155648]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [2008-11-12 3667312]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [2008-11-13 1086840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-11-22 233472]
S2 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-11-21 409600]
S2 WMP54Gv4SVC;WMP54Gv4SVC; C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe [2004-02-06 41025]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-05-07 779824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-07 271920]
S3 RoxMediaDB;RoxMediaDB; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe [2005-11-22 864256]
S3 RoxUPnPRenderer;RoxUpnpRenderer; C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe [2005-11-21 45056]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2008-05-21 92792]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-17 362240]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.05 2009-02-22 17:14:59

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {637099FB-45FD-4BC7-9651-6FB540DBB749}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
-->MsiExec.exe /I{26792CA7-D87A-4DBE-896B-C2F66B344511}
-->MsiExec.exe /I{637099FB-45FD-4BC7-9651-6FB540DBB749}
-->MsiExec.exe /I{6D4F02C4-F6AF-4659-A933-7FC06235A8D5}
-->MsiExec.exe /I{7FD9FD10-9F7F-4DDF-B9F0-911209FF0CEA}
-->MsiExec.exe /I{8C60949A-46F9-4DD7-BA9F-78C00D9D4C8D}
-->MsiExec.exe /I{EB748B9B-F872-4E95-98E8-5CA7E5425DAF}
-->MsiExec.exe /I{F0EACC27-A729-406C-9BF6-C8F10CEC36F8}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Camera Suite 1.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD13BFB0-FDD2-4AFA-A8AF-9F4A950D56B7}\setup.exe" -l0x40c
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{26BDE7D8-93F0-4A07-AD47-1707DB417941} /l1036
Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}
Canon iP4500 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series /L0x000c
Canon MovieEdit Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DE286975-ACF1-45B8-9EF7-34E162B2C817}
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}
Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}
Canon ScanGear Toolbox 3.1-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\ScanGear Toolbox Ver3.1\Uninst.isu" -c"C:\Program Files\Canon\ScanGear Toolbox Ver3.1\uninst.dll"
Canon Utilities ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
ConvertXtoDVD 3.4.7.121-->"D:\Programmes\convertx\unins000.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
D-Link VGA Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A783A9B5-9249-494C-8766-ECDE41FD6160}\Setup.exe" -l0x40c
DriverAgent by TouchStone Software-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove
DVD Decrypter 3.5.4.0 Fr-->C:\Program Files\DVD Decrypter\UnInstall_DVDdecrypt.exe
DVD Region+CSS Free 5.9.8.5-->"C:\Program Files\DVD Region+CSS Free\unins000.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVD Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
DVDCoach Express 0.9.2-->"C:\Program Files\Kibisoft\DVDCoach Express\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.3.0-->"C:\Program Files\DVDFab 5\unins000.exe"
DVDFab Decrypter 3.0.8.0-->"C:\Program Files\DVDFab Decrypter 3\unins000.exe"
DVDFab HD Decrypter 4.1.0.2-->"C:\Program Files\DVDFab HD Decrypter 4\unins000.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Free FLV Converter V 6.1.0-->"C:\Program Files\Free FLV Converter\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IFOEdit 0.971 Fr-->C:\Program Files\IfoEdit\UnInstall_IfoEdit.exe
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
InterVideo WinDVD 4-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Indispensables Éducation pour Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
LimeWire 4.16.6-->"C:\Program Files\LimeWire\uninstall.exe"
Linksys Wireless-G PCI Adapter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4DDC3BED-CC68-44AA-B435-D727B620CA5B}\setup.exe" -l0x40c
Macromedia Flash Player 8-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
Malwarebytes' Anti-Malware-->"C:\Malwarebytes' Anti-Malware\unins000.exe"
MediaCoder 0.6.0-->C:\Program Files\MediaCoder\uninst.exe
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Encarta 2009 - Collection-->MsiExec.exe /I{09180081-2C94-4A67-8E55-8483C019C7D2}
Microsoft Encarta Maths-->MsiExec.exe /I{07183840-959A-4B0D-8825-2C533F0DDB19}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Disque 2-->MsiExec.exe /I{0004040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 SR-1 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
MioTransfer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{49F00501-E02F-458F-8AED-85949AB9656F}\setup.exe" -l0x40c
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MPEG2 Video Encoder-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E6A0986D-3244-4AB7-BE29-11500E68EF46}\Setup.exe" -l0x40c
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 and SOAP Toolkit 3.0-->MsiExec.exe /I{32343DB6-9A52-40C9-87E4-5E7C79791C87}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
muvee autoProducer 3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD057516-AE06-44FA-B615-463FD524526F}\Setup.exe" -l0x40c
Nero 7 Essentials-->MsiExec.exe /X{E11BD6A7-5046-4D25-ABCB-386A54F71036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Net Transport 1.94.282-->"C:\Program Files\Xi\NetTransport 2\unins000.exe"
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PIXMA Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PrintMaster 7.00-->c:\PROGRA~1\MINDSC~1\PRINTM~1\uninst32.exe /IFirst
ProSavageDDR and Utilities-->C:\PROGRA~1\S3Inc\P4M266\s3setvga.exe -s -fC:\PROGRA~1\S3Inc\P4M266\P4M266.uns
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RamBoost XP 4.0.6-->"C:\Program Files\RamBoost XP\unins000.exe"
Revo Uninstaller 1.71-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Roxio Content 8-->MsiExec.exe /X{329B7564-7E13-4A70-BC2B-F9870C82AAB6}
Roxio Easy Media Creator 8 Suite-->MsiExec.exe /I{868901EE-7807-4F89-A134-7C705D34F91F}
S3Display-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
Scan Manager 5.2-->MsiExec.exe /I{E0A1559B-9886-11D4-8D06-0050DA284A39}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Spy Sweeper Core-->MsiExec.exe /I{3F5B6210-0903-4DC6-8034-8F488AA3A782}
Spy Sweeper-->"C:\Program Files\Webroot\WebrootSecurity\unins000.exe"
Spybot - Search & Destroy 1.5.2.20-->"C:\WINDOWS\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
VIA Audio Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -f"C:\PROGRA~1\VIATEC~1\VIAAUD~1/Uninst.isu"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->D:\Programmes\vlc\uninstall.exe
Vuze-->D:\Programmes\Azureus\uninstall.exe
WinAVI Video Converter 8.0-->"C:\Program Files\WinAVI Video Converter\unins000.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPcap 4.1 beta4-->C:\Program Files\WinPcap\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

=====HijackThis Backups=====

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\fgiebar.dll (file missing)

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090221-0]
FW: Webroot Internet Security Essentials (disabled)

System event log

Computer Name: VALOU
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 123460
Source Name: EventLog
Time Written: 20090207080303.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.

Record Number: 123459
Source Name: EventLog
Time Written: 20090207000050.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 123458
Source Name: EventLog
Time Written: 20090207000034.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 123457
Source Name: EventLog
Time Written: 20090207000034.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.

Record Number: 123456
Source Name: EventLog
Time Written: 20090206234355.000000-300
Event Type: Informations
User:

Application event log

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201982
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201981
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201980
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201979
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201978
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0207
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"RoxioCentral"=C:\Program Files\Fichiers communs\Roxio Shared\Roxio Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

Télécharge SmitfraudFix (de de S!Ri, balltrap34 et moe31) sur ton Bureau.

Double-clique sur SmitfraudFix.exe pour le lancer.

Choisis l'option 1 puis Entrée.

Un rapport sera généré, poste-le dans ta prochaine réponse.

/!\ process.exe est détecté par certains antivirus comme étant un risktool. Il ne s'agit pas d'un virus mais d'un utilitaire destiné à mettre fin à des processus./!\

** Ne fais l'étape 2 que si on te le demande, on doit d'abord examiner le premier rapport de SmitfraudFix.

Rapport :
SmitFraudFix v2.398

Rapport fait à 17:29:06,79, 2009-02-22
Executé à partir de C:\Documents and Settings\v.Rosset\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Documents and Settings\v.Rosset\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\Tasks\At?.job PRESENT !
C:\WINDOWS\Tasks\At??.job PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\v.Rosset


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\v.Rosset\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\VF82C~1.ROS\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="file:///C:/DOCUME~1/VF82C~1.ROS/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg"
"SubscribedURL"="file:///C:/DOCUME~1/VF82C~1.ROS/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg"
"FriendlyName"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Carte VIA PCI 10/100Mo Fast Ethernet - Miniport d'ordonnancement de paquets
DNS Server Search Order: 24.200.241.37
DNS Server Search Order: 24.201.245.77
DNS Server Search Order: 24.200.243.189

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6324C9EF-5C84-403A-BF46-6D2214898BB0}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6324C9EF-5C84-403A-BF46-6D2214898BB0}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6324C9EF-5C84-403A-BF46-6D2214898BB0}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Redémarre l'ordinateur en mode sans échec (au démarrage de l'ordinateur, tapote F8).

Double-clique sur SmitfraudFix.exe

Sélectionne 2 et presse Entrée dans le menu pour supprimer les fichiers responsables de l'infection.

Voulez-vous nettoyer le registre ? réponds O (oui) et presse Entrée afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection.

Un redémarrage sera peut être nécessaire pour terminer la procédure de nettoyage. Le rapport se trouve à la racine du disque système C:\rapport.txt

Copie-colle le rapport dans ton prochain message.

Voilà le résultat !
SmitFraudFix v2.398

Rapport fait à 17:41:59,02, 2009-02-22
Executé à partir de C:\Documents and Settings\v.Rosset\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost





»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\Tasks\At?.job supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6324C9EF-5C84-403A-BF46-6D2214898BB0}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6324C9EF-5C84-403A-BF46-6D2214898BB0}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6324C9EF-5C84-403A-BF46-6D2214898BB0}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Supprime SmitfraudFix.

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.

Double-clique sur le fichier téléchargé pour lancer le processus d'installation.

Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.

Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.

Sélectionne Exécuter un examen rapide.

Clique sur Rechercher.

L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

Ferme tes navigateurs.

Si des malwares ont été détectés, clique sur Afficher les résultats.

Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Réponse :
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1794
Windows 5.1.2600 Service Pack 3

2009-02-22 18:12:18
mbam-log-2009-02-22 (18-12-18).txt

Type de recherche: Examen rapide
Eléments examinés: 90240
Temps écoulé: 10 minute(s), 4 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Fais un scan en ligne ici : http://webscanner.kaspersky.fr/ (Avec Internet Explorer)

En bas à droite, clique sur Démarrer Online-scanner.

Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte.

Accepte les Contrôles ActiveX.

Choisis Poste de travail pour le scan.

Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport.

Pour t'aider à utiliser le scan en ligne : Tutoriel

Note : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.

Le rapport n'est pas entier à cause de sa longueur.

---> Uploader un fichier sur Mediafire :

Rends-toi sur ce lien : http://www.mediafire.com/

Clique en haut sur Upload files To Media fire. Choisis ensuite I want to upload without an account.

Une fenêtre de ton explorateur windows va s'ouvrir. Navigue jusqu'au rapport que je te demande d'uploader, sélectionne-le puis clique sur ouvrir.

Clique ensuite sur Upload.

A droite de l'écran, choisis : upload to a new folder. Laisse le nom par défaut (= la date).

Valide et laisse l'upload se faire.

Clique sur View uploaded file et copie-moi l'url (= le lien) du nouvel onglet ou de la nouvelle fenêtre qui va s'ouvrir dans ton prochain message. Ainsi, je pourrais télécharger le rapport demandé.

http://www.mediafire.com/?cbmvml94tcw

Les seuls fichiers détectés par Kaspersky sont dans la quarantaine de Spybot.

J'ai vu des traces du rootkit Seneka.

[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Il va te demander d'installer la console de récupération : accepte.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

ComboFix 09-02-21.01 - v.Rosset 2009-02-22 21:40:43.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1503.827 [GMT -5:00]
Lancé depuis: c:\documents and settings\v.Rosset\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090221-0] *On-access scanning disabled* (Updated)
FW: Webroot Internet Security Essentials *disabled*
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\v.Rosset\Application Data\inst.exe
c:\windows\system32\JTtsCcfe.ini
c:\windows\system32\tmp.reg

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_seneka


((((((((((((((((((((((((((((( Fichiers créés du 2009-01-23 au 2009-02-23 ))))))))))))))))))))))))))))))))))))
.

2009-02-22 18:25 . 2009-02-22 18:25 <REP> d-------- c:\windows\system32\Kaspersky Lab
2009-02-22 17:14 . 2009-02-22 17:14 <REP> d-------- C:\rsit
2009-02-22 08:39 . 2009-02-22 08:39 <REP> d-------- c:\documents and settings\LocalService\Bureau
2009-02-22 08:32 . 2009-02-22 08:32 <REP> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-21 21:11 . 2009-02-21 21:11 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-02-21 20:39 . 2009-02-22 08:32 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-21 18:05 . 2009-02-21 18:05 <REP> d-------- c:\program files\Webroot
2009-02-21 18:05 . 2009-02-21 18:05 <REP> d-------- c:\documents and settings\v.Rosset\Application Data\Webroot
2009-02-21 18:05 . 2009-02-21 18:14 <REP> d-------- c:\documents and settings\All Users\Application Data\Webroot
2009-02-21 18:05 . 2008-11-13 17:11 1,553,272 --a------ c:\windows\WRSetup.dll
2009-02-20 19:32 . 2009-02-20 19:32 <REP> d-------- c:\program files\VS Revo Group
2009-02-15 22:43 . 2009-02-15 22:43 <REP> d-------- c:\program files\Learning Essentials
2009-02-15 22:43 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\system32\d3dx9_26.dll
2009-02-15 08:51 . 2009-02-15 08:51 <REP> d-------- c:\program files\Fichiers communs\Skype
2009-02-14 22:25 . 2009-02-22 08:43 <REP> d-------- c:\program files\PowerISO
2009-02-13 22:57 . 2009-02-13 22:57 812,344 --a------ c:\program files\HJTInstall.exe
2009-02-12 15:47 . 2009-02-15 09:41 <REP> d-------- C:\Malwarebytes' Anti-Malware
2009-02-10 07:50 . 2009-02-10 13:03 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware(2)
2009-02-08 22:29 . 1994-09-02 00:00 17,936 --a------ c:\windows\system\IMAADPCM.ACM
2009-02-08 22:29 . 1993-11-19 00:00 15,104 --a------ c:\windows\system\MSADPCM.ACM
2009-02-08 19:41 . 2009-02-08 19:56 <REP> d-------- c:\documents and settings\v.Rosset\Application Data\DAEMON Tools Lite
2009-02-07 13:28 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-07 13:28 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-07 12:09 . 2009-02-07 12:10 9,875,904 --a------ c:\program files\Vuze_4.1.0.2_windows.exe
2009-02-06 22:12 . 2009-02-07 14:44 4 --a------ c:\windows\wxrqeueh
2009-02-06 19:29 . 2009-02-06 19:29 <REP> d-------- c:\documents and settings\v.Rosset\Application Data\RegTool
2009-02-06 15:42 . 2009-02-06 15:42 54,040 --a------ c:\windows\Sysvxd.exe
2009-02-06 12:26 . 2009-02-06 20:20 1,728 --a------ c:\windows\pltvzzvk
2009-02-06 09:03 . 2009-02-06 09:03 <REP> d-------- c:\program files\WinAVI Video Converter
2009-02-02 15:21 . 2009-02-02 15:21 <REP> d-------- c:\program files\Microsoft Encarta
2009-01-30 15:06 . 2009-01-30 15:06 <REP> d-------- c:\documents and settings\v.Rosset\Application Data\Flood Light Games
2009-01-30 15:06 . 2009-01-30 15:06 <REP> d-------- c:\documents and settings\All Users\Application Data\Flood Light Games
2009-01-23 22:14 . 2009-01-23 22:18 <REP> d-------- c:\documents and settings\v.Rosset\Application Data\U3

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-23 02:24 --------- d-----w c:\program files\Mozilla Thunderbird
2009-02-22 13:44 --------- d-----w c:\program files\VSO
2009-02-22 13:44 --------- d-----w c:\program files\Free FLV Converter
2009-02-22 13:42 --------- d-----w c:\program files\Lavasoft
2009-02-22 13:22 --------- d-----w c:\documents and settings\v.Rosset\Application Data\Skype
2009-02-22 13:20 --------- d-----w c:\documents and settings\v.Rosset\Application Data\skypePM
2009-02-22 02:16 --------- d-----w c:\documents and settings\v.Rosset\Application Data\Azureus
2009-02-22 00:14 --------- d-----w c:\documents and settings\v.Rosset\Application Data\Lavasoft
2009-02-21 20:42 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-18 13:42 --------- d-----w c:\documents and settings\v.Rosset\Application Data\Vso
2009-02-15 13:51 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-02-15 13:51 --------- d-----r c:\program files\Skype
2009-02-07 21:58 --------- d-----w c:\documents and settings\All Users\Application Data\CanonIJPLM
2009-02-07 18:36 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-07 02:29 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-07 01:15 --------- d-----w c:\program files\CCleaner
2009-02-07 01:02 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-06 19:51 --------- d-----w c:\program files\MediaCoder
2009-01-21 00:35 --------- d-----w c:\documents and settings\v.Rosset\Application Data\dvdcss
2009-01-20 14:22 --------- d-----w c:\program files\IfoEdit
2009-01-20 05:12 --------- d-----w c:\program files\DVD Region+CSS Free
2009-01-19 00:14 --------- d-----w c:\program files\InterActual
2009-01-18 18:45 --------- d-----w c:\documents and settings\All Users\Application Data\vsosdk
2009-01-18 03:55 --------- d-----w c:\program files\TuneUp Utilities 2009
2009-01-17 03:59 --------- d-sh--w c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-14 14:20 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2009-01-09 20:34 --------- d-----w c:\documents and settings\v.Rosset\Application Data\vlc
2009-01-07 19:26 --------- d-----w c:\program files\Java
2009-01-02 21:37 --------- d-----w c:\program files\Real
2009-01-02 21:23 --------- d-----w c:\program files\Canon
2008-11-05 12:58 4,584,376 ----a-w c:\program files\Shockwave_Installer_Slim.exe
2008-10-31 15:20 2,688,280 ----a-w c:\program files\vcredist_x86.exe
2008-10-27 12:26 2,959,376 ----a-w c:\program files\dotnetfx35setup.exe
2008-10-12 22:37 445,120 ----a-w c:\program files\biosagentplus_40.exe
2008-09-13 22:47 894,504 ----a-w c:\program files\WGAPluginInstall.exe
2008-06-21 14:50 47,360 ----a-w c:\documents and settings\v.Rosset\Application Data\pcouffin.sys
2008-04-02 18:36 5,640 -c--a-w c:\documents and settings\v.Rosset\Application Data\mindhabits.dat
2007-11-19 14:41 32 -c--a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2008-08-18 13:53 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008081820080819\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BackupIconOverlayId]
@="{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}"
[HKEY_CLASSES_ROOT\CLSID\{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}]
2008-11-13 17:04 238968 --a------ c:\program files\Webroot\WebrootSecurity\Backup\CtxMenu_1_0_0_10.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"mspd"="c:\windows\system32\mspd.exe" [2003-08-27 389632]
"ISUSPM Startup"="c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe" [2004-07-27 221184]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-02 136600]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"SpySweeper"="c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe" [2008-11-13 6273400]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\progra~1\DVDREG~1\DVDShell.dll" [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.mjpg"= mcmjpg32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^v.Rosset^Menu Démarrer^Programmes^Démarrage^Pense-bête.lnk]
path=c:\documents and settings\v.Rosset\Menu Démarrer\Programmes\Démarrage\Pense-bête.lnk
backup=c:\windows\pss\Pense-bête.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MétéoIMédia]
c:\program files\MétéoMédia\MétéoIMédia\WeatherEye [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
--a------ 2009-02-22 08:33 509784 c:\program files\Lavasoft\Ad-Aware\AAWTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
--a------ 2007-04-03 20:50 1603152 c:\program files\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-13 21:33 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a--c--- 2007-03-15 20:02 153136 c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2008-11-02 03:38 167936 c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
--a--c--- 2005-11-21 20:47 1687552 c:\program files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2009-01-29 14:01 23975720 c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
--a------ 2008-11-13 17:11 6273400 c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-11-27 23:44 180269 c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISUSPM Startup"=c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\drivers\\svchost.exe"=
"d:\\Programmes\\Azureus\\Azureus.exe"=
"c:\\Program Files\\Roxio\\Easy Media Creator 8\\Digital Home\\RoxUpnpServer.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-21 64160]
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [2008-11-12 29808]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-03-31 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-03-31 20560]
R2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [2009-02-21 1086840]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 950096]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2008-05-21 34576]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e341aa0-9cb1-11dd-ac7e-0012178290da}]
\Shell\AutoRun\command - g:\wd_windows_tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58611ed2-98ae-11dd-ac6a-000ae6896f3f}]
\Shell\AutoRun\command - g:\wd_windows_tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95a972c0-d18e-11da-a70f-000ae6896f3f}]
\Shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22b4960-987f-11dd-ac68-0012178290da}]
\Shell\AutoRun\command - g:\wd_windows_tools\Setup.exe
.
Contenu du dossier 'Tâches planifiées'

2009-02-22 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-02-22 08:33]

2009-02-22 c:\windows\Tasks\RegTool Scan.job
- c:\program files\RegTool\RegTool.exe []

2009-02-22 c:\windows\Tasks\RegTool Scan.job
- c:\program files\RegTool []
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-CanonSolutionMenu - c:\program files\Canon\SolutionMenu\CNSLMAIN.exe
MSConfigStartUp-Cld2000 - c:\program files\Calendrier\Cld2000.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-prunnet - c:\windows\system32\prunnet.exe
MSConfigStartUp-RegistryBooster 2 d’Uniblue - c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe
MSConfigStartUp-RegTool - c:\program files\RegTool\RegTool.exe
MSConfigStartUp-WeatherEye - c:\program files\MétéoMédia\MétéoÉclair\WeatherEye.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.cyberpresse.ca/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mSearchAssistant = hxxp://www.google.com/ie
IE: &Télécharger avec NetTransport - c:\program files\Xi\NetTransport 2\NTAddLink.html
IE: Enregistreur Vidéo Internet : rechercher des streams vidéo - file://d:\programmes\scan.vbs
IE: Ouvrir avec Enregistreur Vidéo Internet - file://d:\programmes\anchor.vbs
IE: Tout t&élécharger avec NetTransport - c:\program files\Xi\NetTransport 2\NTAddList.html
IE: Télécharger avec FlashGet - d:\programmes\Flashget\jc_link.htm
IE: Télécharger tout avec FlashGet - d:\programmes\Flashget\jc_all.htm
IE: {{B794C572-4E4D-4D4B-A115-25DBEB29EA71} - d:\programmes\scan.vbs
IE: {{DFD9C994-2EF1-4B7F-92B5-98E2D0A7CEB7} - d:\programmes\scan.vbs
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} - hxxp://www.registrefoncier.gouv.qc.ca/Sirf/Script/14_05_04/CPC...
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.ca...
FF - ProfilePath - c:\documents and settings\v.Rosset\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.cyberpresse.ca/
FF - plugin: c:\documents and settings\v.Rosset\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMCult3DP.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npvirtools.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\windows\system32\Cult3D\NPMCult3DP.dll

---- PARAMETRES FIREFOX ----
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-22 21:46:57
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Canon\IJPLM\ijplmsvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
c:\program files\Webroot\WebrootSecurity\SpySweeper.exe
c:\program files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
c:\program files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-02-22 21:51:38 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-02-23 02:51:33

Avant-CF: 7 490 256 896 octets libres
Après-CF: 8,461,529,088 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn /TUTag=NYDXPN /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale (TuneUp Backup)" /fastdetect /NoExecute=OptIn /TUTag=NYDXPN-BAK

277 --- E O F --- 2009-02-11 20:20:16

Menu Démarrer > Exécuter > Tape combofix /u et valide.

Désinstalle Java(TM) 6 Update 11.

Mets à jour Java.

Mets à jour Adobe Reader.

Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.

Double-clique sur OTMoveIt3.exe afin de le lancer.

Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\drivers\svchost.exe"=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\drivers\svchost.exe"=-

:commands
[purity]
[emptytemp]
[reboot]

Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log

Résultat moveit
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\%windir%\system32\drivers\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list\\%windir%\system32\drivers\svchost.exe deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp\etilqs_NXl0EieWzya0fZcKKH1N scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp\~DFF929.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS029AFB31-F58F-4D30-BC1C-A01443C50175.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS095786D1-B040-47E2-A35C-6BD47A1435FB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS0A4C34D2-02CB-4F0E-B0D4-414E085F2741.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS0DA6C314-B418-4B24-A1E1-372AC66692C7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1292B0DE-05E2-4D76-B604-641266D3A200.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1600F702-7F29-478C-A410-2B70C47C3871.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1695C112-EB57-4BF3-8BF0-BACDA266845B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS180C5DE4-636C-4E6E-93E2-16DE32588387.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS18ECD82D-E8AA-4876-8038-D7D5015233E9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS198416AF-1DB2-4FB1-A8E3-8A7F247A8846.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS19B0A465-F50D-4CE2-B790-312436BDD1B5.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS19B52330-AE53-48F3-8452-38B7B1B149BC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1B6AD12C-D206-4F1D-9BC7-F25D9BC4EE67.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1CA96055-A31E-48FF-AA22-621546DC2E05.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1D1C13B2-BC39-468C-9CE0-5378F9F5C0E7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1DA05180-8C4A-4987-ADFB-942E77E829B2.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1FAEDF36-8678-4538-82E4-5928C5FF6C72.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS26477984-4801-4BE3-BF52-33DF9BB2B1EB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2927A624-4FD8-44D8-AE4B-AD5E6ECBC033.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2AB07FEA-423B-4B9E-B084-268A44AD8BCE.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2BEDF8E4-38ED-472F-B033-81D7EEA57B04.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2D4FAECA-4F61-44D1-9FC7-EDD2597AFD81.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2F58877C-9FEC-46C5-8F73-9CDFFF3A2724.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS31BBE64F-74D0-4529-BC50-643CC20030D6.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS36A5CB5E-50F0-44D4-AEF8-B89E94F5D708.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS37982F73-F661-4066-A58D-9B409DE95CEC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS37C6CA47-2D60-4008-9102-49CD6401256C.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS3904DBA6-6B3C-4294-8808-4936A3240414.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS393BBE75-6DA1-47C2-A841-6E1F532484DD.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS3CABCA00-C30B-4881-8484-F2F8FAE3A421.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS3E77D7D3-2E80-416D-81D0-2E434A037F17.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS42CCFC19-0E35-4CE3-BC88-2A750E22453D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS452D575F-0FF3-4768-9D89-6B029E59786F.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS46FB3940-1FA2-4EE4-B311-C976A57ABC8B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS48B67499-48DB-4A9A-99D2-BA3AB86E4A9B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS4BB068A5-A898-4160-827D-D67A14E93AFD.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS4E7ED5AF-54CA-4F11-9FFA-392BB5BCDB1D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS52AA0309-719C-4E50-AA9D-AF31B9227C18.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS52E6C487-90DD-4490-B2DF-9817EF8CCA36.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS54E3F624-7390-474E-B8B6-BE7B00AD6625.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS59167DB3-1E4F-4623-A831-F36016B52B09.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS5977144E-3862-4143-8D38-5EE46D0F655E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS63BEA960-FBA5-4031-9016-7DAB73F92290.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS67FEEAD7-5986-4E7D-87ED-2C896197E087.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS6DB73364-0581-41F0-9F4C-EC073806E72E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS70498249-A8BE-420D-A47E-89174014CC12.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS736BE1EE-FC2E-4988-B3EA-69D2B0750523.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS757DE1B3-9E1D-4D8D-BBC3-C246B00667D5.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7647C868-A387-4A0A-8DB7-8E90AAD4EF79.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS78AD35AA-4354-43DA-A0F1-7E6FF92BFFF9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7990401B-F87B-4F5D-89E9-38987E97BD86.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7EBE84A3-8402-4344-8C7D-E48E86AA9FBA.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7F64A952-3579-4C92-80BA-CEAD1F536887.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7F7CC340-80B2-482C-8FB5-F8B6CEBC258B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7FDCB46C-30B4-4EFD-9EB2-D2B730BC5686.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS85DFCA30-42A1-454B-BE02-6421FED30D6E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS89E09191-48A2-4AE6-B60C-DB247A7B1B7C.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS8C2C2078-87CC-44E8-9AB5-E88CE1DF3432.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS8CB2D983-5DF9-4362-A300-67F76C4F1D8B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS8FFCD590-F6ED-49C2-B5DA-A7DE5E949316.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS90EBB7B7-62E9-427D-946E-B2D6747D3A2C.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS91E1A101-223A-4C75-8ABE-576C00BF06D0.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS95D79570-3900-4E80-8294-12C129ECB05E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS96773D4D-68BB-43D5-817F-AFFF8CFC65CC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS97A6E634-8EA8-4EB7-95A2-D13D305C949B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS9866DDA3-4FB2-4172-A082-AE0EF180E4A1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS9894B1EC-8A1B-453B-A89F-6C71F9A8D116.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA083B4E1-2D09-4952-BFAB-0EC9ACBF6D18.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA0B8177C-BE9C-4332-917F-FA1A4C4E25C1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA55BB05A-640D-4C23-A168-45AD09F33CAF.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA5983A5C-8D1B-4ECE-B277-BC02C39B5698.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA91C0851-F582-4F76-9323-74CE45175D8C.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA99B8EF5-24D2-42B9-870B-850DD1EAD51E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSAA3BBDEF-EC8F-45BC-BB74-13CE723181C8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSAADD4618-4D4C-44A4-ADD1-E79A250DF367.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSACCBDCF7-6072-4168-916E-3FDCC01802A7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB208AB17-B6BB-40C8-BB57-145B2886ADBE.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB4D53C3A-0E3F-4967-B4C1-23CE689F18D3.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB61C11CE-236C-43C5-8457-4335269744BC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB6513743-4483-4915-AA7C-9D6F2758DA98.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB8CE2E97-FD5C-4564-9EE2-1A697FBAA93E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSBC23AA06-20E2-48A7-B43F-DA5728F328E6.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC1D1FEDD-1FA6-48B2-ABED-644546887521.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC3E2F198-0918-4EF4-859C-50A1321F86D5.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC6313C5E-6A69-4642-A054-B5477E28B857.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC6485AB1-750A-4A73-884A-CE39A7450304.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC8A01121-AB36-483D-8757-BEDAA9A78288.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSCA2095FA-14EE-4CD3-B042-CCCF07A49D1D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSCC3FAE7B-9CC8-40AB-8113-EF62BB26A0B7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD7197B8E-68DB-46A5-8E7C-0084F3494E4D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSDAF5341E-B273-497A-A2AC-6B82289BA95E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSDD21ACC6-99C2-4A38-9A38-345F99FE0548.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSDE304C35-72FC-44A5-81B2-AB6F1E51EFE1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSDFB34DF9-05D6-4E04-82A5-127E89013AA2.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE3E277E4-57D8-4443-BD3B-CD628DC47EDC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE40F9752-A934-434C-81D8-BC69E97C6ABF.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE4F23A07-903A-45A0-A219-89E9F0A881BE.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE4F7236C-156F-4602-A22A-DD19E0C086A0.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE6706CCB-BEEF-4862-B616-0B2742B64729.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE8FC50C1-CF41-460B-B81F-17FF0AD9666A.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSECFC1D5C-674C-46CD-9379-E821C7102BBB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSF6C54D03-B3B9-478A-A4C3-FD3962A76A39.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSF7DB24A9-1CAE-478E-B990-33658D9C67B5.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSFB1F8474-0962-4498-A3E5-C15BE334ACEF.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_52c.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_8a0.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02232009_095008

Files moved on Reboot...
File C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp\etilqs_NXl0EieWzya0fZcKKH1N not found!
C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp\~DFF929.tmp moved successfully.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\wrstemp\SSMS029AFB31-F58F-4D30-BC1C-A01443C50175.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS095786D1-B040-47E2-A35C-6BD47A1435FB.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS0A4C34D2-02CB-4F0E-B0D4-414E085F2741.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS0DA6C314-B418-4B24-A1E1-372AC66692C7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1292B0DE-05E2-4D76-B604-641266D3A200.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1600F702-7F29-478C-A410-2B70C47C3871.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1695C112-EB57-4BF3-8BF0-BACDA266845B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS180C5DE4-636C-4E6E-93E2-16DE32588387.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS18ECD82D-E8AA-4876-8038-D7D5015233E9.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS198416AF-1DB2-4FB1-A8E3-8A7F247A8846.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS19B0A465-F50D-4CE2-B790-312436BDD1B5.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS19B52330-AE53-48F3-8452-38B7B1B149BC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1B6AD12C-D206-4F1D-9BC7-F25D9BC4EE67.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1CA96055-A31E-48FF-AA22-621546DC2E05.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1D1C13B2-BC39-468C-9CE0-5378F9F5C0E7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1DA05180-8C4A-4987-ADFB-942E77E829B2.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1FAEDF36-8678-4538-82E4-5928C5FF6C72.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS26477984-4801-4BE3-BF52-33DF9BB2B1EB.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2927A624-4FD8-44D8-AE4B-AD5E6ECBC033.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2AB07FEA-423B-4B9E-B084-268A44AD8BCE.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2BEDF8E4-38ED-472F-B033-81D7EEA57B04.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2D4FAECA-4F61-44D1-9FC7-EDD2597AFD81.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2F58877C-9FEC-46C5-8F73-9CDFFF3A2724.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS31BBE64F-74D0-4529-BC50-643CC20030D6.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS36A5CB5E-50F0-44D4-AEF8-B89E94F5D708.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS37982F73-F661-4066-A58D-9B409DE95CEC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS37C6CA47-2D60-4008-9102-49CD6401256C.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS3904DBA6-6B3C-4294-8808-4936A3240414.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS393BBE75-6DA1-47C2-A841-6E1F532484DD.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS3CABCA00-C30B-4881-8484-F2F8FAE3A421.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS3E77D7D3-2E80-416D-81D0-2E434A037F17.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS42CCFC19-0E35-4CE3-BC88-2A750E22453D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS452D575F-0FF3-4768-9D89-6B029E59786F.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS46FB3940-1FA2-4EE4-B311-C976A57ABC8B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS48B67499-48DB-4A9A-99D2-BA3AB86E4A9B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS4BB068A5-A898-4160-827D-D67A14E93AFD.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS4E7ED5AF-54CA-4F11-9FFA-392BB5BCDB1D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS52AA0309-719C-4E50-AA9D-AF31B9227C18.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS52E6C487-90DD-4490-B2DF-9817EF8CCA36.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS54E3F624-7390-474E-B8B6-BE7B00AD6625.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS59167DB3-1E4F-4623-A831-F36016B52B09.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS5977144E-3862-4143-8D38-5EE46D0F655E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS63BEA960-FBA5-4031-9016-7DAB73F92290.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS67FEEAD7-5986-4E7D-87ED-2C896197E087.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS6DB73364-0581-41F0-9F4C-EC073806E72E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS70498249-A8BE-420D-A47E-89174014CC12.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS736BE1EE-FC2E-4988-B3EA-69D2B0750523.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS757DE1B3-9E1D-4D8D-BBC3-C246B00667D5.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7647C868-A387-4A0A-8DB7-8E90AAD4EF79.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS78AD35AA-4354-43DA-A0F1-7E6FF92BFFF9.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7990401B-F87B-4F5D-89E9-38987E97BD86.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7EBE84A3-8402-4344-8C7D-E48E86AA9FBA.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7F64A952-3579-4C92-80BA-CEAD1F536887.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7F7CC340-80B2-482C-8FB5-F8B6CEBC258B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7FDCB46C-30B4-4EFD-9EB2-D2B730BC5686.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS85DFCA30-42A1-454B-BE02-6421FED30D6E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS89E09191-48A2-4AE6-B60C-DB247A7B1B7C.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS8C2C2078-87CC-44E8-9AB5-E88CE1DF3432.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS8CB2D983-5DF9-4362-A300-67F76C4F1D8B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS8FFCD590-F6ED-49C2-B5DA-A7DE5E949316.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS90EBB7B7-62E9-427D-946E-B2D6747D3A2C.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS91E1A101-223A-4C75-8ABE-576C00BF06D0.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS95D79570-3900-4E80-8294-12C129ECB05E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS96773D4D-68BB-43D5-817F-AFFF8CFC65CC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS97A6E634-8EA8-4EB7-95A2-D13D305C949B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS9866DDA3-4FB2-4172-A082-AE0EF180E4A1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS9894B1EC-8A1B-453B-A89F-6C71F9A8D116.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA083B4E1-2D09-4952-BFAB-0EC9ACBF6D18.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA0B8177C-BE9C-4332-917F-FA1A4C4E25C1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA55BB05A-640D-4C23-A168-45AD09F33CAF.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA5983A5C-8D1B-4ECE-B277-BC02C39B5698.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA91C0851-F582-4F76-9323-74CE45175D8C.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA99B8EF5-24D2-42B9-870B-850DD1EAD51E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSAA3BBDEF-EC8F-45BC-BB74-13CE723181C8.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSAADD4618-4D4C-44A4-ADD1-E79A250DF367.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSACCBDCF7-6072-4168-916E-3FDCC01802A7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB208AB17-B6BB-40C8-BB57-145B2886ADBE.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB4D53C3A-0E3F-4967-B4C1-23CE689F18D3.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB61C11CE-236C-43C5-8457-4335269744BC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB6513743-4483-4915-AA7C-9D6F2758DA98.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB8CE2E97-FD5C-4564-9EE2-1A697FBAA93E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSBC23AA06-20E2-48A7-B43F-DA5728F328E6.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC1D1FEDD-1FA6-48B2-ABED-644546887521.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC3E2F198-0918-4EF4-859C-50A1321F86D5.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC6313C5E-6A69-4642-A054-B5477E28B857.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC6485AB1-750A-4A73-884A-CE39A7450304.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC8A01121-AB36-483D-8757-BEDAA9A78288.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSCA2095FA-14EE-4CD3-B042-CCCF07A49D1D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSCC3FAE7B-9CC8-40AB-8113-EF62BB26A0B7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD7197B8E-68DB-46A5-8E7C-0084F3494E4D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSDAF5341E-B273-497A-A2AC-6B82289BA95E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSDD21ACC6-99C2-4A38-9A38-345F99FE0548.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSDE304C35-72FC-44A5-81B2-AB6F1E51EFE1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSDFB34DF9-05D6-4E04-82A5-127E89013AA2.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE3E277E4-57D8-4443-BD3B-CD628DC47EDC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE40F9752-A934-434C-81D8-BC69E97C6ABF.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE4F23A07-903A-45A0-A219-89E9F0A881BE.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE4F7236C-156F-4602-A22A-DD19E0C086A0.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE6706CCB-BEEF-4862-B616-0B2742B64729.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE8FC50C1-CF41-460B-B81F-17FF0AD9666A.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSECFC1D5C-674C-46CD-9379-E821C7102BBB.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSF6C54D03-B3B9-478A-A4C3-FD3962A76A39.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSF7DB24A9-1CAE-478E-B990-33658D9C67B5.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSFB1F8474-0962-4498-A3E5-C15BE334ACEF.tmp not found!
C:\WINDOWS\temp\Perflib_Perfdata_52c.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_8a0.dat not found!
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\urlclassifier3.sqlite moved successfully.

Ton PC va mieux ?

Refais un scan RSIT et poste le rapport log.

Non, pas vraiment. Je suis toujours dirigée vers d'autres sites que celui que je veux !!
Même word 2000 bloque quand je veux l'ouvrir !! Horreur !!
J'ai refais un scan RSIT
Logfile of random's system information tool 1.05 (written by random/random)
Run by v.Rosset at 2009-02-23 10:18:30
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (23%) free of 39 GB
Total RAM: 1503 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:18:39, on 2009-02-23
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\v.Rosset\Bureau\RSIT.exe
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\v.Rosset.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~1\Flashget\jccatch.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [mspd] "C:\WINDOWS\system32\mspd.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe /startintray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Enregistreur Vidéo Internet : rechercher des streams vidéo - file://D:\Programmes\scan.vbs
O8 - Extra context menu item: Ouvrir avec Enregistreur Vidéo Internet - file://D:\Programmes\anchor.vbs
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Programmes\Flashget\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Programmes\Flashget\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {B794C572-4E4D-4D4B-A115-25DBEB29EA71} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {DFD9C994-2EF1-4B7F-92B5-98E2D0A7CEB7} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.registrefoncier.gouv.qc.ca/Sirf/Script/14_05...
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTS...
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.registrefoncier.gouv.qc.ca/Sirf/Script/14_05...
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15103/CTP...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 9292 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\RegTool Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - D:\PROGRA~1\Flashget\jccatch.dll [2006-05-16 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-23 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-23 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"mspd"=C:\WINDOWS\system32\mspd.exe [2003-08-27 389632]
"ISUSPM Startup"=c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe [2004-07-27 221184]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-23 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SpySweeper"=C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-02-22 509784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MétéoIMédia]
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-15 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-11-21 1687552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-11-27 180269]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2002-08-12 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^v.Rosset^Menu Démarrer^Programmes^Démarrage^Pense-bête.lnk]
C:\PROGRA~1\MINDSC~1\PRINTM~1\PMREMIND.EXE [2006-05-23 2344920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programmes\Azureus\Azureus.exe"="D:\Programmes\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe"="C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:* isabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:* isabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:* isabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e341aa0-9cb1-11dd-ac7e-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58611ed2-98ae-11dd-ac6a-000ae6896f3f}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95a972c0-d18e-11da-a70f-000ae6896f3f}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22b4960-987f-11dd-ac68-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe


======List of files/folders created in the last 1 months======

2009-02-23 09:50:08 ----D---- C:\_OTMoveIt
2009-02-23 09:14:45 ----D---- C:\Program Files\NOS
2009-02-23 09:14:45 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\java.exe
2009-02-23 09:10:37 ----A---- C:\Program Files\jxpiinstall-6u12-fcs-bin-b04-windows-i586-17_jan_2009.exe
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENF.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENE.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\REND.tmp
2009-02-23 08:56:40 ----D---- C:\ComboFix
2009-02-22 23:16:41 ----SHD---- C:\RECYCLER
2009-02-22 21:51:40 ----A---- C:\ComboFix.txt
2009-02-22 21:39:26 ----A---- C:\Boot.bak
2009-02-22 21:39:17 ----RASHD---- C:\cmdcons
2009-02-22 21:37:42 ----D---- C:\WINDOWS\ERDNT
2009-02-22 18:25:16 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-02-22 17:39:35 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-22 17:29:16 ----A---- C:\WINDOWS\system32\tmp.txt
2009-02-22 17:29:06 ----A---- C:\rapport.txt
2009-02-22 17:14:20 ----D---- C:\rsit
2009-02-22 08:32:22 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-21 20:39:57 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-02-21 18:07:12 ----A---- C:\WINDOWS\system32\capicom.dll
2009-02-21 18:05:43 ----D---- C:\Program Files\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2009-02-21 18:05:43 ----A---- C:\WINDOWS\WRSetup.dll
2009-02-20 19:32:31 ----D---- C:\Program Files\VS Revo Group
2009-02-15 22:43:32 ----D---- C:\Program Files\Learning Essentials
2009-02-15 22:43:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-02-15 22:43:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-02-15 22:43:10 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-02-15 22:43:09 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-02-15 22:43:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-02-15 08:51:47 ----D---- C:\Program Files\Fichiers communs\Skype
2009-02-14 22:25:46 ----D---- C:\Program Files\PowerISO
2009-02-14 11:02:58 ----A---- C:\fixnavi.txt
2009-02-13 22:57:13 ----A---- C:\Program Files\HJTInstall.exe
2009-02-12 15:47:39 ----D---- C:\Malwarebytes' Anti-Malware
2009-02-10 07:50:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware(2)
2009-02-08 19:41:28 ----D---- C:\Documents and Settings\v.Rosset\Application Data\DAEMON Tools Lite
2009-02-08 08:36:31 ----A---- C:\avenger.txt
2009-02-07 12:09:09 ----A---- C:\Program Files\Vuze_4.1.0.2_windows.exe
2009-02-06 19:29:52 ----D---- C:\Documents and Settings\v.Rosset\Application Data\RegTool
2009-02-06 15:42:52 ----A---- C:\WINDOWS\Sysvxd.exe
2009-02-06 09:03:23 ----D---- C:\Program Files\WinAVI Video Converter
2009-02-02 15:21:15 ----D---- C:\Program Files\Microsoft Encarta
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Flood Light Games
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\All Users\Application Data\Flood Light Games

======List of files/folders modified in the last 1 months======

2009-02-23 10:18:37 ----D---- C:\WINDOWS\Prefetch
2009-02-23 10:08:25 ----RD---- C:\Program Files
2009-02-23 09:55:39 ----D---- C:\Program Files\Mozilla Thunderbird
2009-02-23 09:54:45 ----D---- C:\Program Files\Mozilla Firefox
2009-02-23 09:54:16 ----D---- C:\WINDOWS\Temp
2009-02-23 09:50:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-23 09:48:40 ----SHD---- C:\WINDOWS\Installer
2009-02-23 09:48:40 ----D---- C:\Config.Msi
2009-02-23 09:48:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-02-23 09:48:06 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-23 09:47:46 ----D---- C:\Program Files\Adobe
2009-02-23 09:21:55 ----D---- C:\WINDOWS\system32
2009-02-23 09:11:58 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-02-23 09:11:53 ----D---- C:\Program Files\Java
2009-02-23 08:57:37 ----SHD---- C:\System Volume Information
2009-02-23 08:57:37 ----D---- C:\WINDOWS\system32\Restore
2009-02-23 08:57:17 ----D---- C:\WINDOWS
2009-02-22 23:18:36 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-22 21:51:46 ----D---- C:\WINDOWS\system32\drivers
2009-02-22 21:47:20 ----A---- C:\WINDOWS\system.ini
2009-02-22 21:43:18 ----D---- C:\WINDOWS\system32\config
2009-02-22 21:41:49 ----D---- C:\WINDOWS\AppPatch
2009-02-22 21:41:45 ----D---- C:\Program Files\Fichiers communs
2009-02-22 21:39:26 ----RASH---- C:\boot.ini
2009-02-22 18:25:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-22 18:25:15 ----HD---- C:\WINDOWS\inf
2009-02-22 17:42:28 ----SD---- C:\WINDOWS\Tasks
2009-02-22 16:32:42 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-22 16:03:27 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-02-22 16:02:19 ----A---- C:\WINDOWS\DVDRegionFree.INI
2009-02-22 08:47:37 ----AC---- C:\WINDOWS\win.ini
2009-02-22 08:44:50 ----D---- C:\Program Files\Free FLV Converter
2009-02-22 08:44:21 ----D---- C:\Program Files\VSO
2009-02-22 08:42:28 ----D---- C:\Program Files\Lavasoft
2009-02-22 08:22:25 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Skype
2009-02-22 08:20:18 ----D---- C:\Documents and Settings\v.Rosset\Application Data\skypePM
2009-02-21 21:16:59 ----D---- C:\WINDOWS\system32\DirectX
2009-02-21 21:16:58 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Azureus
2009-02-21 21:16:57 ----RSD---- C:\WINDOWS\assembly
2009-02-21 21:11:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-21 20:39:52 ----D---- C:\WINDOWS\WinSxS
2009-02-21 19:14:55 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-21 19:14:55 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Lavasoft
2009-02-21 15:42:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-18 08:42:46 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Vso
2009-02-16 09:30:18 ----SD---- C:\Documents and Settings\v.Rosset\Application Data\Microsoft
2009-02-15 22:43:15 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-15 08:51:48 ----RD---- C:\Program Files\Skype
2009-02-15 08:51:48 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-02-12 19:20:18 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-12 19:20:18 ----D---- C:\WINDOWS\Debug
2009-02-11 15:18:38 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 15:18:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-11 15:18:16 ----D---- C:\Program Files\Internet Explorer
2009-02-11 15:18:06 ----D---- C:\WINDOWS\ie7updates
2009-02-10 13:03:42 ----D---- C:\WINDOWS\system32\wbem
2009-02-10 13:03:42 ----D---- C:\WINDOWS\Registration
2009-02-10 13:03:09 ----D---- C:\WINDOWS\speech
2009-02-10 13:03:09 ----D---- C:\WINDOWS\Help
2009-02-09 23:15:02 ----D---- C:\WINDOWS\system
2009-02-09 22:39:06 ----D---- C:\WINDOWS\msagent
2009-02-09 22:35:17 ----D---- C:\WINDOWS\system32\Macromed
2009-02-07 16:58:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2009-02-07 13:36:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-06 22:10:55 ----AC---- C:\WINDOWS\WININIT.INI
2009-02-06 21:29:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-06 20:16:52 ----A---- C:\WINDOWS\system32\338fa633-.txt
2009-02-06 20:15:31 ----D---- C:\Program Files\CCleaner
2009-02-06 20:02:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-06 14:51:12 ----D---- C:\Program Files\MediaCoder
2009-02-05 16:11:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-04 22:15:18 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-02-03 18:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-03 12:02:16 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-27 11:02:41 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2005-10-22 311680]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2005-10-22 119168]
R1 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2005-11-21 50176]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.0.1; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2006-03-08 19915]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-21 8064]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2005-10-22 27264]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 OM518P;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\om518vid.sys [2002-06-27 185256]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-06-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 RT2500;Linksys Wireless-G PCI Adapter Driver; C:\WINDOWS\System32\DRIVERS\RT2500.sys [2005-04-21 242176]
R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2003-09-02 166912]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-02-26 370048]
S2 ADSEXPB;ADS DVD Xpress B; C:\WINDOWS\System32\Drivers\adsexpb.sys [2003-10-08 32084]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\drivers\zumbus.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Jukebox3;Jukebox3; C:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2006-01-19 17280]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2005-10-22 27136]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2008-05-21 34576]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-03-09 37768]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-23 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [2008-11-12 3667312]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [2008-11-13 1086840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-22 950096]
S2 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-11-22 233472]
S2 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-11-21 409600]
S2 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-11-22 155648]
S2 WMP54Gv4SVC;WMP54Gv4SVC; C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe [2004-02-06 41025]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-05-07 779824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-07 271920]
S3 RoxMediaDB;RoxMediaDB; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe [2005-11-22 864256]
S3 RoxUPnPRenderer;RoxUpnpRenderer; C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe [2005-11-21 45056]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2008-05-21 92792]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-17 362240]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Refais un scan RSIT mais choisis l'option 3 Months cette fois-ci.

Logfile of random's system information tool 1.05 (written by random/random)
Run by v.Rosset at 2009-02-23 10:46:47
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (23%) free of 39 GB
Total RAM: 1503 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:46:50, on 2009-02-23
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Documents and Settings\v.Rosset\Bureau\RSIT.exe
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\v.Rosset.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~1\Flashget\jccatch.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [mspd] "C:\WINDOWS\system32\mspd.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe /startintray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Enregistreur Vidéo Internet : rechercher des streams vidéo - file://D:\Programmes\scan.vbs
O8 - Extra context menu item: Ouvrir avec Enregistreur Vidéo Internet - file://D:\Programmes\anchor.vbs
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Programmes\Flashget\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Programmes\Flashget\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {B794C572-4E4D-4D4B-A115-25DBEB29EA71} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {DFD9C994-2EF1-4B7F-92B5-98E2D0A7CEB7} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.registrefoncier.gouv.qc.ca/Sirf/Script/14_05...
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTS...
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.registrefoncier.gouv.qc.ca/Sirf/Script/14_05...
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15103/CTP...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 9346 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\RegTool Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - D:\PROGRA~1\Flashget\jccatch.dll [2006-05-16 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-23 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-23 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"mspd"=C:\WINDOWS\system32\mspd.exe [2003-08-27 389632]
"ISUSPM Startup"=c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe [2004-07-27 221184]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-23 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SpySweeper"=C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-02-22 509784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MétéoIMédia]
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-15 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-11-21 1687552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-11-27 180269]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2002-08-12 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^v.Rosset^Menu Démarrer^Programmes^Démarrage^Pense-bête.lnk]
C:\PROGRA~1\MINDSC~1\PRINTM~1\PMREMIND.EXE [2006-05-23 2344920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programmes\Azureus\Azureus.exe"="D:\Programmes\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe"="C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:* isabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:* isabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:* isabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e341aa0-9cb1-11dd-ac7e-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{194f9a2a-e9c5-11dd-ad2f-000ae6896f3f}]
shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58611ed2-98ae-11dd-ac6a-000ae6896f3f}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95a972c0-d18e-11da-a70f-000ae6896f3f}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22b4960-987f-11dd-ac68-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe


======List of files/folders created in the last 3 months======

2009-02-23 09:50:08 ----D---- C:\_OTMoveIt
2009-02-23 09:14:45 ----D---- C:\Program Files\NOS
2009-02-23 09:14:45 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\java.exe
2009-02-23 09:10:37 ----A---- C:\Program Files\jxpiinstall-6u12-fcs-bin-b04-windows-i586-17_jan_2009.exe
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENF.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENE.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\REND.tmp
2009-02-23 08:56:40 ----D---- C:\ComboFix
2009-02-22 23:16:41 ----SHD---- C:\RECYCLER
2009-02-22 21:51:40 ----A---- C:\ComboFix.txt
2009-02-22 21:39:26 ----A---- C:\Boot.bak
2009-02-22 21:39:17 ----RASHD---- C:\cmdcons
2009-02-22 21:37:42 ----D---- C:\WINDOWS\ERDNT
2009-02-22 18:25:16 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-02-22 17:39:35 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-22 17:29:16 ----A---- C:\WINDOWS\system32\tmp.txt
2009-02-22 17:29:06 ----A---- C:\rapport.txt
2009-02-22 17:14:20 ----D---- C:\rsit
2009-02-22 08:32:22 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-21 20:39:57 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-02-21 18:07:12 ----A---- C:\WINDOWS\system32\capicom.dll
2009-02-21 18:05:43 ----D---- C:\Program Files\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2009-02-21 18:05:43 ----A---- C:\WINDOWS\WRSetup.dll
2009-02-20 19:32:31 ----D---- C:\Program Files\VS Revo Group
2009-02-15 22:43:32 ----D---- C:\Program Files\Learning Essentials
2009-02-15 22:43:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-02-15 22:43:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-02-15 22:43:10 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-02-15 22:43:09 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-02-15 22:43:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-02-15 08:51:47 ----D---- C:\Program Files\Fichiers communs\Skype
2009-02-14 22:25:46 ----D---- C:\Program Files\PowerISO
2009-02-14 11:02:58 ----A---- C:\fixnavi.txt
2009-02-13 22:57:13 ----A---- C:\Program Files\HJTInstall.exe
2009-02-12 15:47:39 ----D---- C:\Malwarebytes' Anti-Malware
2009-02-10 07:50:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware(2)
2009-02-08 19:41:28 ----D---- C:\Documents and Settings\v.Rosset\Application Data\DAEMON Tools Lite
2009-02-08 08:36:31 ----A---- C:\avenger.txt
2009-02-07 12:09:09 ----A---- C:\Program Files\Vuze_4.1.0.2_windows.exe
2009-02-06 19:29:52 ----D---- C:\Documents and Settings\v.Rosset\Application Data\RegTool
2009-02-06 15:42:52 ----A---- C:\WINDOWS\Sysvxd.exe
2009-02-06 09:03:23 ----D---- C:\Program Files\WinAVI Video Converter
2009-02-02 15:21:15 ----D---- C:\Program Files\Microsoft Encarta
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Flood Light Games
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\All Users\Application Data\Flood Light Games
2009-01-23 22:14:35 ----D---- C:\Documents and Settings\v.Rosset\Application Data\U3
2009-01-20 00:12:40 ----A---- C:\WINDOWS\DVDRegionFree.INI
2009-01-20 00:12:00 ----D---- C:\Program Files\DVD Region+CSS Free
2009-01-18 22:55:14 ----A---- C:\WINDOWS\IfoEdit.INI
2009-01-18 22:53:23 ----D---- C:\Program Files\IfoEdit
2009-01-18 19:15:04 ----A---- C:\WINDOWS\iPlayer.INI
2009-01-18 19:14:10 ----D---- C:\Program Files\InterActual
2009-01-18 13:45:04 ----D---- C:\Documents and Settings\All Users\Application Data\vsosdk
2009-01-18 01:34:48 ----A---- C:\WINDOWS\system32\sipr3260.dll
2009-01-18 01:34:48 ----A---- C:\WINDOWS\system32\drv43260.dll
2009-01-18 01:34:48 ----A---- C:\WINDOWS\system32\drv33260.dll
2009-01-18 01:34:48 ----A---- C:\WINDOWS\system32\drv23260.dll
2009-01-18 01:34:48 ----A---- C:\WINDOWS\system32\cook3260.dll
2009-01-18 01:34:47 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2009-01-18 01:34:47 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2009-01-18 01:34:45 ----D---- C:\Program Files\VSO
2009-01-17 23:01:06 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-01-17 22:57:32 ----A---- C:\WINDOWS\system32\TUKernel.exe
2009-01-17 08:33:49 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-01-16 23:00:13 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-01-16 22:59:33 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-12 23:24:34 ----A---- C:\WINDOWS\system32\AVERM.dll
2009-01-12 23:24:34 ----A---- C:\WINDOWS\system32\AVEQT.dll
2009-01-09 15:29:03 ----D---- C:\Documents and Settings\v.Rosset\Application Data\vlc
2009-01-02 15:42:42 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-27 23:44:49 ----D---- C:\Program Files\Fichiers communs\xing shared
2008-11-27 23:44:39 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2008-11-27 23:44:28 ----A---- C:\WINDOWS\system32\pndx5032.dll
2008-11-27 23:44:28 ----A---- C:\WINDOWS\system32\pndx5016.dll

======List of files/folders modified in the last 3 months======

2009-02-23 10:46:07 ----D---- C:\WINDOWS\Prefetch
2009-02-23 10:35:27 ----D---- C:\Program Files\Mozilla Thunderbird
2009-02-23 10:35:11 ----D---- C:\WINDOWS\Temp
2009-02-23 10:35:11 ----D---- C:\WINDOWS\system32
2009-02-23 10:08:25 ----RD---- C:\Program Files
2009-02-23 09:54:45 ----D---- C:\Program Files\Mozilla Firefox
2009-02-23 09:50:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-23 09:48:40 ----SHD---- C:\WINDOWS\Installer
2009-02-23 09:48:40 ----D---- C:\Config.Msi
2009-02-23 09:48:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-02-23 09:48:06 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-23 09:47:46 ----D---- C:\Program Files\Adobe
2009-02-23 09:11:53 ----D---- C:\Program Files\Java
2009-02-23 08:57:37 ----SHD---- C:\System Volume Information
2009-02-23 08:57:37 ----D---- C:\WINDOWS\system32\Restore
2009-02-23 08:57:17 ----D---- C:\WINDOWS
2009-02-22 23:18:36 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-22 21:51:46 ----D---- C:\WINDOWS\system32\drivers
2009-02-22 21:47:20 ----A---- C:\WINDOWS\system.ini
2009-02-22 21:43:18 ----D---- C:\WINDOWS\system32\config
2009-02-22 21:41:49 ----D---- C:\WINDOWS\AppPatch
2009-02-22 21:41:45 ----D---- C:\Program Files\Fichiers communs
2009-02-22 21:39:26 ----RASH---- C:\boot.ini
2009-02-22 18:25:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-22 18:25:15 ----HD---- C:\WINDOWS\inf
2009-02-22 17:42:28 ----SD---- C:\WINDOWS\Tasks
2009-02-22 16:32:42 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-22 16:03:27 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-02-22 08:47:37 ----AC---- C:\WINDOWS\win.ini
2009-02-22 08:44:50 ----D---- C:\Program Files\Free FLV Converter
2009-02-22 08:42:28 ----D---- C:\Program Files\Lavasoft
2009-02-22 08:22:25 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Skype
2009-02-22 08:20:18 ----D---- C:\Documents and Settings\v.Rosset\Application Data\skypePM
2009-02-21 21:16:59 ----D---- C:\WINDOWS\system32\DirectX
2009-02-21 21:16:58 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Azureus
2009-02-21 21:16:57 ----RSD---- C:\WINDOWS\assembly
2009-02-21 21:11:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-21 20:39:52 ----D---- C:\WINDOWS\WinSxS
2009-02-21 19:14:55 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-21 19:14:55 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Lavasoft
2009-02-21 15:42:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-18 08:42:46 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Vso
2009-02-16 09:30:18 ----SD---- C:\Documents and Settings\v.Rosset\Application Data\Microsoft
2009-02-15 22:43:15 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-15 08:51:48 ----RD---- C:\Program Files\Skype
2009-02-15 08:51:48 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-02-12 19:20:18 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-12 19:20:18 ----D---- C:\WINDOWS\Debug
2009-02-11 15:18:38 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 15:18:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-11 15:18:16 ----D---- C:\Program Files\Internet Explorer
2009-02-11 15:18:06 ----D---- C:\WINDOWS\ie7updates
2009-02-10 13:03:42 ----D---- C:\WINDOWS\system32\wbem
2009-02-10 13:03:42 ----D---- C:\WINDOWS\Registration
2009-02-10 13:03:09 ----D---- C:\WINDOWS\speech
2009-02-10 13:03:09 ----D---- C:\WINDOWS\Help
2009-02-09 23:15:02 ----D---- C:\WINDOWS\system
2009-02-09 22:39:06 ----D---- C:\WINDOWS\msagent
2009-02-09 22:35:17 ----D---- C:\WINDOWS\system32\Macromed
2009-02-07 16:58:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2009-02-07 13:36:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-06 22:10:55 ----AC---- C:\WINDOWS\WININIT.INI
2009-02-06 21:29:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-06 20:16:52 ----A---- C:\WINDOWS\system32\338fa633-.txt
2009-02-06 20:15:31 ----D---- C:\Program Files\CCleaner
2009-02-06 20:02:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-06 14:51:12 ----D---- C:\Program Files\MediaCoder
2009-02-05 16:11:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-04 22:15:18 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-02-03 18:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-03 12:02:16 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-27 11:02:41 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Opera
2009-01-20 19:35:14 ----D---- C:\Documents and Settings\v.Rosset\Application Data\dvdcss
2009-01-17 23:04:33 ----RSD---- C:\WINDOWS\Fonts
2009-01-16 21:15:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-01-14 09:20:38 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-01-02 16:37:42 ----D---- C:\Program Files\Real
2009-01-02 16:23:09 ----D---- C:\Program Files\Canon
2008-12-20 17:47:04 ----A---- C:\WINDOWS\system32\wininet.dll
2008-12-20 17:47:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-12-20 17:47:03 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-12-20 17:47:02 ----A---- C:\WINDOWS\system32\url.dll
2008-12-20 17:47:02 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-12-20 17:47:02 ----A---- C:\WINDOWS\system32\occache.dll
2008-12-20 17:47:02 ----A---- C:\WINDOWS\system32\mstime.dll
2008-12-20 17:47:01 ----A---- C:\WINDOWS\system32\msrating.dll
2008-12-20 17:47:01 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-12-20 17:46:57 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-12-20 17:46:56 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-12-20 17:46:56 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-12-20 17:46:54 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-12-20 17:46:54 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-12-20 17:46:54 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-12-20 17:46:50 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-12-20 17:46:50 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-12-20 17:46:49 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-12-20 17:46:49 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-12-20 17:46:49 ----A---- C:\WINDOWS\system32\icardie.dll
2008-12-20 17:46:49 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-12-20 17:46:48 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-12-20 17:46:48 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-12-20 17:46:48 ----A---- C:\WINDOWS\system32\advpack.dll
2008-12-19 04:11:12 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-12-19 04:10:15 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-12-19 00:23:56 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-12-10 21:27:15 ----AC---- C:\WINDOWS\SGTBox.INI
2008-12-10 18:29:17 ----D---- C:\WINDOWS\Minidump
2008-12-08 20:22:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-08 20:21:14 ----D---- C:\Program Files\ma-config.com
2008-12-08 20:21:13 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-12-08 19:50:46 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-11-27 23:50:03 ----AC---- C:\WINDOWS\cdplayer.ini
2008-11-27 23:45:29 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Real
2008-11-27 23:44:43 ----D---- C:\Program Files\Fichiers communs\Real
2008-11-27 23:44:27 ----A---- C:\WINDOWS\system32\pncrt.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2005-10-22 311680]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2005-10-22 119168]
R1 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2005-11-21 50176]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.0.1; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2006-03-08 19915]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-21 8064]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2005-10-22 27264]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 OM518P;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\om518vid.sys [2002-06-27 185256]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-06-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 RT2500;Linksys Wireless-G PCI Adapter Driver; C:\WINDOWS\System32\DRIVERS\RT2500.sys [2005-04-21 242176]
R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2003-09-02 166912]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-02-26 370048]
S2 ADSEXPB;ADS DVD Xpress B; C:\WINDOWS\System32\Drivers\adsexpb.sys [2003-10-08 32084]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\drivers\zumbus.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Jukebox3;Jukebox3; C:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2006-01-19 17280]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2005-10-22 27136]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2008-05-21 34576]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-03-09 37768]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-23 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [2008-11-12 3667312]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [2008-11-13 1086840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-22 950096]
S2 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-11-22 233472]
S2 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-11-21 409600]
S2 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-11-22 155648]
S2 WMP54Gv4SVC;WMP54Gv4SVC; C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe [2004-02-06 41025]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-05-07 779824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-07 271920]
S3 RoxMediaDB;RoxMediaDB; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe [2005-11-22 864256]
S3 RoxUPnPRenderer;RoxUpnpRenderer; C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe [2005-11-21 45056]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2008-05-21 92792]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-17 362240]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.

Double-clique sur OTMoveIt3.exe afin de le lancer.

Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:files
C:\WINDOWS\system32\338fa633-.txt

:commands
[purity]
[emptytemp]
[reboot]

Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\338fa633-.txt not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp\etilqs_CeWeRyAVbXLgAr6XZZzt scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS01AF788B-8C7C-418B-B75E-887BEBF4CE82.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS04C1E41B-2363-4DEC-A4BC-38EA01077BB6.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS068A7C30-FA37-468A-8463-62E83B19669D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS07FB6A02-340E-480F-AC79-7F672A8CEFA0.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS098763FF-A9EE-4018-AED8-7B446A32A6D7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS0B45A1E7-2441-4937-A149-E68B04DDEA01.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS106F8730-336A-4DD5-90BA-7DF84E10C738.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS128864F3-28EF-4DF5-B097-4FBB994EF0B0.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS15A56B5B-F7C9-4CDA-AF43-60AAA452E678.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS15F8070B-02E6-4CDC-A2D8-D74DA58A2C32.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS181D7D33-F183-4E9D-835A-7CCEB30577D4.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1C9C2D9A-1F00-425F-AC6D-DE7A0670C412.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1E36DCBC-BFBD-4720-A12A-3B0870AAAFF7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS21F9A39C-3908-4BB0-9EBC-482FD77E66A7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS279E0171-562A-47DC-8767-1BF391615C0F.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS27DC8FFA-D886-4593-B432-C6E677E660EB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2C00810F-9442-4E99-8528-9A8096E951D1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2C4362E5-124B-465E-A61E-9B38F3C7A907.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS308665E5-01E4-467C-8905-60E91F7C2831.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS34C559F6-6D12-4138-A9C5-2684F8E45289.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS3B24112D-CCE5-4395-94F1-37A15B30C9DC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS3C1F0C32-D602-4BC3-B2C9-0702496D302B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS3E05BA98-529B-41C5-8F29-7071465E89B9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS4069611B-05DC-4CA6-BA30-484EC9559EE3.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS40B0A622-3D87-4BDB-8F28-A58E39D3837D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS415C75FC-0435-4D8A-A996-30E782852354.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS430A7458-8E09-4A1F-9238-5010F6404317.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS44CAD30A-5B41-4075-8929-9051EDA6A885.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS45A6A779-51A0-4AC4-8D6B-7E9A75896C89.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS494F99A6-1311-413C-85EC-348744A9EAFD.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS4CAF0851-C67B-44FE-8DF0-1B47EBB30E03.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS512D40A9-97BF-48CB-8036-C55BABED1552.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS5197937C-8DBE-4D1D-8B46-915E732B69DB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS5656A623-628C-45EB-B2A7-B7203BF6E7EE.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS5758122A-BC10-46D5-98D3-240A219007A1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS592DCBC8-8A41-4A13-B404-6354DBDFF940.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS5D7D9371-5664-40F4-822B-415EC7DBC246.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS62377044-8C0A-4EA2-8AF4-5281D4FB5657.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS63035CDF-5055-4D2A-8266-B427F147C5B2.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS6583947F-AEC7-419F-ADB9-2D9094D79BB8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS66D715E0-2CFC-4354-A4FD-75E9333C5150.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS67767C27-C3C4-4017-9624-21243545A4A4.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS691DBE0C-7C95-4706-84DD-3B68F905DDE1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS696F987B-64B7-4665-8578-6418EA07A174.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS6A716B27-BE33-4B4A-82E1-6F74A9487178.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS6AF2F2BF-3712-4BF6-82C2-517D08F72D98.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS6ED1C620-7D9C-4923-B6CC-D3968A2081A7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS706B6053-6854-4E11-A40C-F8386B047C16.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS70C77886-ACCE-4F19-AD36-1B38D3D0C89C.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS72ADC202-7529-434A-BFF9-5EBA6DABA4A2.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS731B9273-9E4F-4076-8740-F724E4E6B3AC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS788676B1-721F-4D15-AF91-AFBC68D44EDF.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS79AF8EF9-C5F4-4D69-9835-E50AD20503C9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7D69ECD8-155C-4E16-8B3D-C98CEF550404.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS80173A25-4F3B-473A-BAA1-01943EDF7221.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS8302AB9A-8326-482A-A349-A3EF424FD831.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS8466423C-FCA0-4577-BDA7-6744FC1D1BAE.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS85714E70-BE33-40FE-B5B3-8702B1C33992.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS86C2AE59-9FD8-4662-AC93-46105AC50240.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS87BD9387-05AC-4D9F-9745-726C02B0949F.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS891F6681-8867-47D6-A3DC-2D1910848086.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS8F1C4AFE-B6B5-48CA-BE56-CF88920D44CC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS944D7331-E4FE-4598-B1B0-B41046256EBD.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS97AC0A83-BC38-4D9C-9457-2AF19883FF70.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS9EAB1AE1-4865-4D05-8E6B-3A01C7A9E479.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA1139D5D-DF29-480C-B3E7-4AE672FA0197.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA18CBFE8-944B-43F3-A34B-6A2154F2E639.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA2A955A9-5CF6-4140-B45C-EC21E313071B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA48C64E1-8F2D-4B0F-8253-2A8A876CA8D9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA8B79DC1-42DA-40DE-AA5E-537D322391DC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA8EBF360-BB1C-447A-9DA4-4D17A071A1C8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA9A9E3E4-6FB2-4F9B-974E-CBCF232AA9D9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSAFAD275C-8F16-49EB-9CE8-BA367360EF40.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB22CC460-9AA3-4BF7-91D0-A2C6B8B4F8DC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB60FC072-AD22-4A1A-92E6-ECA16A0047B0.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB9B33D65-76E4-42A9-9DD6-11ADD2416E4D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSBAC1EE72-067D-45A4-90C6-B60C92FC0C57.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSBAD9F531-E2D6-494C-A047-04DB9E15F033.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC10FDFBB-5129-402C-B0C4-104B8B5196AB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC3E8A642-A701-4597-A0C2-22C79F331501.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC7B5B10C-75BC-4FF3-91BC-AEC5240A4811.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC9B9350F-98DB-4285-97E9-170D1517933D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD03CCF00-599B-49A3-A380-ECF5CB46451B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD23BDCA1-F945-41F7-84F6-65EE13CEC2BC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD3900D3E-0EFE-4545-8360-6BFA9B4C6771.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD480E996-C0EF-45FB-861C-483D39C3B853.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD4F30954-CA91-4CB5-9F4F-0919162CE7B1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD9930F75-99D1-46A1-8E20-E01CD1AB4B55.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSDDBC0985-E479-40BC-A4C0-33F8AEFF1940.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSDDEA78A5-2F7B-48FE-B5E7-520A4F4F5421.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE1EFE591-72FB-4691-9946-0F40EF7A63B6.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE2F5F74A-6B88-4F78-B71B-B76CC6DD5A30.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE4EA20C4-0DDC-4D6E-80A9-9CD78E28886D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSEDFD3B34-256E-4D17-A913-CBAFB87CB921.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSEE51C839-0587-48EC-A6FB-61E5623802C6.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSEEB887B6-426C-4110-A5A5-2561BEF94189.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSEF1956CC-53E2-4E61-8587-75A9C717D270.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSF5D7D95F-A4EA-49D5-AE46-0B3DD9D9EDD1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSF804B192-002A-496D-B2C3-90795C55BD69.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSF8336ADB-7164-4D84-921F-537CCE8381B8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSFA0ED83D-00FA-40A8-87B3-B9E9FE13A354.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSFA23AA11-9DC7-49DF-B483-E0A997D3D727.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSFA48D3E1-254B-436F-ADDA-91E1BA328D5E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSFEB08ABB-F284-4932-8BE7-171D7C506D94.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_128.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_548.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02232009_111519

Files moved on Reboot...
File C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp\etilqs_CeWeRyAVbXLgAr6XZZzt not found!
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\wrstemp\SSMS01AF788B-8C7C-418B-B75E-887BEBF4CE82.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS04C1E41B-2363-4DEC-A4BC-38EA01077BB6.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS068A7C30-FA37-468A-8463-62E83B19669D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS07FB6A02-340E-480F-AC79-7F672A8CEFA0.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS098763FF-A9EE-4018-AED8-7B446A32A6D7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS0B45A1E7-2441-4937-A149-E68B04DDEA01.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS106F8730-336A-4DD5-90BA-7DF84E10C738.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS128864F3-28EF-4DF5-B097-4FBB994EF0B0.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS15A56B5B-F7C9-4CDA-AF43-60AAA452E678.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS15F8070B-02E6-4CDC-A2D8-D74DA58A2C32.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS181D7D33-F183-4E9D-835A-7CCEB30577D4.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1C9C2D9A-1F00-425F-AC6D-DE7A0670C412.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1E36DCBC-BFBD-4720-A12A-3B0870AAAFF7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS21F9A39C-3908-4BB0-9EBC-482FD77E66A7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS279E0171-562A-47DC-8767-1BF391615C0F.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS27DC8FFA-D886-4593-B432-C6E677E660EB.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2C00810F-9442-4E99-8528-9A8096E951D1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2C4362E5-124B-465E-A61E-9B38F3C7A907.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS308665E5-01E4-467C-8905-60E91F7C2831.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS34C559F6-6D12-4138-A9C5-2684F8E45289.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS3B24112D-CCE5-4395-94F1-37A15B30C9DC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS3C1F0C32-D602-4BC3-B2C9-0702496D302B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS3E05BA98-529B-41C5-8F29-7071465E89B9.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS4069611B-05DC-4CA6-BA30-484EC9559EE3.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS40B0A622-3D87-4BDB-8F28-A58E39D3837D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS415C75FC-0435-4D8A-A996-30E782852354.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS430A7458-8E09-4A1F-9238-5010F6404317.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS44CAD30A-5B41-4075-8929-9051EDA6A885.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS45A6A779-51A0-4AC4-8D6B-7E9A75896C89.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS494F99A6-1311-413C-85EC-348744A9EAFD.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS4CAF0851-C67B-44FE-8DF0-1B47EBB30E03.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS512D40A9-97BF-48CB-8036-C55BABED1552.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS5197937C-8DBE-4D1D-8B46-915E732B69DB.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS5656A623-628C-45EB-B2A7-B7203BF6E7EE.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS5758122A-BC10-46D5-98D3-240A219007A1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS592DCBC8-8A41-4A13-B404-6354DBDFF940.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS5D7D9371-5664-40F4-822B-415EC7DBC246.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS62377044-8C0A-4EA2-8AF4-5281D4FB5657.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS63035CDF-5055-4D2A-8266-B427F147C5B2.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS6583947F-AEC7-419F-ADB9-2D9094D79BB8.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS66D715E0-2CFC-4354-A4FD-75E9333C5150.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS67767C27-C3C4-4017-9624-21243545A4A4.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS691DBE0C-7C95-4706-84DD-3B68F905DDE1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS696F987B-64B7-4665-8578-6418EA07A174.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS6A716B27-BE33-4B4A-82E1-6F74A9487178.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS6AF2F2BF-3712-4BF6-82C2-517D08F72D98.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS6ED1C620-7D9C-4923-B6CC-D3968A2081A7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS706B6053-6854-4E11-A40C-F8386B047C16.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS70C77886-ACCE-4F19-AD36-1B38D3D0C89C.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS72ADC202-7529-434A-BFF9-5EBA6DABA4A2.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS731B9273-9E4F-4076-8740-F724E4E6B3AC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS788676B1-721F-4D15-AF91-AFBC68D44EDF.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS79AF8EF9-C5F4-4D69-9835-E50AD20503C9.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7D69ECD8-155C-4E16-8B3D-C98CEF550404.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS80173A25-4F3B-473A-BAA1-01943EDF7221.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS8302AB9A-8326-482A-A349-A3EF424FD831.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS8466423C-FCA0-4577-BDA7-6744FC1D1BAE.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS85714E70-BE33-40FE-B5B3-8702B1C33992.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS86C2AE59-9FD8-4662-AC93-46105AC50240.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS87BD9387-05AC-4D9F-9745-726C02B0949F.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS891F6681-8867-47D6-A3DC-2D1910848086.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS8F1C4AFE-B6B5-48CA-BE56-CF88920D44CC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS944D7331-E4FE-4598-B1B0-B41046256EBD.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS97AC0A83-BC38-4D9C-9457-2AF19883FF70.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS9EAB1AE1-4865-4D05-8E6B-3A01C7A9E479.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA1139D5D-DF29-480C-B3E7-4AE672FA0197.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA18CBFE8-944B-43F3-A34B-6A2154F2E639.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA2A955A9-5CF6-4140-B45C-EC21E313071B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA48C64E1-8F2D-4B0F-8253-2A8A876CA8D9.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA8B79DC1-42DA-40DE-AA5E-537D322391DC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA8EBF360-BB1C-447A-9DA4-4D17A071A1C8.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA9A9E3E4-6FB2-4F9B-974E-CBCF232AA9D9.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSAFAD275C-8F16-49EB-9CE8-BA367360EF40.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB22CC460-9AA3-4BF7-91D0-A2C6B8B4F8DC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB60FC072-AD22-4A1A-92E6-ECA16A0047B0.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB9B33D65-76E4-42A9-9DD6-11ADD2416E4D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSBAC1EE72-067D-45A4-90C6-B60C92FC0C57.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSBAD9F531-E2D6-494C-A047-04DB9E15F033.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC10FDFBB-5129-402C-B0C4-104B8B5196AB.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC3E8A642-A701-4597-A0C2-22C79F331501.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC7B5B10C-75BC-4FF3-91BC-AEC5240A4811.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC9B9350F-98DB-4285-97E9-170D1517933D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD03CCF00-599B-49A3-A380-ECF5CB46451B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD23BDCA1-F945-41F7-84F6-65EE13CEC2BC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD3900D3E-0EFE-4545-8360-6BFA9B4C6771.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD480E996-C0EF-45FB-861C-483D39C3B853.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD4F30954-CA91-4CB5-9F4F-0919162CE7B1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD9930F75-99D1-46A1-8E20-E01CD1AB4B55.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSDDBC0985-E479-40BC-A4C0-33F8AEFF1940.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSDDEA78A5-2F7B-48FE-B5E7-520A4F4F5421.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE1EFE591-72FB-4691-9946-0F40EF7A63B6.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE2F5F74A-6B88-4F78-B71B-B76CC6DD5A30.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE4EA20C4-0DDC-4D6E-80A9-9CD78E28886D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSEDFD3B34-256E-4D17-A913-CBAFB87CB921.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSEE51C839-0587-48EC-A6FB-61E5623802C6.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSEEB887B6-426C-4110-A5A5-2561BEF94189.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSEF1956CC-53E2-4E61-8587-75A9C717D270.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSF5D7D95F-A4EA-49D5-AE46-0B3DD9D9EDD1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSF804B192-002A-496D-B2C3-90795C55BD69.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSF8336ADB-7164-4D84-921F-537CCE8381B8.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSFA0ED83D-00FA-40A8-87B3-B9E9FE13A354.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSFA23AA11-9DC7-49DF-B483-E0A997D3D727.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSFA48D3E1-254B-436F-ADDA-91E1BA328D5E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSFEB08ABB-F284-4932-8BE7-171D7C506D94.tmp not found!
File C:\WINDOWS\temp\Perflib_Perfdata_128.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_548.dat moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\urlclassifier3.sqlite moved successfully.

1/

Télécharge ToolsCleaner2 sur ton Bureau.

Double-clique sur ToolsCleaner2.exe pour le lancer.

Clique sur Recherche et laisse le scan agir.

Clique sur Suppression pour finaliser.

Tu peux, si tu le souhaites, te servir des Options Facultatives.

Clique sur Quitter pour obtenir le rapport.

Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


2/

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit\.

OUps ! Mon info texte est celui d'hier ! Je ne trouve pas celui d'aujourd'hui, juste le log ! Je refais un scan !

C'est normal, tu n'as pas cliqué sur Suppression dans ToolsCleaner.

Destrio, je dois absolument m'absenter. Pourra-t-on reprendre une prochaine fois ?
Merci encore pour ton aide
Valérie

Pas de soucis.

Bonjour Destrio5, me revoilà !
je te joins les rapports :
[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Rsit: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\Rsit.exe: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\v.Rosset\Bureau\Rsit.exe: supprimé !
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\hijackthis.log: supprimé !
C:\Rsit: supprimé !

Logfile of random's system information tool 1.05 (written by random/random)
Run by v.Rosset at 2009-02-24 10:12:01
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (23%) free of 39 GB
Total RAM: 1503 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:12:12, on 2009-02-24
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Documents and Settings\v.Rosset\Bureau\RSIT.exe
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\v.Rosset.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~1\Flashget\jccatch.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [mspd] "C:\WINDOWS\system32\mspd.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Enregistreur Vidéo Internet : rechercher des streams vidéo - file://D:\Programmes\scan.vbs
O8 - Extra context menu item: Ouvrir avec Enregistreur Vidéo Internet - file://D:\Programmes\anchor.vbs
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Programmes\Flashget\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Programmes\Flashget\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {B794C572-4E4D-4D4B-A115-25DBEB29EA71} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {DFD9C994-2EF1-4B7F-92B5-98E2D0A7CEB7} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.registrefoncier.gouv.qc.ca/Sirf/Script/14_05...
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTS...
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.registrefoncier.gouv.qc.ca/Sirf/Script/14_05...
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15103/CTP...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 9529 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\RegTool Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - D:\PROGRA~1\Flashget\jccatch.dll [2006-05-16 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-23 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-23 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"mspd"=C:\WINDOWS\system32\mspd.exe [2003-08-27 389632]
"ISUSPM Startup"=c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe [2004-07-27 221184]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-23 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SpySweeper"=C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-02-22 509784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MétéoIMédia]
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-15 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-11-21 1687552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-11-27 180269]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2002-08-12 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^v.Rosset^Menu Démarrer^Programmes^Démarrage^Pense-bête.lnk]
C:\PROGRA~1\MINDSC~1\PRINTM~1\PMREMIND.EXE [2006-05-23 2344920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programmes\Azureus\Azureus.exe"="D:\Programmes\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe"="C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:* isabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:* isabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:* isabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e341aa0-9cb1-11dd-ac7e-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{194f9a2a-e9c5-11dd-ad2f-000ae6896f3f}]
shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58611ed2-98ae-11dd-ac6a-000ae6896f3f}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95a972c0-d18e-11da-a70f-000ae6896f3f}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22b4960-987f-11dd-ac68-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe


======List of files/folders created in the last 1 months======

2009-02-24 10:12:01 ----D---- C:\rsit
2009-02-23 13:33:18 ----A---- C:\TCleaner.txt
2009-02-23 09:14:45 ----D---- C:\Program Files\NOS
2009-02-23 09:14:45 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\java.exe
2009-02-23 09:10:37 ----A---- C:\Program Files\jxpiinstall-6u12-fcs-bin-b04-windows-i586-17_jan_2009.exe
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENF.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENE.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\REND.tmp
2009-02-22 23:16:41 ----SHD---- C:\RECYCLER
2009-02-22 21:39:26 ----A---- C:\Boot.bak
2009-02-22 21:39:17 ----RASHD---- C:\cmdcons
2009-02-22 21:37:42 ----D---- C:\WINDOWS\ERDNT
2009-02-22 18:25:16 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-02-22 17:39:35 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-22 17:29:16 ----A---- C:\WINDOWS\system32\tmp.txt
2009-02-22 17:29:06 ----A---- C:\rapport.txt
2009-02-22 08:32:22 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-21 20:39:57 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-02-21 18:07:12 ----A---- C:\WINDOWS\system32\capicom.dll
2009-02-21 18:05:43 ----D---- C:\Program Files\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2009-02-21 18:05:43 ----A---- C:\WINDOWS\WRSetup.dll
2009-02-20 19:32:31 ----D---- C:\Program Files\VS Revo Group
2009-02-15 22:43:32 ----D---- C:\Program Files\Learning Essentials
2009-02-15 22:43:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-02-15 22:43:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-02-15 22:43:10 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-02-15 22:43:09 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-02-15 22:43:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-02-15 08:51:47 ----D---- C:\Program Files\Fichiers communs\Skype
2009-02-14 22:25:46 ----D---- C:\Program Files\PowerISO
2009-02-12 15:47:39 ----D---- C:\Malwarebytes' Anti-Malware
2009-02-10 07:50:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware(2)
2009-02-08 19:41:28 ----D---- C:\Documents and Settings\v.Rosset\Application Data\DAEMON Tools Lite
2009-02-07 12:09:09 ----A---- C:\Program Files\Vuze_4.1.0.2_windows.exe
2009-02-06 19:29:52 ----D---- C:\Documents and Settings\v.Rosset\Application Data\RegTool
2009-02-06 15:42:52 ----A---- C:\WINDOWS\Sysvxd.exe
2009-02-06 09:03:23 ----D---- C:\Program Files\WinAVI Video Converter
2009-02-02 15:21:15 ----D---- C:\Program Files\Microsoft Encarta
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Flood Light Games
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\All Users\Application Data\Flood Light Games

======List of files/folders modified in the last 1 months======

2009-02-24 10:05:48 ----D---- C:\WINDOWS\system32
2009-02-24 10:05:46 ----D---- C:\Program Files\Mozilla Firefox
2009-02-24 10:02:34 ----D---- C:\WINDOWS\Temp
2009-02-24 09:46:13 ----D---- C:\Program Files\Mozilla Thunderbird
2009-02-24 09:27:00 ----D---- C:\WINDOWS\Prefetch
2009-02-23 23:44:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-23 23:37:38 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Skype
2009-02-23 16:02:02 ----D---- C:\Documents and Settings\v.Rosset\Application Data\skypePM
2009-02-23 13:33:04 ----RD---- C:\Program Files
2009-02-23 09:51:44 ----D---- C:\Config.Msi
2009-02-23 09:48:40 ----SHD---- C:\WINDOWS\Installer
2009-02-23 09:48:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-02-23 09:48:06 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-23 09:47:46 ----D---- C:\Program Files\Adobe
2009-02-23 09:11:58 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-02-23 09:11:53 ----D---- C:\Program Files\Java
2009-02-23 08:57:37 ----SHD---- C:\System Volume Information
2009-02-23 08:57:37 ----D---- C:\WINDOWS\system32\Restore
2009-02-23 08:57:17 ----D---- C:\WINDOWS
2009-02-22 23:18:36 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-22 21:51:46 ----D---- C:\WINDOWS\system32\drivers
2009-02-22 21:47:20 ----A---- C:\WINDOWS\system.ini
2009-02-22 21:43:18 ----D---- C:\WINDOWS\system32\config
2009-02-22 21:41:49 ----D---- C:\WINDOWS\AppPatch
2009-02-22 21:41:45 ----D---- C:\Program Files\Fichiers communs
2009-02-22 21:39:26 ----RASH---- C:\boot.ini
2009-02-22 18:25:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-22 18:25:15 ----HD---- C:\WINDOWS\inf
2009-02-22 17:42:28 ----SD---- C:\WINDOWS\Tasks
2009-02-22 16:32:42 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-22 16:03:27 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-02-22 16:02:19 ----A---- C:\WINDOWS\DVDRegionFree.INI
2009-02-22 08:47:37 ----AC---- C:\WINDOWS\win.ini
2009-02-22 08:44:50 ----D---- C:\Program Files\Free FLV Converter
2009-02-22 08:44:21 ----D---- C:\Program Files\VSO
2009-02-22 08:42:28 ----D---- C:\Program Files\Lavasoft
2009-02-21 21:16:59 ----D---- C:\WINDOWS\system32\DirectX
2009-02-21 21:16:58 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Azureus
2009-02-21 21:16:57 ----RSD---- C:\WINDOWS\assembly
2009-02-21 21:11:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-21 20:39:52 ----D---- C:\WINDOWS\WinSxS
2009-02-21 19:14:55 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-21 19:14:55 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Lavasoft
2009-02-21 15:42:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-18 08:42:46 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Vso
2009-02-16 09:30:18 ----SD---- C:\Documents and Settings\v.Rosset\Application Data\Microsoft
2009-02-15 22:43:15 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-15 08:51:48 ----RD---- C:\Program Files\Skype
2009-02-15 08:51:48 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-02-12 19:20:18 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-12 19:20:18 ----D---- C:\WINDOWS\Debug
2009-02-11 15:18:38 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 15:18:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-11 15:18:16 ----D---- C:\Program Files\Internet Explorer
2009-02-11 15:18:06 ----D---- C:\WINDOWS\ie7updates
2009-02-10 13:03:42 ----D---- C:\WINDOWS\system32\wbem
2009-02-10 13:03:42 ----D---- C:\WINDOWS\Registration
2009-02-10 13:03:09 ----D---- C:\WINDOWS\speech
2009-02-10 13:03:09 ----D---- C:\WINDOWS\Help
2009-02-09 23:15:02 ----D---- C:\WINDOWS\system
2009-02-09 22:39:06 ----D---- C:\WINDOWS\msagent
2009-02-09 22:35:17 ----D---- C:\WINDOWS\system32\Macromed
2009-02-07 16:58:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2009-02-07 13:36:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-06 22:10:55 ----AC---- C:\WINDOWS\WININIT.INI
2009-02-06 21:29:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-06 20:15:31 ----D---- C:\Program Files\CCleaner
2009-02-06 20:02:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-06 14:51:12 ----D---- C:\Program Files\MediaCoder
2009-02-05 16:11:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-04 22:15:18 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-02-03 18:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-03 12:02:16 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-27 11:02:41 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2005-10-22 311680]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2005-10-22 119168]
R1 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2005-11-21 50176]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.0.1; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2006-03-08 19915]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-21 8064]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2005-10-22 27264]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 OM518P;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\om518vid.sys [2002-06-27 185256]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-06-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 RT2500;Linksys Wireless-G PCI Adapter Driver; C:\WINDOWS\System32\DRIVERS\RT2500.sys [2005-04-21 242176]
R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2003-09-02 166912]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-02-26 370048]
S2 ADSEXPB;ADS DVD Xpress B; C:\WINDOWS\System32\Drivers\adsexpb.sys [2003-10-08 32084]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\drivers\zumbus.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Jukebox3;Jukebox3; C:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2006-01-19 17280]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2005-10-22 27136]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2008-05-21 34576]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-03-09 37768]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-23 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-11-22 155648]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [2008-11-12 3667312]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [2008-11-13 1086840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-22 950096]
S2 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-11-22 233472]
S2 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-11-21 409600]
S2 WMP54Gv4SVC;WMP54Gv4SVC; C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe [2004-02-06 41025]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-05-07 779824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-07 271920]
S3 RoxMediaDB;RoxMediaDB; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe [2005-11-22 864256]
S3 RoxUPnPRenderer;RoxUpnpRenderer; C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe [2005-11-21 45056]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2008-05-21 92792]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-17 362240]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-02-24 10:12:50

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {637099FB-45FD-4BC7-9651-6FB540DBB749}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
-->MsiExec.exe /I{26792CA7-D87A-4DBE-896B-C2F66B344511}
-->MsiExec.exe /I{637099FB-45FD-4BC7-9651-6FB540DBB749}
-->MsiExec.exe /I{6D4F02C4-F6AF-4659-A933-7FC06235A8D5}
-->MsiExec.exe /I{7FD9FD10-9F7F-4DDF-B9F0-911209FF0CEA}
-->MsiExec.exe /I{8C60949A-46F9-4DD7-BA9F-78C00D9D4C8D}
-->MsiExec.exe /I{EB748B9B-F872-4E95-98E8-5CA7E5425DAF}
-->MsiExec.exe /I{F0EACC27-A729-406C-9BF6-C8F10CEC36F8}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Camera Suite 1.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD13BFB0-FDD2-4AFA-A8AF-9F4A950D56B7}\setup.exe" -l0x40c
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{26BDE7D8-93F0-4A07-AD47-1707DB417941} /l1036
Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}
Canon iP4500 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series /L0x000c
Canon MovieEdit Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DE286975-ACF1-45B8-9EF7-34E162B2C817}
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}
Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}
Canon ScanGear Toolbox 3.1-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\ScanGear Toolbox Ver3.1\Uninst.isu" -c"C:\Program Files\Canon\ScanGear Toolbox Ver3.1\uninst.dll"
Canon Utilities ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
ConvertXtoDVD 3.4.7.121-->"D:\Programmes\convertx\unins000.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
D-Link VGA Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A783A9B5-9249-494C-8766-ECDE41FD6160}\Setup.exe" -l0x40c
DriverAgent by TouchStone Software-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove
DVD Decrypter 3.5.4.0 Fr-->C:\Program Files\DVD Decrypter\UnInstall_DVDdecrypt.exe
DVD Region+CSS Free 5.9.8.5-->"C:\Program Files\DVD Region+CSS Free\unins000.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVD Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
DVDCoach Express 0.9.2-->"C:\Program Files\Kibisoft\DVDCoach Express\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.3.0-->"C:\Program Files\DVDFab 5\unins000.exe"
DVDFab Decrypter 3.0.8.0-->"C:\Program Files\DVDFab Decrypter 3\unins000.exe"
DVDFab HD Decrypter 4.1.0.2-->"C:\Program Files\DVDFab HD Decrypter 4\unins000.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Free FLV Converter V 6.1.0-->"C:\Program Files\Free FLV Converter\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IFOEdit 0.971 Fr-->C:\Program Files\IfoEdit\UnInstall_IfoEdit.exe
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
InterVideo WinDVD 4-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Kaspersky On-line Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Indispensables Éducation pour Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
LimeWire 4.16.6-->"C:\Program Files\LimeWire\uninstall.exe"
Linksys Wireless-G PCI Adapter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4DDC3BED-CC68-44AA-B435-D727B620CA5B}\setup.exe" -l0x40c
Macromedia Flash Player 8-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
Malwarebytes' Anti-Malware-->"C:\Malwarebytes' Anti-Malware\unins000.exe"
MediaCoder 0.6.0-->C:\Program Files\MediaCoder\uninst.exe
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Encarta 2009 - Collection-->MsiExec.exe /I{09180081-2C94-4A67-8E55-8483C019C7D2}
Microsoft Encarta Maths-->MsiExec.exe /I{07183840-959A-4B0D-8825-2C533F0DDB19}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Disque 2-->MsiExec.exe /I{0004040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 SR-1 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
MioTransfer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{49F00501-E02F-458F-8AED-85949AB9656F}\setup.exe" -l0x40c
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MPEG2 Video Encoder-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E6A0986D-3244-4AB7-BE29-11500E68EF46}\Setup.exe" -l0x40c
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 and SOAP Toolkit 3.0-->MsiExec.exe /I{32343DB6-9A52-40C9-87E4-5E7C79791C87}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
muvee autoProducer 3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD057516-AE06-44FA-B615-463FD524526F}\Setup.exe" -l0x40c
Nero 7 Essentials-->MsiExec.exe /X{E11BD6A7-5046-4D25-ABCB-386A54F71036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Net Transport 1.94.282-->"C:\Program Files\Xi\NetTransport 2\unins000.exe"
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PIXMA Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PrintMaster 7.00-->c:\PROGRA~1\MINDSC~1\PRINTM~1\uninst32.exe /IFirst
ProSavageDDR and Utilities-->C:\PROGRA~1\S3Inc\P4M266\s3setvga.exe -s -fC:\PROGRA~1\S3Inc\P4M266\P4M266.uns
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RamBoost XP 4.0.6-->"C:\Program Files\RamBoost XP\unins000.exe"
Revo Uninstaller 1.71-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Roxio Content 8-->MsiExec.exe /X{329B7564-7E13-4A70-BC2B-F9870C82AAB6}
Roxio Easy Media Creator 8 Suite-->MsiExec.exe /I{868901EE-7807-4F89-A134-7C705D34F91F}
S3Display-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
Scan Manager 5.2-->MsiExec.exe /I{E0A1559B-9886-11D4-8D06-0050DA284A39}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Spy Sweeper Core-->MsiExec.exe /I{3F5B6210-0903-4DC6-8034-8F488AA3A782}
Spy Sweeper-->"C:\Program Files\Webroot\WebrootSecurity\unins000.exe"
Spybot - Search & Destroy 1.5.2.20-->"C:\WINDOWS\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
VIA Audio Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -f"C:\PROGRA~1\VIATEC~1\VIAAUD~1/Uninst.isu"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->D:\Programmes\vlc\uninstall.exe
Vuze-->D:\Programmes\Azureus\uninstall.exe
WinAVI Video Converter 8.0-->"C:\Program Files\WinAVI Video Converter\unins000.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPcap 4.1 beta4-->C:\Program Files\WinPcap\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

=====HijackThis Backups=====

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\fgiebar.dll (file missing)

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090223-0]
FW: Webroot Internet Security Essentials (disabled)

System event log

Computer Name: VALOU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

Record Number: 124103
Source Name: Service Control Manager
Time Written: 20090209081110.000000-300
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: VALOU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant.

Record Number: 124102
Source Name: Service Control Manager
Time Written: 20090209081110.000000-300
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: VALOU
Event Code: 7036
Message: Le service Téléphonie est entré dans l'état : en cours d'exécution.

Record Number: 124101
Source Name: Service Control Manager
Time Written: 20090209081110.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service avast! Web Scanner.

Record Number: 124100
Source Name: Service Control Manager
Time Written: 20090209081110.000000-300
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: VALOU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service avast! Mail Scanner.

Record Number: 124099
Source Name: Service Control Manager
Time Written: 20090209081109.000000-300
Event Type: Informations
User: AUTORITE NT\SYSTEM

Application event log

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 202000
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201999
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201998
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201997
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201996
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0207
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"RoxioCentral"=C:\Program Files\Fichiers communs\Roxio Shared\Roxio Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

Désinstalle Avast.

Installe Antivir et mets-le à jour.

Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.

Dans Antivir, choisis Outils puis Configuration.

Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.

Fais un scan complet et poste le rapport.

Avira AntiVir Personal
Date de création du fichier de rapport : mardi 24 février 2009 12:58

La recherche porte sur 1264268 souches de virus.

Détenteur de la licence :Avira AntiVir PersonalEdition Classic
Numéro de série : 0000149996-ADJIE-0001
Plateforme : Windows XP
Version de Windows  Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur :VALOU

Informations de version :
BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 14:21:00
AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 19:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 18:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 13:30:27
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 17:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 16:02:25
ANTIVIR2.VDF : 7.1.2.55 248832 Bytes 20/02/2009 16:02:28
ANTIVIR3.VDF : 7.1.2.74 90112 Bytes 24/02/2009 16:02:30
Version du moteur: 8.2.0.88
AEVDF.DLL : 8.1.1.0 106868 Bytes 24/02/2009 16:02:51
AESCRIPT.DLL : 8.1.1.52 348538 Bytes 24/02/2009 16:02:49
AESCN.DLL : 8.1.1.7 127347 Bytes 24/02/2009 16:02:48
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 19:58:38
AEPACK.DLL : 8.1.3.8 397684 Bytes 24/02/2009 16:02:47
AEOFFICE.DLL : 8.1.0.33 196987 Bytes 24/02/2009 16:02:44
AEHEUR.DLL : 8.1.0.97 1610103 Bytes 24/02/2009 16:02:42
AEHELP.DLL : 8.1.2.0 119159 Bytes 24/02/2009 16:02:35
AEGEN.DLL : 8.1.1.21 336244 Bytes 24/02/2009 16:02:34
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 16:05:56
AECORE.DLL : 8.1.6.6 176501 Bytes 24/02/2009 16:02:32
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 16:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 14:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 15:27:58
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 18:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 17:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 14:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 18:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 23:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 18:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 18:05:07
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 13:23:16
RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 16:08:43

Configuration pour la recherche actuelle :
Nom de la tâche..................: Contrôle intégral du système
Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp
Documentation....................: bas
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Secteurs d'amorçage..............: C:, D:,
Recherche dans les programmes actifs: marche
Recherche en cours sur l'enregistrement: marche
Recherche de Rootkits............: marche
Fichier mode de recherche........: Sélection de fichiers intelligente
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: moyen

Début de la recherche : mardi 24 février 2009 12:58

La recherche d'objets cachés commence.
'68419' objets ont été contrôlés, '0' objets cachés ont été trouvés.

La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SpySweeperUI.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'QTTask.exe' - '1' module(s) sont contrôlés
Processus de recherche 'issch.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WMP54Gv4.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wmiapsrv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WLService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SpySweeper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RoxWatch.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LSSrvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ijplmsvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ashServ.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WRConsumerService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'34' processus ont été contrôlés avec '34' modules

La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !

La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !
Secteur d'amorçage 'D:\'
[INFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence.
Le registre a été contrôlé ( '50' fichiers).


La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\' <Disque local>
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudCgp.zip
[RESULTAT] Contient le code suspect GEN/PwdZIP
[REMARQUE] Le résultat positif a été classé comme suspect.
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0d382b.qua' !
C:\WINDOWS\system32\SsiEfr.exe
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\WINDOWS\system32\wrLZMA.dll
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
Recherche débutant dans 'D:\'


Fin de la recherche : mardi 24 février 2009 13:47
Temps nécessaire: 49:02 Minute(s)

La recherche a été effectuée intégralement

7454 Les répertoires ont été contrôlés
276589 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
1 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
1 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
3 Impossible de contrôler des fichiers
276585 Fichiers non infectés
2936 Les archives ont été contrôlées
3 Avertissements
1 Consignes
68419 Des objets ont été contrôlés lors du Rootkitscan
0 Des objets cachés ont été trouvés

Toujours des soucis ?

Et oui ! Encore encore...je pense que je vais tout formater...ce sera plus simple
En tout cas, merci énormément pour ta patience.
Est-ce que je devrais laisser antivir ou installer Gdata ?
Merci encore

---> J'ai entendu dire que G-Data était un bon antivirus mais il est payant.

Télécharge SDFix (créé par AndyManchesta) sur ton Bureau.

Double-clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.

Redémarre ton ordinateur en Mode sans échec.

Pour redémarrer en mode sans échec :

Redémarre ton PC.

Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.

Dans le menu d'options avancées, choisis Mode sans échec.

Choisis ta session.

Déroule la liste des instructions ci-dessous :

Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double-clique sur RunThis.bat pour lancer le script.

Appuie sur Y pour commencer le processus de nettoyage.

Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

Appuie sur une touche pour redémarrer le PC.

Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.

Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.

Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.

Je dois partir travailler...je te joins le scan. Merci, À bientôt :

SDFix: Version 1.240
Run by v.Rosset on 2009-02-24 at 14:48

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:\Documents and Settings\A.Latour\.jmap\sessions\.security - Deleted





Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-24 15:08:53
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\CancelAutoplay\CLSID]
"\30 A?E?2?A?E?D?8?F?-?5?6?9?5?-?4?a?6?d?-?9?7?0?9?-?1?4?E?5?1?C?D?1?7?B?1?C?'?"=""

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\\Programmes\\Azureus\\Azureus.exe"="D:\\Programmes\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Roxio\\Easy Media Creator 8\\Digital Home\\RoxUpnpServer.exe"="C:\\Program Files\\Roxio\\Easy Media Creator 8\\Digital Home\\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:* isabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:* isabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:* isabled:Windows Messenger"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Wed 22 Oct 2008 949,072 A.SHR --- "C:\Program Files\File Scanner Library (Spybot - Search & Destroy)\advcheck.dll"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)\Tools.dll"
Thu 5 Jun 2003 24,576 A..H. --- "C:\Program Files\RamBoost XP\StopRam.exe"
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Program Files\SDHelper (Spybot - Search & Destroy)\SDHelper.dll"
Wed 22 Oct 2008 949,072 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\advcheck.dll"
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll"
Thu 14 Aug 2008 1,429,840 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Wed 30 Jul 2008 4,891,984 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Tue 16 Sep 2008 1,833,296 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\Tools.dll"
Sat 5 Aug 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Fri 16 Nov 2007 36,352 ...H. --- "C:\Documents and Settings\v.Rosset\Mes documents\~WRL0004.tmp"
Fri 16 Nov 2007 43,008 ...H. --- "C:\Documents and Settings\v.Rosset\Mes documents\~WRL1086.tmp"
Tue 20 Jan 2009 609 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti51.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS029F0949-D2F9-47E7-87CE-57E90FAC8DF0.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS0589FCEA-A305-4546-BCCF-FF51365E0AF7.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS0784FED5-A333-49B6-BDF5-B02FDC3BCB29.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS093A5440-E233-48DF-8F8D-6F8A3D9EBF2E.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS0A90CA14-3EE7-43A7-8BC5-D458BB2BA703.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS14126CF6-9386-40C8-9AA3-AC23CD3C9547.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS15DCF607-3BD6-421C-86BA-8511C03C7244.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS1761E6D7-5498-4678-88A7-0A492B0EFA25.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS18641491-6F34-4489-9090-0B7B426CE010.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS1B09C7AE-1629-4E0C-8640-092A708120DA.tmp"
Tue 24 Feb 2009 65,536 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS218D8416-74F0-4C79-93E0-0BE7E5D9AE74.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS22E437D5-2E9E-4754-BC3D-E7F4B25F1DB1.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS257FBD0D-FD5C-4C0F-B7C8-814C492F307C.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS2C9C5922-F0C5-4CFB-BAE5-7C6B2AB06F46.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS30C38D2E-4B69-49CD-A195-56A7142062DB.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS338A6D8F-92E3-4370-855B-E970CFFA6813.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS3583B60D-AFD8-4BD9-8EAA-E8B3BCB3C88D.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS38B5A709-BA85-4174-A2FE-FD3A955E1111.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS38F8DDD6-B6BE-412E-827B-D20E1A817902.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS38A5A9A2-F496-429A-84BF-A4CE1C0B906C.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS3B530239-F94C-4564-95D6-8E372C05A285.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS3C5D213E-1CAB-45BF-B2F1-7649549986A3.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS44E2A44D-AF7C-4410-AF6B-FCAC786DAB84.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS452FB61A-9EB9-4519-A1C1-1BE215D2276B.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS49C4AD55-CB11-4733-B6A5-667D5D282C8B.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS499C411B-1B30-4050-B675-1225B9BDA172.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS4BD2CC03-C80F-4D0B-975A-9CD8DBDA37A8.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS4EC20D59-86EF-461D-8E9E-4F3CC752A671.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS5314A510-BD67-417A-9847-5159546A1901.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS54D3132D-97B7-42BC-8BD4-25EB429F5787.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS540C7DAA-BE1B-41E2-9806-FC3BEE6CAAAD.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS56918607-9507-4377-B4E3-9A259F272B5C.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS5C350D0A-CC21-449B-BA36-7354F07570C0.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS5C9BC507-1DF9-4D08-B6C6-C5CCA106D339.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS5DE55EC0-8950-4C89-B5D0-AB2117EC8201.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS5EBE6FB2-F76C-4F79-8640-98EF63D5135C.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS5EAF5D3D-5FE6-4D5C-AA8C-23EDA7CDA185.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS5F847A36-84E9-4EB9-9C52-A380245521DF.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS63C4CBCC-0251-4AB6-99FA-F8CDC4851365.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS64A96CE8-37BA-4EE9-ACCD-ACC05138DC8F.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS67E46CB4-0DB2-406F-83C7-F0C500255C81.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS68029DFC-0BF6-4C2D-ACF0-C932169FEF38.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS686CEA1D-9438-4DAD-9BE6-FB989AA438D1.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS6B2CBC1D-4127-49D2-96E9-8EE36108977F.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS6CFB9165-907A-42E5-9421-FC2CB115EC9A.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS6DFED260-8653-4F08-B4CA-58782444D316.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS6EA06F98-54B1-40AD-A3CD-82881325E2F6.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS6E4104E0-D279-4739-A410-64797DCB628E.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS76213057-2203-46AB-95CB-0944D91D6565.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS7A5ACB1F-F92A-4915-96C0-DF7869CB2A8C.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS7D873BA6-4E6D-41F4-89C7-7B035FCD6E05.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS7F2638BE-FB58-4D98-A84A-17A4E350D90B.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS8268FCCC-3B20-41B7-AA5B-3332723994A2.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS866EDBF8-4380-484E-878F-E0FD639F7443.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS888C190A-A1A1-4275-B400-93F2ED350B35.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS904CAEBD-17CA-4072-A0F6-A1264AC9903A.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS91EC0D70-1404-41B1-8D2D-FB4522E2730A.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS92F3EFB5-0407-4EFA-A0AC-37D2691E5EE0.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS948BEE53-1035-44C9-973D-8C8F3F279B2A.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS9455D811-A25C-47DF-8607-51AD2B6CA16A.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS95C91406-0003-4AF4-8FD9-77CEBB9382E8.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS9794038D-0772-41C3-BE66-D65123AE357B.tmp"
Tue 24 Feb 2009 65,536 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS9874DCCA-2896-49EE-BF40-A6C3CE8FE313.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS9920E9A0-258E-4201-94EB-76F33A2CBA46.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMS9FA01356-3D06-492D-8DDA-024360E57EC9.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSA03DADE4-75B1-4134-B85D-4980F03C88AF.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSA4FA51A3-9C08-4C21-9061-AF1CB2B64AE2.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSA5EBC106-D059-4812-8870-F15A5136E7F6.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSAAF3DE9A-66D8-4027-AA3F-411A591E68DA.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSABDDBEFD-7207-4F5E-AE2F-545BD48DC395.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSABEB3D6B-2418-41B7-9FC6-6CD7B2DBD6C3.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSAD17CB13-F545-4612-BDC1-F4C21CC00E21.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSB480C21B-8922-408B-BFB5-6415351CEB4F.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSB8356789-D415-4E5D-9AC8-2A2053D43295.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSBC94D02C-224D-41FA-9861-B15BC6F81CAA.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSBD3BB73B-AE2A-436A-B3B2-3EE25B822A90.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSBF5FC607-1EE1-4BEF-AF87-062385835772.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSC2B42605-9AE4-414C-8733-9C19CD2DC5C4.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSD1989FC6-BA57-4A3F-8B2F-B334386DEDF7.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSD3AE6847-023D-4E70-ABFF-213584C3CAF1.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSD93CC63F-E228-4A3E-90E9-70369C5EC6D5.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSDA13A866-0545-41AA-8FA3-122BEA82519E.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSDA49D29C-F661-430A-A345-C2808296DE24.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSDA5D4FBC-118C-4BF6-9DCC-981BB8639C9B.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSDAC3CF48-8D06-4861-96B6-EBB91BBB1100.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSDC099D0D-0AC4-4D7C-835C-6F3396D79324.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSDCFE45C7-6CD2-4244-BC43-9F626866E698.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSDEF2FC91-76C3-4A40-929F-7BF2DFDD7199.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSE0904463-29A0-489B-8CE9-7F7CECD9121A.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSE04627C5-45C7-4260-A0F7-E3182D599EFF.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSE1A81311-54A5-4A87-82E3-4ABF0C167A10.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSE2EBF202-1532-46FE-BAD7-FDF4307C4160.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSE34613DD-7608-49A1-83E6-10FBEDA3860C.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSE783F02E-33EE-44CB-AFBA-C3E592D9B54B.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSEA9C003C-BB5E-4AC2-8EB4-FB60BBAD678B.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSEFA36FBA-773C-4C83-A1E8-5D6F40B501EF.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSF0F77A71-D22D-426B-B093-81F13249A301.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSF52EDE89-081D-4501-BFB7-880C2012B42A.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSF6481BDE-683E-4177-B6C1-BCF1957A294B.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSF8136AEE-21CE-4FA3-8055-8BA5D750A010.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSF8257322-E9E3-40A3-A776-1E6115231860.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSFB521A76-E86F-47AD-AA97-DEB44BBE35C4.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSFD41FF7D-D997-4FA8-BBF9-834502A9FDF6.tmp"
Tue 24 Feb 2009 0 A..H. --- "C:\WINDOWS\Temp\wrstemp\SSMSFE6982A2-A35C-4EF0-8194-1615FCF29002.tmp"
Fri 19 Jan 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Wed 13 Jun 2007 7,356 A.SH. --- "C:\Documents and Settings\A.Latour\Application Data\Roxio\Dragon\3.x\DiscInfoCache\HL-DT-ST_CD-ROM_GCR-8520B_1.00_300_DICV018_DRGV3000038.TMP"
Wed 2 Jul 2008 3,718 A.SH. --- "C:\Documents and Settings\A.Latour\Application Data\Roxio\Dragon\3.x\DiscInfoCache\HL-DT-ST_DVD-RAM_GSA-H55N_1.03_300_DICV018_DRGV3000038.TMP"

Finished!

Ça fait longtemps que tu as Spy Sweeper ?

Non, 3 ou 4 jours...je l'ai téléchargé sur internet justement à cause de ces maudites fenêtres !! ! Pourquoi ?

Ces fenêtres parlent de quoi ?

Un peu de tout, info, entreprise, porno, google.
Je viens d'en noter quelques uns : newser, volume-consumer, ajmp, somewherearoundhere.com, servicemagic.com, prideandglorynow.cn...De tout et n'importe quoi ????????

Télécharge Lop S&D sur ton Bureau.

Double-clique dessus pour lancer l'installation.

Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.

Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .

Patiente jusqu'à la fin du scan.

Poste le rapport généré (C:\lopR.txt).

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.40GHz )
BIOS : Default System BIOS
USER : v.Rosset ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
Firewall : Webroot Internet Security Essentials 6.0.0.0 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:38 Go (Free:8 Go)
D:\ (Local Disk) - NTFS - Total:38 Go (Free:22 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 2009-02-24|21:27 )

--------------------\\ Listing des dossiers dans APPLIC~1

[2008-10-13|08:24] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Adobe
[2008-07-05|13:04] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Ahead
[2008-10-28|16:29] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Apple Computer
[2007-03-30|21:24] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\ArcSoft
[2008-04-26|20:14] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Canon
[2008-08-11|17:00] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\CD-LabelPrint
[2007-09-05|20:59] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\CyberLink
[2008-06-30|16:57] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Google
[2006-03-14|23:21] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Help
[2006-03-06|14:55] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Identities
[2007-04-15|09:53] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\InterVideo
[2008-01-19|11:30] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Lavasoft
[2006-07-28|05:29] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\LimeWire
[2006-03-09|16:57] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Macromedia
[2008-10-10|17:49] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Malwarebytes
[2008-02-08|17:31] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Microsoft
[2008-09-04|17:53] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Mozilla
[2008-03-31|17:32] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\MSN6
[2006-03-12|17:25] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Rainlendar
[2008-08-09|15:54] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Real
[2008-03-16|17:09] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Roxio
[2006-06-06|18:34] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\SlySoft
[2006-04-20|20:28] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Sun
[2006-04-07|16:29] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Talkback
[2006-04-07|16:29] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Thunderbird
[2008-10-10|17:47] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\TuneUp Software
[2006-06-03|19:50] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\Ulead Systems
[2007-09-06|17:56] C:\DOCUME~1\A7EA4~1.LAT\APPLIC~1\vlc


[2007-11-30|22:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2008-02-12|07:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla

[2009-01-16|22:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
[2009-02-22|08:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009-02-23|09:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2007-09-16|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[2008-10-28|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-12-08|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2009-02-24|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[2007-08-11|21:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[2008-08-11|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[2009-02-07|16:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonIJPLM
[2008-09-19|18:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[2007-08-24|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2009-01-14|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[2009-01-30|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flood Light Games
[2007-03-21|09:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2006-05-16|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[2009-02-22|08:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2007-09-16|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[2008-12-08|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[2008-10-05|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2009-02-21|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2006-12-07|09:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[2008-03-31|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[2006-10-13|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[2007-09-16|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[2009-02-23|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[2007-05-03|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[2006-05-16|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
[2006-12-07|09:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[2007-08-10|14:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[2009-02-15|08:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[2006-05-16|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[2009-02-21|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-04-02|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2007-02-17|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Transparent
[2008-10-06|08:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[2006-07-17|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[2008-07-07|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Uniblue
[2009-01-18|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
[2009-02-21|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Webroot
[2006-03-14|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[2007-11-30|22:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[2006-12-08|19:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2006-05-16|13:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Roxio

[2006-03-06|11:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[2008-10-13|08:06] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Adobe
[2007-09-16|16:42] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Ahead
[2006-10-12|09:45] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Ambient Design
[2008-10-29|20:26] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Apple Computer
[2006-06-03|05:25] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\ArcSoft
[2006-10-12|08:44] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Avant Profiles
[2009-02-21|21:16] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Azureus
[2006-11-03|08:23] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Babylon
[2008-03-16|17:41] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Canon
[2008-08-13|14:19] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\CD-LabelPrint
[2008-08-02|15:34] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Creative
[2007-08-24|14:26] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\CyberLink
[2009-02-08|19:56] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\DAEMON Tools Lite
[2008-09-05|18:03] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\DonationCoder
[2009-01-20|19:35] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\dvdcss
[2008-03-13|08:08] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\DVDFab
[2006-06-06|15:01] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Elaborate Bytes
[2009-01-30|15:06] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Flood Light Games
[2008-06-28|22:34] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Google
[2006-06-03|06:15] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Help
[2006-03-06|11:06] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Identities
[2006-03-06|13:11] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\InterTrust
[2006-04-19|12:18] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\InterVideo
[2008-06-30|10:18] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\kibisoft
[2009-02-21|19:14] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Lavasoft
[2006-03-09|10:55] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Macromedia
[2008-10-05|17:07] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Malwarebytes
[2009-02-16|09:30] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Microsoft
[2006-03-06|12:29] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Microsoft Web Folders
[2008-09-04|09:00] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Mozilla
[2009-01-27|11:02] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Opera
[2007-07-20|10:18] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Participatory Culture Foundation
[2007-07-20|18:23] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\PCF-VLC
[2008-09-19|18:00] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\PhotoInPress
[2008-11-27|23:45] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Real
[2009-02-06|19:29] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\RegTool
[2006-06-02|22:05] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Roxio
[2007-12-09|10:38] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\SecuROM
[2009-02-24|14:37] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Skype
[2009-02-24|14:19] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\skypePM
[2006-06-06|14:55] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\SlySoft
[2007-12-02|09:44] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\SmartDraw
[2006-05-16|20:05] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Sonic
[2006-04-13|14:47] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Sun
[2006-03-09|16:41] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Talkback
[2006-03-09|16:41] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Thunderbird
[2008-10-06|08:43] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\TuneUp Software
[2009-01-23|22:18] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\U3
[2006-05-11|13:27] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Ulead Systems
[2008-07-07|09:09] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Uniblue
[2009-01-09|15:34] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\vlc
[2009-02-18|08:42] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Vso
[2009-02-21|18:05] C:\DOCUME~1\VF82C~1.ROS\APPLIC~1\Webroot



--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[2009-02-23 08:40][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009-02-24 12:00][--a------] C:\WINDOWS\tasks\RegTool Scan.job
[2009-02-24 20:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2002-08-30 07:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[2009-02-23|09:47] C:\Program Files\Adobe
[2006-03-06|11:54] C:\Program Files\Alwil Software
[2008-10-28|16:27] C:\Program Files\Apple Software Update
[2009-02-24|10:58] C:\Program Files\Avira
[2006-10-13|14:29] C:\Program Files\Caere
[2009-01-02|16:23] C:\Program Files\Canon
[2008-08-11|16:40] C:\Program Files\CanonBJ
[2009-02-06|20:15] C:\Program Files\CCleaner
[2007-10-12|10:01] C:\Program Files\CDBurnerXP Pro 3
[2008-09-19|21:45] C:\Program Files\Creative
[2008-07-31|09:48] C:\Program Files\Creative Installation Information
[2007-08-24|14:21] C:\Program Files\CyberLink
[2007-03-01|09:00] C:\Program Files\DATA BECKER
[2008-02-05|12:44] C:\Program Files\directx
[2008-10-12|11:53] C:\Program Files\DivX
[2008-02-05|12:44] C:\Program Files\D-Link
[2006-03-08|15:20] C:\Program Files\driver
[2007-08-11|16:11] C:\Program Files\DVD Decrypter
[2009-01-20|00:12] C:\Program Files\DVD Region+CSS Free
[2006-04-13|12:22] C:\Program Files\DVD Shrink
[2008-06-21|09:50] C:\Program Files\DVDFab 5
[2006-07-17|15:59] C:\Program Files\DVDFab Decrypter
[2007-02-14|14:08] C:\Program Files\DVDFab Decrypter 3
[2008-06-30|10:18] C:\Program Files\DVDFab HD Decrypter 4
[2009-02-22|21:41] C:\Program Files\Fichiers communs
[2008-11-23|17:14] C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2008-04-15|12:58] C:\Program Files\FLV Player
[2009-02-22|08:44] C:\Program Files\Free FLV Converter
[2009-01-20|09:22] C:\Program Files\IfoEdit
[2009-02-06|20:02] C:\Program Files\InstallShield Installation Information
[2009-01-18|19:14] C:\Program Files\InterActual
[2009-02-11|15:18] C:\Program Files\Internet Explorer
[2006-04-19|12:17] C:\Program Files\InterVideo
[2009-02-23|09:11] C:\Program Files\Java
[2008-08-04|20:50] C:\Program Files\Kibisoft
[2006-10-01|08:18] C:\Program Files\Lavalys
[2009-02-22|08:42] C:\Program Files\Lavasoft
[2009-02-15|22:43] C:\Program Files\Learning Essentials
[2008-07-22|17:02] C:\Program Files\LimeWire
[2008-07-04|05:27] C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor
[2008-12-08|20:21] C:\Program Files\ma-config.com
[2009-02-07|13:36] C:\Program Files\Malwarebytes' Anti-Malware
[2009-02-10|13:03] C:\Program Files\Malwarebytes' Anti-Malware(2)
[2009-02-06|14:51] C:\Program Files\MediaCoder
[2008-08-18|07:45] C:\Program Files\Messenger
[2006-07-19|08:42] C:\Program Files\Microsoft Bootvis
[2009-02-02|15:21] C:\Program Files\Microsoft Encarta
[2006-03-06|12:52] C:\Program Files\microsoft frontpage
[2008-01-27|21:31] C:\Program Files\Microsoft Office
[2006-05-23|11:33] C:\Program Files\Mindscape
[2007-03-10|07:55] C:\Program Files\Mio DigiWalker
[2008-11-23|17:14] C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[2008-08-18|07:41] C:\Program Files\Movie Maker
[2009-02-24|20:52] C:\Program Files\Mozilla Firefox
[2009-02-24|20:51] C:\Program Files\Mozilla Thunderbird
[2008-10-27|07:37] C:\Program Files\MSBuild
[2008-01-27|20:50] C:\Program Files\MSECache
[2006-03-06|10:56] C:\Program Files\MSN
[2006-03-06|10:56] C:\Program Files\MSN Gaming Zone
[2008-08-22|16:15] C:\Program Files\MSN Messenger
[2008-11-13|21:35] C:\Program Files\MSXML 4.0
[2007-09-16|16:14] C:\Program Files\Nero
[2008-08-18|07:38] C:\Program Files\NetMeeting
[2009-02-23|09:52] C:\Program Files\NOS
[2007-06-15|14:06] C:\Program Files\OfficeUpdate11
[2008-08-18|07:38] C:\Program Files\Outlook Express
[2008-03-18|19:11] C:\Program Files\PhotoFiltre
[2009-02-22|08:43] C:\Program Files\PowerISO
[2008-10-28|16:28] C:\Program Files\QuickTime
[2007-06-15|11:35] C:\Program Files\RamBoost XP
[2009-01-02|16:37] C:\Program Files\Real
[2008-10-27|07:37] C:\Program Files\Reference Assemblies
[2006-05-16|13:17] C:\Program Files\Roxio
[2006-03-08|15:20] C:\Program Files\S3Inc
[2008-11-23|17:14] C:\Program Files\SDHelper (Spybot - Search & Destroy)
[2006-03-06|10:59] C:\Program Files\Services en ligne
[2009-02-15|08:51] C:\Program Files\Skype
[2006-12-07|09:49] C:\Program Files\Snapshot Viewer
[2006-05-16|13:17] C:\Program Files\Sonic
[2009-02-06|21:29] C:\Program Files\Spybot - Search & Destroy
[2009-01-17|22:55] C:\Program Files\TuneUp Utilities 2009
[2007-11-23|15:13] C:\Program Files\vdownloader
[2006-03-08|15:17] C:\Program Files\VIA Technologies, Inc
[2009-02-20|19:32] C:\Program Files\VS Revo Group
[2009-02-22|08:44] C:\Program Files\VSO
[2006-03-24|06:43] C:\Program Files\Web Publish
[2009-02-21|18:05] C:\Program Files\Webroot
[2009-02-06|09:03] C:\Program Files\WinAVI Video Converter
[2007-03-01|08:59] C:\Program Files\Windows Media Components
[2007-01-19|09:11] C:\Program Files\Windows Media Connect 2
[2008-08-18|08:55] C:\Program Files\Windows Media Player
[2008-08-18|07:38] C:\Program Files\Windows NT
[2008-09-05|18:03] C:\Program Files\WinPcap
[2006-09-03|09:20] C:\Program Files\WinRAR
[2007-03-01|08:59] C:\Program Files\WMV9_VCM
[2006-03-06|11:00] C:\Program Files\xerox
[2007-08-31|19:55] C:\Program Files\Xi
[2007-10-24|08:53] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[2009-02-23|09:48] C:\Program Files\Fichiers communs\Adobe
[2007-09-16|16:22] C:\Program Files\Fichiers communs\Ahead
[2008-11-15|09:22] C:\Program Files\Fichiers communs\Apple
[2006-10-13|14:30] C:\Program Files\Fichiers communs\Caere
[2006-03-06|12:31] C:\Program Files\Fichiers communs\Designer
[2006-05-16|13:15] C:\Program Files\Fichiers communs\InstallShield
[2006-04-13|14:46] C:\Program Files\Fichiers communs\Java
[2007-09-16|16:22] C:\Program Files\Fichiers communs\LightScribe
[2009-02-03|12:02] C:\Program Files\Fichiers communs\Microsoft Shared
[2006-03-06|10:57] C:\Program Files\Fichiers communs\MSSoap
[2006-10-13|11:17] C:\Program Files\Fichiers communs\muvee Technologies
[2008-11-27|23:44] C:\Program Files\Fichiers communs\Real
[2006-05-16|13:17] C:\Program Files\Fichiers communs\Roxio Shared
[2006-03-06|10:58] C:\Program Files\Fichiers communs\Services
[2009-02-15|08:51] C:\Program Files\Fichiers communs\Skype
[2006-05-16|13:17] C:\Program Files\Fichiers communs\Sonic Shared
[2006-03-06|04:48] C:\Program Files\Fichiers communs\SpeechEngines
[2008-08-18|07:38] C:\Program Files\Fichiers communs\System
[2008-11-27|23:44] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 32 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-24 21:30:15
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:2][D:6]-> C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp
[F:2][D:0]-> C:\DOCUME~1\VF82C~1.ROS\Cookies
[F:95][D:4]-> C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 2009-02-24|21:32 - Option : [1]

--------------------\\ Fin du rapport a 21:32:15

Rien de très probant.

Fais un scan avec CureIt! et poste le rapport :
http://www.pcentraide.com/index.php?showtopic=106473

Bonne nuit  

Ok je m'en occupe !
Merci encore et Bonne nuit !