Tom's Guide > Forum > Sécurité - Virus > Fenêtres intempestives

Fenêtres intempestives

Forum Sécurité - Virus : Fenêtres intempestives

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
valou04   22-02-2009 à 22:57:03

Bonjour à tous,

Depuis plusieurs jours, j'ai des fenêtres intempestives qui apparaissent régulièrement lorsque je veux me rendre sur un site. Comme lu sur ce forum, j'ai téléchargé Look2Me et Hijackthis dont voici les rapports :

Look2Me-Destroyer V1.0.12

Scanning for infected files.....
Scan started at 22/02/2009 16:26:04


Attempting to delete infected files...

Making registry repairs.


Restoring Windows certificates.

Replaced hosts file with default windows hosts file


Restoring SeDebugPrivilege for Administrateurs - Succeeded


Hikackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:36:58, on 2009-02-22
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\Scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~1\Flashget\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [mspd] "C:\WINDOWS\system32\mspd.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [KernelFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Enregistreur Vidéo Internet : rechercher des streams vidéo - file://D:\Programmes\scan.vbs
O8 - Extra context menu item: Ouvrir avec Enregistreur Vidéo Internet - file://D:\Programmes\anchor.vbs
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Programmes\Flashget\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Programmes\Flashget\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {B794C572-4E4D-4D4B-A115-25DBEB29EA71} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {DFD9C994-2EF1-4B7F-92B5-98E2D0A7CEB7} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.registrefoncier.gouv.qc [...] ViewAX.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareup [...] TSUEng.cab
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1 [...] s-i586.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.registrefoncier.gouv.qc [...] M/Acgm.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareup [...] /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/VF82C~1.ROS/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg

--
End of file - 10110 bytes

Est-ce que je dois télécharger ewido et tout supprimer ?
J'attends votre aide avec impatience.
Merci à tous

PS: je suis toute nouvelle sur ce forum..j'espère avoir été suffisamment précise !!

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Destrio5   22-02-2009 à 23:12:40

Salut,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).


Note : les rapports sont sauvegardés dans le dossier C:\rsit\.

Répondre à Destrio5
valou04   22-02-2009 à 23:23:01

Merci Destrio5 d'avoir répondu si rapidement ! Merci
Voici les rapports :

Logfile of random's system information tool 1.05 (written by random/random)
Run by v.Rosset at 2009-02-22 17:14:20
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 7 GB (19%) free of 39 GB
Total RAM: 1503 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:14:22, on 2009-02-22
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\v.Rosset\Bureau\RSIT.exe
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\v.Rosset.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~1\Flashget\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [mspd] "C:\WINDOWS\system32\mspd.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [KernelFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Enregistreur Vidéo Internet : rechercher des streams vidéo - file://D:\Programmes\scan.vbs
O8 - Extra context menu item: Ouvrir avec Enregistreur Vidéo Internet - file://D:\Programmes\anchor.vbs
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Programmes\Flashget\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Programmes\Flashget\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {B794C572-4E4D-4D4B-A115-25DBEB29EA71} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {DFD9C994-2EF1-4B7F-92B5-98E2D0A7CEB7} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.registrefoncier.gouv.qc [...] ViewAX.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareup [...] TSUEng.cab
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1 [...] s-i586.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.registrefoncier.gouv.qc [...] M/Acgm.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareup [...] /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/VF82C~1.ROS/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg

--
End of file - 10172 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\RegTool Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - D:\PROGRA~1\Flashget\jccatch.dll [2006-05-16 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-02 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-02 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-02 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"mspd"=C:\WINDOWS\system32\mspd.exe [2003-08-27 389632]
"ISUSPM Startup"=c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe [2004-07-27 221184]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep.exe [2008-04-13 10752]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-02 136600]
"SpySweeper"=C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-02-22 509784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cld2000.exe]
C:\Program Files\Calendrier\Cld2000.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MétéoIMédia]
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-15 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\prunnet]
C:\WINDOWS\system32\prunnet.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster 2 d’Uniblue ]
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegTool]
C:\Program Files\RegTool\RegTool.exe -boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-11-21 1687552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-11-27 180269]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherEye]
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2002-08-12 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^v.Rosset^Menu Démarrer^Programmes^Démarrage^Pense-bête.lnk]
C:\PROGRA~1\MINDSC~1\PRINTM~1\PMREMIND.EXE [2006-05-23 2344920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Programmes\VLC\vlc.exe"="D:\Programmes\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programmes\Azureus\Azureus\Azureus.exe"="D:\Programmes\Azureus\Azureus\Azureus.exe:*:Enabled:Azureus"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"D:\Programmes\Azureus\Azureus.exe"="D:\Programmes\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe"="C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e341aa0-9cb1-11dd-ac7e-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58611ed2-98ae-11dd-ac6a-000ae6896f3f}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95a972c0-d18e-11da-a70f-000ae6896f3f}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22b4960-987f-11dd-ac68-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe


======List of files/folders created in the last 1 months======

2009-02-22 17:14:20 ----D---- C:\rsit
2009-02-22 08:32:22 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-21 20:39:57 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-02-21 18:07:12 ----A---- C:\WINDOWS\system32\capicom.dll
2009-02-21 18:05:43 ----D---- C:\Program Files\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2009-02-21 18:05:43 ----A---- C:\WINDOWS\WRSetup.dll
2009-02-20 19:32:31 ----D---- C:\Program Files\VS Revo Group
2009-02-15 22:43:32 ----D---- C:\Program Files\Learning Essentials
2009-02-15 22:43:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-02-15 22:43:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-02-15 22:43:10 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-02-15 22:43:09 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-02-15 22:43:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-02-15 08:51:47 ----D---- C:\Program Files\Fichiers communs\Skype
2009-02-14 22:25:46 ----D---- C:\Program Files\PowerISO
2009-02-14 11:02:58 ----A---- C:\fixnavi.txt
2009-02-13 22:57:13 ----A---- C:\Program Files\HJTInstall.exe
2009-02-12 15:47:39 ----D---- C:\Malwarebytes' Anti-Malware
2009-02-10 07:50:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware(2)
2009-02-08 19:41:28 ----D---- C:\Documents and Settings\v.Rosset\Application Data\DAEMON Tools Lite
2009-02-08 08:36:32 ----D---- C:\Avenger
2009-02-08 08:36:31 ----A---- C:\avenger.txt
2009-02-07 12:09:09 ----A---- C:\Program Files\Vuze_4.1.0.2_windows.exe
2009-02-06 19:29:52 ----D---- C:\Documents and Settings\v.Rosset\Application Data\RegTool
2009-02-06 15:42:52 ----A---- C:\WINDOWS\Sysvxd.exe
2009-02-06 09:03:23 ----D---- C:\Program Files\WinAVI Video Converter
2009-02-02 15:21:15 ----D---- C:\Program Files\Microsoft Encarta
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Flood Light Games
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\All Users\Application Data\Flood Light Games
2009-01-23 22:14:35 ----D---- C:\Documents and Settings\v.Rosset\Application Data\U3

======List of files/folders modified in the last 1 months======

2009-02-22 16:53:00 ----D---- C:\Program Files\Mozilla Thunderbird
2009-02-22 16:48:25 ----D---- C:\Program Files\Mozilla Firefox
2009-02-22 16:36:55 ----D---- C:\WINDOWS\Prefetch
2009-02-22 16:35:42 ----D---- C:\WINDOWS\Temp
2009-02-22 16:34:11 ----SD---- C:\WINDOWS\Tasks
2009-02-22 16:32:42 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-22 16:32:39 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-22 16:03:27 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-02-22 16:02:19 ----A---- C:\WINDOWS\DVDRegionFree.INI
2009-02-22 12:10:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-22 08:47:37 ----RSH---- C:\boot.ini
2009-02-22 08:47:37 ----AC---- C:\WINDOWS\win.ini
2009-02-22 08:47:37 ----AC---- C:\WINDOWS\system.ini
2009-02-22 08:45:11 ----RD---- C:\Program Files
2009-02-22 08:45:11 ----D---- C:\Program Files\Adobe
2009-02-22 08:44:50 ----D---- C:\Program Files\Free FLV Converter
2009-02-22 08:44:21 ----D---- C:\Program Files\VSO
2009-02-22 08:42:28 ----D---- C:\Program Files\Lavasoft
2009-02-22 08:36:14 ----D---- C:\WINDOWS
2009-02-22 08:34:11 ----D---- C:\WINDOWS\system32\drivers
2009-02-22 08:32:22 ----SHD---- C:\WINDOWS\Installer
2009-02-22 08:32:21 ----D---- C:\Config.Msi
2009-02-22 08:22:25 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Skype
2009-02-22 08:20:18 ----D---- C:\Documents and Settings\v.Rosset\Application Data\skypePM
2009-02-21 21:16:59 ----D---- C:\WINDOWS\system32\DirectX
2009-02-21 21:16:58 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Azureus
2009-02-21 21:16:57 ----RSD---- C:\WINDOWS\assembly
2009-02-21 21:11:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-21 20:41:32 ----HD---- C:\WINDOWS\inf
2009-02-21 20:39:52 ----D---- C:\WINDOWS\WinSxS
2009-02-21 19:14:55 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-21 19:14:55 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Lavasoft
2009-02-21 18:07:12 ----D---- C:\WINDOWS\system32
2009-02-21 15:42:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-18 08:42:46 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Vso
2009-02-16 09:30:18 ----SD---- C:\Documents and Settings\v.Rosset\Application Data\Microsoft
2009-02-15 22:43:15 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-15 08:51:48 ----RD---- C:\Program Files\Skype
2009-02-15 08:51:48 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-02-15 08:51:47 ----D---- C:\Program Files\Fichiers communs
2009-02-12 19:20:18 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-12 19:20:18 ----D---- C:\WINDOWS\Debug
2009-02-11 15:18:38 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 15:18:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-11 15:18:16 ----D---- C:\Program Files\Internet Explorer
2009-02-11 15:18:06 ----D---- C:\WINDOWS\ie7updates
2009-02-10 13:04:06 ----D---- C:\WINDOWS\system32\config
2009-02-10 13:03:42 ----D---- C:\WINDOWS\system32\wbem
2009-02-10 13:03:42 ----D---- C:\WINDOWS\Registration
2009-02-10 13:03:09 ----D---- C:\WINDOWS\speech
2009-02-10 13:03:09 ----D---- C:\WINDOWS\Help
2009-02-09 23:15:02 ----D---- C:\WINDOWS\system
2009-02-09 22:39:06 ----D---- C:\WINDOWS\msagent
2009-02-09 22:35:17 ----D---- C:\WINDOWS\system32\Macromed
2009-02-07 16:58:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2009-02-07 13:36:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-06 22:10:55 ----AC---- C:\WINDOWS\WININIT.INI
2009-02-06 21:29:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-06 20:16:52 ----A---- C:\WINDOWS\system32\338fa633-.txt
2009-02-06 20:15:31 ----D---- C:\Program Files\CCleaner
2009-02-06 20:02:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-06 14:51:12 ----D---- C:\Program Files\MediaCoder
2009-02-05 16:11:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-04 22:15:18 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-02-03 18:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-03 12:02:16 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-27 11:02:41 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2005-10-22 311680]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2005-10-22 119168]
R1 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2005-11-21 50176]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.0.1; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2006-03-08 19915]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-21 8064]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2005-10-22 27264]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 OM518P;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\om518vid.sys [2002-06-27 185256]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-06-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 RT2500;Linksys Wireless-G PCI Adapter Driver; C:\WINDOWS\System32\DRIVERS\RT2500.sys [2005-04-21 242176]
R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2003-09-02 166912]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-02-26 370048]
S1 seneka;seneka; C:\WINDOWS\system32\drivers\senekatyxumqwr.sys []
S2 ADSEXPB;ADS DVD Xpress B; C:\WINDOWS\System32\Drivers\adsexpb.sys [2003-10-08 32084]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\drivers\zumbus.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Jukebox3;Jukebox3; C:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2006-01-19 17280]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2005-10-22 27136]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2008-05-21 34576]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-03-09 37768]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-02 152984]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-22 950096]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-11-22 155648]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [2008-11-12 3667312]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [2008-11-13 1086840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-11-22 233472]
S2 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-11-21 409600]
S2 WMP54Gv4SVC;WMP54Gv4SVC; C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe [2004-02-06 41025]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-05-07 779824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-07 271920]
S3 RoxMediaDB;RoxMediaDB; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe [2005-11-22 864256]
S3 RoxUPnPRenderer;RoxUpnpRenderer; C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe [2005-11-21 45056]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2008-05-21 92792]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-17 362240]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.05 2009-02-22 17:14:59

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {637099FB-45FD-4BC7-9651-6FB540DBB749}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
-->MsiExec.exe /I{26792CA7-D87A-4DBE-896B-C2F66B344511}
-->MsiExec.exe /I{637099FB-45FD-4BC7-9651-6FB540DBB749}
-->MsiExec.exe /I{6D4F02C4-F6AF-4659-A933-7FC06235A8D5}
-->MsiExec.exe /I{7FD9FD10-9F7F-4DDF-B9F0-911209FF0CEA}
-->MsiExec.exe /I{8C60949A-46F9-4DD7-BA9F-78C00D9D4C8D}
-->MsiExec.exe /I{EB748B9B-F872-4E95-98E8-5CA7E5425DAF}
-->MsiExec.exe /I{F0EACC27-A729-406C-9BF6-C8F10CEC36F8}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Camera Suite 1.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD13BFB0-FDD2-4AFA-A8AF-9F4A950D56B7}\setup.exe" -l0x40c
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{26BDE7D8-93F0-4A07-AD47-1707DB417941} /l1036
Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}
Canon iP4500 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series /L0x000c
Canon MovieEdit Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DE286975-ACF1-45B8-9EF7-34E162B2C817}
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}
Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}
Canon ScanGear Toolbox 3.1-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\ScanGear Toolbox Ver3.1\Uninst.isu" -c"C:\Program Files\Canon\ScanGear Toolbox Ver3.1\uninst.dll"
Canon Utilities ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
ConvertXtoDVD 3.4.7.121-->"D:\Programmes\convertx\unins000.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
D-Link VGA Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A783A9B5-9249-494C-8766-ECDE41FD6160}\Setup.exe" -l0x40c
DriverAgent by TouchStone Software-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove
DVD Decrypter 3.5.4.0 Fr-->C:\Program Files\DVD Decrypter\UnInstall_DVDdecrypt.exe
DVD Region+CSS Free 5.9.8.5-->"C:\Program Files\DVD Region+CSS Free\unins000.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVD Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
DVDCoach Express 0.9.2-->"C:\Program Files\Kibisoft\DVDCoach Express\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.3.0-->"C:\Program Files\DVDFab 5\unins000.exe"
DVDFab Decrypter 3.0.8.0-->"C:\Program Files\DVDFab Decrypter 3\unins000.exe"
DVDFab HD Decrypter 4.1.0.2-->"C:\Program Files\DVDFab HD Decrypter 4\unins000.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Free FLV Converter V 6.1.0-->"C:\Program Files\Free FLV Converter\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IFOEdit 0.971 Fr-->C:\Program Files\IfoEdit\UnInstall_IfoEdit.exe
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
InterVideo WinDVD 4-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Indispensables Éducation pour Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
LimeWire 4.16.6-->"C:\Program Files\LimeWire\uninstall.exe"
Linksys Wireless-G PCI Adapter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4DDC3BED-CC68-44AA-B435-D727B620CA5B}\setup.exe" -l0x40c
Macromedia Flash Player 8-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
Malwarebytes' Anti-Malware-->"C:\Malwarebytes' Anti-Malware\unins000.exe"
MediaCoder 0.6.0-->C:\Program Files\MediaCoder\uninst.exe
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Encarta 2009 - Collection-->MsiExec.exe /I{09180081-2C94-4A67-8E55-8483C019C7D2}
Microsoft Encarta Maths-->MsiExec.exe /I{07183840-959A-4B0D-8825-2C533F0DDB19}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Disque 2-->MsiExec.exe /I{0004040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 SR-1 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
MioTransfer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{49F00501-E02F-458F-8AED-85949AB9656F}\setup.exe" -l0x40c
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MPEG2 Video Encoder-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E6A0986D-3244-4AB7-BE29-11500E68EF46}\Setup.exe" -l0x40c
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 and SOAP Toolkit 3.0-->MsiExec.exe /I{32343DB6-9A52-40C9-87E4-5E7C79791C87}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
muvee autoProducer 3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD057516-AE06-44FA-B615-463FD524526F}\Setup.exe" -l0x40c
Nero 7 Essentials-->MsiExec.exe /X{E11BD6A7-5046-4D25-ABCB-386A54F71036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Net Transport 1.94.282-->"C:\Program Files\Xi\NetTransport 2\unins000.exe"
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PIXMA Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PrintMaster 7.00-->c:\PROGRA~1\MINDSC~1\PRINTM~1\uninst32.exe /IFirst
ProSavageDDR and Utilities-->C:\PROGRA~1\S3Inc\P4M266\s3setvga.exe -s -fC:\PROGRA~1\S3Inc\P4M266\P4M266.uns
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RamBoost XP 4.0.6-->"C:\Program Files\RamBoost XP\unins000.exe"
Revo Uninstaller 1.71-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Roxio Content 8-->MsiExec.exe /X{329B7564-7E13-4A70-BC2B-F9870C82AAB6}
Roxio Easy Media Creator 8 Suite-->MsiExec.exe /I{868901EE-7807-4F89-A134-7C705D34F91F}
S3Display-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
Scan Manager 5.2-->MsiExec.exe /I{E0A1559B-9886-11D4-8D06-0050DA284A39}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Spy Sweeper Core-->MsiExec.exe /I{3F5B6210-0903-4DC6-8034-8F488AA3A782}
Spy Sweeper-->"C:\Program Files\Webroot\WebrootSecurity\unins000.exe"
Spybot - Search & Destroy 1.5.2.20-->"C:\WINDOWS\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
VIA Audio Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -f"C:\PROGRA~1\VIATEC~1\VIAAUD~1/Uninst.isu"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->D:\Programmes\vlc\uninstall.exe
Vuze-->D:\Programmes\Azureus\uninstall.exe
WinAVI Video Converter 8.0-->"C:\Program Files\WinAVI Video Converter\unins000.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPcap 4.1 beta4-->C:\Program Files\WinPcap\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

=====HijackThis Backups=====

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\fgiebar.dll (file missing)

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090221-0]
FW: Webroot Internet Security Essentials (disabled)

System event log

Computer Name: VALOU
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 123460
Source Name: EventLog
Time Written: 20090207080303.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.

Record Number: 123459
Source Name: EventLog
Time Written: 20090207000050.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 123458
Source Name: EventLog
Time Written: 20090207000034.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 123457
Source Name: EventLog
Time Written: 20090207000034.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.

Record Number: 123456
Source Name: EventLog
Time Written: 20090206234355.000000-300
Event Type: Informations
User:

Application event log

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201982
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201981
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201980
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201979
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201978
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0207
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"RoxioCentral"=C:\Program Files\Fichiers communs\Roxio Shared\Roxio Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

Répondre à valou04
Destrio5   22-02-2009 à 23:25:31

  • Télécharge SmitfraudFix (de de S!Ri, balltrap34 et moe31) sur ton Bureau.


  • Double-clique sur SmitfraudFix.exe pour le lancer.


  • Choisis l'option 1 puis Entrée.


  • Un rapport sera généré, poste-le dans ta prochaine réponse.


/!\ process.exe est détecté par certains antivirus comme étant un risktool. Il ne s'agit pas d'un virus mais d'un utilitaire destiné à mettre fin à des processus./!\

 

** Ne fais l'étape 2 que si on te le demande, on doit d'abord examiner le premier rapport de SmitfraudFix.


Message édité par Destrio5 le 22-02-2009 à 23:25:53
Répondre à Destrio5
valou04   22-02-2009 à 23:30:43

Rapport :
SmitFraudFix v2.398

Rapport fait à 17:29:06,79, 2009-02-22
Executé à partir de C:\Documents and Settings\v.Rosset\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Documents and Settings\v.Rosset\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\Tasks\At?.job PRESENT !
C:\WINDOWS\Tasks\At??.job PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\v.Rosset


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\v.Rosset\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\VF82C~1.ROS\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="file:///C:/DOCUME~1/VF82C~1.ROS/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg"
"SubscribedURL"="file:///C:/DOCUME~1/VF82C~1.ROS/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg"
"FriendlyName"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Carte VIA PCI 10/100Mo Fast Ethernet - Miniport d'ordonnancement de paquets
DNS Server Search Order: 24.200.241.37
DNS Server Search Order: 24.201.245.77
DNS Server Search Order: 24.200.243.189

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6324C9EF-5C84-403A-BF46-6D2214898BB0}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6324C9EF-5C84-403A-BF46-6D2214898BB0}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6324C9EF-5C84-403A-BF46-6D2214898BB0}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Répondre à valou04
Destrio5   22-02-2009 à 23:35:00

  • Redémarre l'ordinateur en mode sans échec (au démarrage de l'ordinateur, tapote F8).
  • Double-clique sur SmitfraudFix.exe
  • Sélectionne 2 et presse Entrée dans le menu pour supprimer les fichiers responsables de l'infection.
  • Voulez-vous nettoyer le registre ? réponds O (oui) et presse Entrée afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection.
  • Un redémarrage sera peut être nécessaire pour terminer la procédure de nettoyage. Le rapport se trouve à la racine du disque système C:\rapport.txt
  • Copie-colle le rapport dans ton prochain message.

Message cité 1 fois
Répondre à Destrio5
valou04   22-02-2009 à 23:53:55

Destrio5 a écrit :

  • Redémarre l'ordinateur en mode sans échec (au démarrage de l'ordinateur, tapote F8).
  • Double-clique sur SmitfraudFix.exe
  • Sélectionne 2 et presse Entrée dans le menu pour supprimer les fichiers responsables de l'infection.
  • Voulez-vous nettoyer le registre ? réponds O (oui) et presse Entrée afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection.
  • Un redémarrage sera peut être nécessaire pour terminer la procédure de nettoyage. Le rapport se trouve à la racine du disque système C:\rapport.txt
  • Copie-colle le rapport dans ton prochain message.



Voilà le résultat !
SmitFraudFix v2.398

Rapport fait à 17:41:59,02, 2009-02-22
Executé à partir de C:\Documents and Settings\v.Rosset\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost





»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\Tasks\At?.job supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6324C9EF-5C84-403A-BF46-6D2214898BB0}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6324C9EF-5C84-403A-BF46-6D2214898BB0}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6324C9EF-5C84-403A-BF46-6D2214898BB0}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Répondre à valou04
Destrio5   22-02-2009 à 23:55:28

  • Supprime SmitfraudFix.


  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher.
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.


  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Message cité 1 fois
Répondre à Destrio5
valou04   23-02-2009 à 00:13:51

Destrio5 a écrit :

  • Supprime SmitfraudFix.


  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher.
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.


  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.


Réponse :
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1794
Windows 5.1.2600 Service Pack 3

2009-02-22 18:12:18
mbam-log-2009-02-22 (18-12-18).txt

Type de recherche: Examen rapide
Eléments examinés: 90240
Temps écoulé: 10 minute(s), 4 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Répondre à valou04
Destrio5   23-02-2009 à 00:18:48


  • En bas à droite, clique sur Démarrer Online-scanner.


  • Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte.


  • Accepte les Contrôles ActiveX.


  • Choisis Poste de travail pour le scan.


  • Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport.


  • Pour t'aider à utiliser le scan en ligne : Tutoriel


Note : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.

Message cité 1 fois
Répondre à Destrio5
valou04   23-02-2009 à 03:08:05

Destrio5 a écrit :


  • En bas à droite, clique sur Démarrer Online-scanner.


  • Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte.


  • Accepte les Contrôles ActiveX.


  • Choisis Poste de travail pour le scan.


  • Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport.


  • Pour t'aider à utiliser le scan en ligne : Tutoriel


Note : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.



Désolé le scan a pris beaucoup de temps !
Voici le résultat :
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, February 22, 2009 9:05:10 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 22/02/2009
Enregistrements dans la base antivirus Kaspersky : 1652954
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
A:\
C:\
D:\
E:\
F:\

Statistiques de l'analyse:
Total d'objets analysés: 95438
Nombre de virus trouvés: 2
Nombre d'objets infectés: 4 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 01:55:57

Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0017529471e3bfc64aac50341ce240b0_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0148dc1f929d4bd99a37f94a14c5e5c9_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\01c2d26b2a337251e802eb072383ff3f_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\01caacd3a204bbc183ad918cb8f00070_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\01cdc1e5de96769ead6f8c9ce8b6b6b4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\01ecaa41e670112f104b563ddef9dc22_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\02050b1c2ab4a7c65ea1cb74de2bca38_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\026004a1ed02f72e2a6df32192a66bc0_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\02a960dda88c86abddfa70946e7aabc0_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\02b43dfd7c02ddaf02f4d67cba09c1d3_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\02d6022c99172025a1d21b5787d87b70_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0307d9ba250f0e37cec894d5e7196179_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0348178051aa4547a58251e726db6bde_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\03b8e3f894f2896544c80c92f03134d5_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\03c26e95f54423fedf9556d34482cb56_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\03c4c2aedcd08d529570385f52f69615_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\03fdb8654f3fc043997d47b9082fce5f_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\045ff3231a925d217d6cf14f83a06900_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0480a7f3b14c5c665d42b25aa7c2eda4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\048cef702b376ebc1e0fe7134933af3c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\05476802e270d3d91b99fa23df8d1d8f_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\055824f333d99b7c347f7d66adc24a76_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0569a71f70b44476ec0c36b32c0f860c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\059396c5b16b0d31612ef01e54a8ff20_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\05eb3750849de98f92184cee8aa3a34e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\061c30516d17c2e751451054aaa3031e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0636306f418549300d55b49be429f8a4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\065508699acf006b7fe30c19300ff711_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0664b1c9c60d056c221a5475d86aa0d2_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0698e10ad8fa05e425cba0776055bd00_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\06aa31c9e9c95a861d4b3914017bfa5e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\06ab9fad2d54240e8705362fe80f55e5_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\06cb9364cc96d13a5ed1650ec7ee68ce_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\06e0c9365408c838b0e4ad2cd91a76f7_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0747ca40f218ff9ccd167d6ae577088f_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0765ccca145788155300f2f016f74ddb_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0904f643ad57eceba7649c8f69afba76_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0909de4603145337afee77d0163e384a_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0a9031580ed816e6221065f0759fa10b_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0aa9cf8c17476675cc275e88b120e4ac_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0b3e2fae303a64c3e00982017ef90353_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0bc283a46cf4b4fb1107607c3e7b0e99_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0bd47f8f6bcf19100c9a812ec4b2daf0_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0ce5f6123ec0366d428486e054dafc35_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0cf2088bd437c8005f2fc706be53a8d9_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0d2a9b8695def948e66a76d86f0c8f13_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0d643bc91e755313d1ec37f7e9279540_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0d85afe1664cf87ed20cc1602710dbd3_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0da48584466785a72878780e9cfb4bd4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0db3e883c97889ea1511b8f2839035ba_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0dc4578642fae7077073c7723ad9c6dc_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0dd4266197aa8c6c7debcc963e0ba7b4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e0abe736fcb5fba5d7b3f91cbac4254_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e416886e1d65d59d9bc9e871c424035_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e4834e65220c455fdfb8ced925efd88_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e59d31eb65b43766c46fd63b7732a4e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f5b19c86ab0b6a307720ff3b28c1891_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0f688a20d302a4b0878fcb057a2894f1_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\108bca7766d25add45eef202f96bcb56_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\11239b8b1eaea56f4b5304c5575b6e92_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\11da937afb86f9deb6a704fc68a58ea2_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\121137b65ee707922e1a5d41f2d2b4e5_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1220311d671aaa5dacb0d98696d811ae_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\124d8edb862260d7abea5aa86c5388d8_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\12aa88d4309487b3c8a56b3ee8582b3d_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\133de68476c50334a1a99351191ee92c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\13699fc3babbcc7d6eaaffe4fe34fa7d_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\141398cf87b07617cefc3bbc28ba4800_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1429ba1bc268e4098cae396e014ed268_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\14733ea5dec091dbf3038df025818f9b_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\149dcfcc9834316bc3459c9c5378e0c1_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\14e71c9f37a270641a314b6ed2698917_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\15a220649e34d49853c084d344e3d134_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1646b85596c530b2e8f17b1762dee0d7_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\164932fc3877679f91d1797d7dbcbff3_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\167965723492f0d1777c903d7824181b_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\16b4f436fc7802c975a6a1b5a28761a1_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\16c5231eabda5668e40ba47824d79bf4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\16ed5412b2c6224f733292603cc2309f_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\174371c2e3471254f1e6e55149cfd0dd_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1758f21d75d0fa4ddf863ca751486d55_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\177f64c7c1d016034d5ef9554931bc33_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\17d34b3f83b84ab45d81af29420eb341_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\17d6fe797759336e62333b144653675a_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1865ce49cd40cab7291d2d5b4d2fa031_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\18d9814f682b2805f9c969f58a96eeb1_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\192ad1acd72c8c2a2a10588e3fa821f5_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\194a2c68a1333cb11bd9210a3008e30e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\19cbd94f84cc4de2420deb7cc7da9006_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\19e7d8d92dbbfdeb07ffaad459023381_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\19ed7fab8b1459e08c160fea56f9dfba_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a34819b03e16fb2c996bb70a619fc26_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b032134013c09ed6d3411f3a9b662e9_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b40c3ffd7bbec2f2a40ec4451ee820f_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b6b52bb5be5f01383ebe198d4314490_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b723e027792ba2531f5704ceb8056b2_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b955f57d9c210adad35ead4128ade5a_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1bbea65c11c0d5ad59c8f0f2a150d002_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1bd8fd048a40d69fc88293d5cea75660_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1be8015c33a5eb9bb5b8baf911502de0_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c1e3d27c492ae748c751f7e7021b6fc_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c6c40615e285c20934c56507b1d5df9_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1cd0cccade2f9d45a3e49dfa7c1e3fba_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1d22dd44284459e96cd13159f8c3abb1_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1d58925edebee2653946adf53aaeb2e7_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1dc0ae7c31283c9b1d7eae4064789eeb_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1dc1661bc912e27a491050aea6337abf_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e4902925597c86217e46adc60360357_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e6983b83b9e970466e56ad05a8bfe1d_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e7b067f28081eb49efd82b4d4a44e84_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e9edb6d165789dc2d57640bcb3c4ae5_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1f102522e5a78144f6e954afa96881dc_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1f37febee49145ac8d2b1b6d1ff0c11a_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1f4ffe1c999657ad6474dacee87f7da6_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1f832ad3c5d58194eb9cd6b8dbfea0b9_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1ff56d14c304f07091ba1453e252aead_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\20b22075459accd5a06151d1107f0438_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\20bb97966059bb2f8f8635d94691d6f8_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\21a293fd3d7a5c2020b1b03baa9023fe_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\21f6ae2785f4446d6f800c87ee22a9cc_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2291f9af712716963acfe4408f3fd1ec_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\22acca1e9c2640f1d8da5789e486bcdd_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\22dd60480ca79f7fa256575661ba7c09_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\23ce229cad17a62e6b140fef0a1f8ca0_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\24105d4149f7638725139331946e721e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\24191273c0710ebfc8c0a2c417b51504_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\24a891fc4d0d4222f83d56eb5bd79975_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\24d50fa593b4754f152311e6bf2946a4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\25194e96e44f266d02a24c1263043d08_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\254224b24a7cd0e464c2c19887f47212_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\254d160bed29e73bb1ddcf7ecb19ae21_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\25a178f0ce899aa1b501caab98fa33c8_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\262f11e907300a731242572171dc8883_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\263c43d8ddeefbf4fba0d439f47f70fd_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\263f4367c5f791b3e17c5570200fcac2_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\26e5b4a3e0b5ed484d4d664ef2246895_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2714b240deeb93048fded4182353ec28_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2733fbc53ad9909468ded9ea1710a99d_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2742988139bf1308bb77148815716bcf_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2811953430c85daca727bbcdccb96f9b_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\28372f8a985729e15d6bef41338c02e5_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\28ebc054888cf334b987aa717429a4e4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\291999ebf08bdf3449a55dbed1242877_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\29281e6afa994b1a8073b65211d4b034_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\293542cd4ac53c3dbc586388b5ce7821_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\294f23dc91137fb02139d2410ae13971_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2961226be0e2577fd6f9aed10021979a_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\298a2f74c44827d0a5a524447f11d1b0_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\29c1566505576937a604cb883aff70db_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\29d5eb95000d783f2cabd787aa0b0863_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\29e87e72e3b16bcf551fb72032c3ab04_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2a7263c5df8a99129f9d7b02c9b70028_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2a75ca183ed7719af1165b0b13863191_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2a79a8c3ace04d37715d0b042e4f2727_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2b50104b9daa8995aedfc00872fefa07_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2b5c4f3545f3ca769aa2e4bac09223ce_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2b8544e1bfc6d0594860b637279c4e86_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2cedcb28bc9c04205fff731d2d223772_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d240a06c3ed5b14a85b9ad0f572f760_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d3b8fb805b3b5ffb742c77237706a60_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d777cbc1deba21bc9cbdc71e459b5ad_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d9e458de5b006fe746d98a812c2b90a_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2da6863cb3d0f99db430c8b9fa0d637a_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2e57191fd4948aedd6db7f64a39b80f5_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2e8454526879699cb206d0643004fe0c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2eb074ca5319565001a07543daf3c717_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2ebdf7a80b7bf9a02942339ee5857abd_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2fb31889aa482aee04df2e0122ce4018_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2ff6bcae151fc512d4e23e4f3bdf14dd_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\30623b5b178891239d3768c9a9a5486f_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\30f347993599f68c1843ca44b2072314_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\30f3f27f3d50c96ab35543e5057baccb_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\30f83c30095811b9ea1e699ed27a240d_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\318021564e418bda86000feaebaaa9a3_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\32148ec6b251e8e141f405774baafec1_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\32245df36019937399c6d527cc271d7e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\32770257dd17615a07898a3ff769c8f7_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\32d85aea9f39d51c3d2bf7ff2e4fda61_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\332c3f0ab71b2377114a1bd97568b664_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3450e054f86941a3be53b2aea99afe69_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\349978f2e33235e98cb62177b79a677a_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\34d3d06b95fd6324ec41753742fbf72b_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3553600abb75e2738b87d043c8197cda_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\35b9c2793a5ac464d408b67d2b02285c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\369b3248908d639a54028e60b0bb69d3_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\36b8174752a93b98a01ad345447582f8_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\36f276834e64a8de1f524a13ebac55f1_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3759204bcc38934141eb528bc1051fd6_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3766d5aa1604ce38f8c097eea242399c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\37de684d1118c585c543d63140cf1f01_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3822ee94ff3410a66214ba5f5fa36f73_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\384966b6bb6e315dac447e5afaaa3229_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3869548d0dbc6e32f1251fd440688df5_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\38abc0beb9c999ebe5c2d3ab11ce5110_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\38ed1cb0b40118a8afbe94c9df5e2fd3_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3918700cd5ca37cce535ae31642697d5_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\391c315e013a4641d390e8e92e305315_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\39269bbf15cece801afe5c5dba2c7e19_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\39451f7d0153ec7e9abb0169d44e1c98_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\395b647782d7d58414a5198af824595c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\396b659091448469bec667e3726a8d5a_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\39d0aa899aba6af85aa32a342325ca8e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3a3be7810152c32c4dfe3e3e07d30a4d_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3a75e0ec8fe014952786a7322a04c9ff_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3ab0363672cd403c4d2b42137d46c133_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3ae65e8ef7a221160b201e7a9f4d2222_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b231676fce6ee1e5e8cc54e112361df_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b6566e5a5eb11bb21bb6620c06ac8fa_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3be9d3d09f8b7886b4d05550462306f2_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3c28f69f6c8a629db6c2f9ef2300f22f_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3c9f0eb6314c83ea02e1a49118639099_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3d103c77e6bec1fffd599303ad9f9d29_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3d743b08e010cd76398bd561ec11b50d_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e0f7e58989d7d4659158daa565f37ac_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e110591570d365f1dc6d3e588a02ea8_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e2acc19a61b0bb4eebb00907aadda99_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e4ad27103bc5ad38b0673bf2d3a0142_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3ee16dc8d1dd1dadf054e9310e1577a8_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3eee705b8ca489685c8f84b89d2ecddf_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3f42a8a70c9aa068577f05c12212a180_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3f5581ef7b249c2a35cafdcc769d4997_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3f716fb2e4ebe08a7626ecc5cfa0ddb0_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3fc057510aa69d2a638cad5554b62d9e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4017ee25426e64d7001b87d77091069d_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\401bc8f6027df7b7e54ff036e7721b5f_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4049e24ba67326c447a5452e4c538d8e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\406286a16d7d2fe83f5a6a6917702a51_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\406ee44f9c3a42a4dda0c9424cc1d73f_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4071b42495b15380570af000f406860e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\414d2e971c0e3aa5c09f052219b945e6_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\415f740c65b95359f0af8f14791d8bcf_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\416339671a076a96978fdfd76b19eb7c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\416e1ae1e33e966d13c5d43ed1ae19f2_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\419a9c0a29c7c5909c7bf5a22e340992_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\41a914161e31a3bfe8b5255ab15e0577_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4233d6c8c6c13996b3586f1af89dc92d_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\42692be625e933f9a65bfff29b6f30e9_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\42a39c4d6ffa9783a147c28acb93f356_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\42b4f95e0759777c457099b0c8c8730a_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\42e6f196791b2ab1036b93820f90e171_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\42f8c114f9b575ffcf3a34da40c87437_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4319a3ca0f12d604ccf4d144a1868975_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\43b5bcb198237ff2c866d8ad9d2596c8_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\444c4c3db0f31f2229ad97877d33203b_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\444f033c1795c715fc5e3cf7749e77ea_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\44d4ce0ba47ea8cf4251ca412931e126_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4592ea67f9e77052f14403ed26dd03aa_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\460219a6d15eadcd481bc7df04803dc4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\462ddff82baf4c5fd9d1179339919adc_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\463c5de651e854c87398d309445eaf20_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\467ef0d9da7613eab1a7464769a881ed_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\46c2010470052eb8fda277d13d57b3ec_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4742f22efe12bf29852bca81336b29fd_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\484374775f0a92e6b5cd435f0d16dfd8_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4962e1c90d82b7eab9794638ad8ed7b7_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\498fed47a32a1157ae7d1eb184df370d_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4993831f41c978420d33027eb6d06150_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\499e2934c89b5b7734563b5137ead724_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\49d2ab1ddc173308ec9f785d2a091861_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4a1473e0b8192034326354dfb9317817_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4a2045fa037469a3a727b97ff3ce4cae_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4a574df766352a9d5734285e3d4ee5ba_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4a86a216fd62179cb4f7a4894d6a7de2_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4aff70ad0789cdf5ce497ef5363cf85f_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4b3a0f49edd6bf99cea56bb0b97d292c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4b8ed01ac3c66d81338bd15998a6a95a_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4ba8892aea14658621e24b7c8254bb0d_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4bb02aa242c99c926e55b6024ab42c14_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4c2296d8330b0ca351d3b9d6b51658a9_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4d5a833f82a0cdd49486951cffb39b6b_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4d92a911e2291187e147196620b75a93_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4e2a8d3c2246bf81656655ada3b04b39_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4ec3e1b15f965381c2bbf46ed8c1f652_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4ed7570f4495f36f21c443866369816b_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4eecff3c642c7a1e21c4cfc710c0d2d4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f121052d5ff4ed7515a990b110d5525_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f36c490bf023389c88cb916be761d10_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f5e3eb26752fe8784158f280757dea0_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4fd224606968afe6dc3698d6853939ad_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4fde0c1c11b079ceeeefae56d9db8685_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\502d1d57853eacaa2ba79fa6ca0effea_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\50a1148a58cd49924d427d9b11b9bd77_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\50a9257017008be68adf67697e7d23e5_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5137ae8ee7df3a6e7bb1219bcf2842fb_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5146a1ab091665db1c6985307a99a9b4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\514dcac918cf3d5880c216b5401089d5_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5172ca28ff697e2c5d8845e37de97fd0_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\51ee79dbd163f9b818953f9c71735f3c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5224de86a345fb7009a5cbdb8e94c6d3_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5279c620aef0b1617d1114e57a267c8b_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\52c49e3958e56e0e3dc95ac56a6cd27e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\52f5246e699755e22a20609adbbeb0e8_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\531cf2429deda0a0a680b17c6ff7bfdf_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\53987ede0bfe30f30c42bbb18c10fa29_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\53b1c0d845cd59cd75cc149b91adaa7c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\53cf84a87344e3bfd78decfbded7e4c3_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\544c0644a32408a19b979b0effd8c863_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\548e7ebc4396ad7e515b4688474b7a91_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\550d79a19e3bea279d1ee483f7306665_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\552a27a90d26e9f04ac3666b2d3928ae_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\55644974adbf3082669e0ab9a0d7e1ba_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\55924699807e2c44609fdaccaa935e62_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\564b6ea457d2081bc80bc9bc049b1947_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5651eb531650f521af93851e7c4857af_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\576484348d155eda345f28092b2aa8fc_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\586f5a92f8ce2aeaebb17c710f23289f_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\58a61b48497af8ea0b6d4adbdbccab7c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\59ba7bbd1f4dcd8e0df767c7669cfb77_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\59bcfe0464bf6c0e2f3fa19017b02447_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a21ff881b870f6e71944fd3b3bddcb2_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a251b1dd5e438e772d876cced9eef39_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a3c92f0164663687284ac870fecb5b7_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5b0f29d71d8b47d2df75db1c0405b47b_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5b125b7d6a7ec2b9ce6ac24dbdcf5564_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5b2d4282d595753e8be2bac1db54bb47_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5ba38368ee71c559ab4d2a36316973cc_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5c1ee934c4a7d085d6ceba9ec7592beb_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5c44bb8e0dc191599c1c73d962def803_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5d7258386c209809a7ea41fbb2a865ea_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5dfb6716a9507517e4fa63f5a0057c71_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5f0483c46d5d6c1e2163e7dfd738937c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5f15f76c8b83f28408393b65538634c4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5f29e8ca993aaf2744d2465edcf7a273_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5f4e6784bbd46d9171d41130011c8f39_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\60a4bccf6a64b5e11d371c3fde0fe374_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6119ba0ec73f674334b870f62cd85222_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6121d22fc380e10848415070d4a286fd_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\61598b6c278d3b32bca20dd6722add84_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6174174dd713257ab7910ee1a33df234_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\61d08afe3b8d897583ee37f8eb6d34a1_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\62482e4b32a2c52ee4b9a7bd8f236a3e_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\627596589a89d4fbf602b44a23c4e8fc_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\62b234c5e810fe419c257af2d428e6b4_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\62d0db73255e7472b0740ffceab8aa4c_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\62f28505f17bdce20b2067ac70786a67_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\63284a591a07d5e55ff5e5cabfff3bd5_ef0bf01b-2a26-4da1-9bdb-7c95bd4c1e47 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\63c3aa9f45ad05f3de9086705255fdc7_ef0bf01b-2a26-4da1-9bd

Répondre à valou04
Destrio5   23-02-2009 à 03:14:24

Le rapport n'est pas entier à cause de sa longueur.

---> Uploader un fichier sur Mediafire :

  • Rends-toi sur ce lien : http://www.mediafire.com/
  • Clique en haut sur Upload files To Media fire. Choisis ensuite I want to upload without an account.
  • Une fenêtre de ton explorateur windows va s'ouvrir. Navigue jusqu'au rapport que je te demande d'uploader, sélectionne-le puis clique sur ouvrir.
  • Clique ensuite sur Upload.
  • A droite de l'écran, choisis : upload to a new folder. Laisse le nom par défaut (= la date).
  • Valide et laisse l'upload se faire.
  • Clique sur View uploaded file et copie-moi l'url (= le lien) du nouvel onglet ou de la nouvelle fenêtre qui va s'ouvrir dans ton prochain message. Ainsi, je pourrais télécharger le rapport demandé.

Répondre à Destrio5
Destrio5   23-02-2009 à 03:27:32

Les seuls fichiers détectés par Kaspersky sont dans la quarantaine de Spybot.

J'ai vu des traces du rootkit Seneka.

/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

  • Télécharge ComboFix (sUBs) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.


Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

Répondre à Destrio5
valou04   23-02-2009 à 03:54:17

ComboFix 09-02-21.01 - v.Rosset 2009-02-22 21:40:43.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1503.827 [GMT -5:00]
Lancé depuis: c:\documents and settings\v.Rosset\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090221-0] *On-access scanning disabled* (Updated)
FW: Webroot Internet Security Essentials *disabled*
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\v.Rosset\Application Data\inst.exe
c:\windows\system32\JTtsCcfe.ini
c:\windows\system32\tmp.reg

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_seneka


((((((((((((((((((((((((((((( Fichiers créés du 2009-01-23 au 2009-02-23 ))))))))))))))))))))))))))))))))))))
.

2009-02-22 18:25 . 2009-02-22 18:25 <REP> d-------- c:\windows\system32\Kaspersky Lab
2009-02-22 17:14 . 2009-02-22 17:14 <REP> d-------- C:\rsit
2009-02-22 08:39 . 2009-02-22 08:39 <REP> d-------- c:\documents and settings\LocalService\Bureau
2009-02-22 08:32 . 2009-02-22 08:32 <REP> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-21 21:11 . 2009-02-21 21:11 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-02-21 20:39 . 2009-02-22 08:32 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-21 18:05 . 2009-02-21 18:05 <REP> d-------- c:\program files\Webroot
2009-02-21 18:05 . 2009-02-21 18:05 <REP> d-------- c:\documents and settings\v.Rosset\Application Data\Webroot
2009-02-21 18:05 . 2009-02-21 18:14 <REP> d-------- c:\documents and settings\All Users\Application Data\Webroot
2009-02-21 18:05 . 2008-11-13 17:11 1,553,272 --a------ c:\windows\WRSetup.dll
2009-02-20 19:32 . 2009-02-20 19:32 <REP> d-------- c:\program files\VS Revo Group
2009-02-15 22:43 . 2009-02-15 22:43 <REP> d-------- c:\program files\Learning Essentials
2009-02-15 22:43 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\system32\d3dx9_26.dll
2009-02-15 08:51 . 2009-02-15 08:51 <REP> d-------- c:\program files\Fichiers communs\Skype
2009-02-14 22:25 . 2009-02-22 08:43 <REP> d-------- c:\program files\PowerISO
2009-02-13 22:57 . 2009-02-13 22:57 812,344 --a------ c:\program files\HJTInstall.exe
2009-02-12 15:47 . 2009-02-15 09:41 <REP> d-------- C:\Malwarebytes' Anti-Malware
2009-02-10 07:50 . 2009-02-10 13:03 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware(2)
2009-02-08 22:29 . 1994-09-02 00:00 17,936 --a------ c:\windows\system\IMAADPCM.ACM
2009-02-08 22:29 . 1993-11-19 00:00 15,104 --a------ c:\windows\system\MSADPCM.ACM
2009-02-08 19:41 . 2009-02-08 19:56 <REP> d-------- c:\documents and settings\v.Rosset\Application Data\DAEMON Tools Lite
2009-02-07 13:28 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-07 13:28 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-07 12:09 . 2009-02-07 12:10 9,875,904 --a------ c:\program files\Vuze_4.1.0.2_windows.exe
2009-02-06 22:12 . 2009-02-07 14:44 4 --a------ c:\windows\wxrqeueh
2009-02-06 19:29 . 2009-02-06 19:29 <REP> d-------- c:\documents and settings\v.Rosset\Application Data\RegTool
2009-02-06 15:42 . 2009-02-06 15:42 54,040 --a------ c:\windows\Sysvxd.exe
2009-02-06 12:26 . 2009-02-06 20:20 1,728 --a------ c:\windows\pltvzzvk
2009-02-06 09:03 . 2009-02-06 09:03 <REP> d-------- c:\program files\WinAVI Video Converter
2009-02-02 15:21 . 2009-02-02 15:21 <REP> d-------- c:\program files\Microsoft Encarta
2009-01-30 15:06 . 2009-01-30 15:06 <REP> d-------- c:\documents and settings\v.Rosset\Application Data\Flood Light Games
2009-01-30 15:06 . 2009-01-30 15:06 <REP> d-------- c:\documents and settings\All Users\Application Data\Flood Light Games
2009-01-23 22:14 . 2009-01-23 22:18 <REP> d-------- c:\documents and settings\v.Rosset\Application Data\U3

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-23 02:24 --------- d-----w c:\program files\Mozilla Thunderbird
2009-02-22 13:44 --------- d-----w c:\program files\VSO
2009-02-22 13:44 --------- d-----w c:\program files\Free FLV Converter
2009-02-22 13:42 --------- d-----w c:\program files\Lavasoft
2009-02-22 13:22 --------- d-----w c:\documents and settings\v.Rosset\Application Data\Skype
2009-02-22 13:20 --------- d-----w c:\documents and settings\v.Rosset\Application Data\skypePM
2009-02-22 02:16 --------- d-----w c:\documents and settings\v.Rosset\Application Data\Azureus
2009-02-22 00:14 --------- d-----w c:\documents and settings\v.Rosset\Application Data\Lavasoft
2009-02-21 20:42 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-18 13:42 --------- d-----w c:\documents and settings\v.Rosset\Application Data\Vso
2009-02-15 13:51 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-02-15 13:51 --------- d-----r c:\program files\Skype
2009-02-07 21:58 --------- d-----w c:\documents and settings\All Users\Application Data\CanonIJPLM
2009-02-07 18:36 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-07 02:29 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-07 01:15 --------- d-----w c:\program files\CCleaner
2009-02-07 01:02 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-06 19:51 --------- d-----w c:\program files\MediaCoder
2009-01-21 00:35 --------- d-----w c:\documents and settings\v.Rosset\Application Data\dvdcss
2009-01-20 14:22 --------- d-----w c:\program files\IfoEdit
2009-01-20 05:12 --------- d-----w c:\program files\DVD Region+CSS Free
2009-01-19 00:14 --------- d-----w c:\program files\InterActual
2009-01-18 18:45 --------- d-----w c:\documents and settings\All Users\Application Data\vsosdk
2009-01-18 03:55 --------- d-----w c:\program files\TuneUp Utilities 2009
2009-01-17 03:59 --------- d-sh--w c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-14 14:20 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2009-01-09 20:34 --------- d-----w c:\documents and settings\v.Rosset\Application Data\vlc
2009-01-07 19:26 --------- d-----w c:\program files\Java
2009-01-02 21:37 --------- d-----w c:\program files\Real
2009-01-02 21:23 --------- d-----w c:\program files\Canon
2008-11-05 12:58 4,584,376 ----a-w c:\program files\Shockwave_Installer_Slim.exe
2008-10-31 15:20 2,688,280 ----a-w c:\program files\vcredist_x86.exe
2008-10-27 12:26 2,959,376 ----a-w c:\program files\dotnetfx35setup.exe
2008-10-12 22:37 445,120 ----a-w c:\program files\biosagentplus_40.exe
2008-09-13 22:47 894,504 ----a-w c:\program files\WGAPluginInstall.exe
2008-06-21 14:50 47,360 ----a-w c:\documents and settings\v.Rosset\Application Data\pcouffin.sys
2008-04-02 18:36 5,640 -c--a-w c:\documents and settings\v.Rosset\Application Data\mindhabits.dat
2007-11-19 14:41 32 -c--a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2008-08-18 13:53 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008081820080819\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BackupIconOverlayId]
@="{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}"
[HKEY_CLASSES_ROOT\CLSID\{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}]
2008-11-13 17:04 238968 --a------ c:\program files\Webroot\WebrootSecurity\Backup\CtxMenu_1_0_0_10.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"mspd"="c:\windows\system32\mspd.exe" [2003-08-27 389632]
"ISUSPM Startup"="c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe" [2004-07-27 221184]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-02 136600]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"SpySweeper"="c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe" [2008-11-13 6273400]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\progra~1\DVDREG~1\DVDShell.dll" [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.mjpg"= mcmjpg32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^v.Rosset^Menu Démarrer^Programmes^Démarrage^Pense-bête.lnk]
path=c:\documents and settings\v.Rosset\Menu Démarrer\Programmes\Démarrage\Pense-bête.lnk
backup=c:\windows\pss\Pense-bête.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MétéoIMédia]
c:\program files\MétéoMédia\MétéoIMédia\WeatherEye [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
--a------ 2009-02-22 08:33 509784 c:\program files\Lavasoft\Ad-Aware\AAWTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
--a------ 2007-04-03 20:50 1603152 c:\program files\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-13 21:33 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a--c--- 2007-03-15 20:02 153136 c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2008-11-02 03:38 167936 c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
--a--c--- 2005-11-21 20:47 1687552 c:\program files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2009-01-29 14:01 23975720 c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
--a------ 2008-11-13 17:11 6273400 c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-11-27 23:44 180269 c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISUSPM Startup"=c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\drivers\\svchost.exe"=
"d:\\Programmes\\Azureus\\Azureus.exe"=
"c:\\Program Files\\Roxio\\Easy Media Creator 8\\Digital Home\\RoxUpnpServer.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-21 64160]
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [2008-11-12 29808]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-03-31 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-03-31 20560]
R2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [2009-02-21 1086840]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 950096]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2008-05-21 34576]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e341aa0-9cb1-11dd-ac7e-0012178290da}]
\Shell\AutoRun\command - g:\wd_windows_tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58611ed2-98ae-11dd-ac6a-000ae6896f3f}]
\Shell\AutoRun\command - g:\wd_windows_tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95a972c0-d18e-11da-a70f-000ae6896f3f}]
\Shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22b4960-987f-11dd-ac68-0012178290da}]
\Shell\AutoRun\command - g:\wd_windows_tools\Setup.exe
.
Contenu du dossier 'Tâches planifiées'

2009-02-22 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-02-22 08:33]

2009-02-22 c:\windows\Tasks\RegTool Scan.job
- c:\program files\RegTool\RegTool.exe []

2009-02-22 c:\windows\Tasks\RegTool Scan.job
- c:\program files\RegTool []
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-CanonSolutionMenu - c:\program files\Canon\SolutionMenu\CNSLMAIN.exe
MSConfigStartUp-Cld2000 - c:\program files\Calendrier\Cld2000.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-prunnet - c:\windows\system32\prunnet.exe
MSConfigStartUp-RegistryBooster 2 d’Uniblue - c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe
MSConfigStartUp-RegTool - c:\program files\RegTool\RegTool.exe
MSConfigStartUp-WeatherEye - c:\program files\MétéoMédia\MétéoÉclair\WeatherEye.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.cyberpresse.ca/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mSearchAssistant = hxxp://www.google.com/ie
IE: &Télécharger avec NetTransport - c:\program files\Xi\NetTransport 2\NTAddLink.html
IE: Enregistreur Vidéo Internet : rechercher des streams vidéo - file://d:\programmes\scan.vbs
IE: Ouvrir avec Enregistreur Vidéo Internet - file://d:\programmes\anchor.vbs
IE: Tout t&élécharger avec NetTransport - c:\program files\Xi\NetTransport 2\NTAddList.html
IE: Télécharger avec FlashGet - d:\programmes\Flashget\jc_link.htm
IE: Télécharger tout avec FlashGet - d:\programmes\Flashget\jc_all.htm
IE: {{B794C572-4E4D-4D4B-A115-25DBEB29EA71} - d:\programmes\scan.vbs
IE: {{DFD9C994-2EF1-4B7F-92B5-98E2D0A7CEB7} - d:\programmes\scan.vbs
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} - hxxp://www.registrefoncier.gouv.qc.ca/Sirf/Script/14_05_04/CPCViewAX/CpcViewAX.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
FF - ProfilePath - c:\documents and settings\v.Rosset\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.cyberpresse.ca/
FF - plugin: c:\documents and settings\v.Rosset\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMCult3DP.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npvirtools.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\windows\system32\Cult3D\NPMCult3DP.dll

---- PARAMETRES FIREFOX ----
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-22 21:46:57
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Canon\IJPLM\ijplmsvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
c:\program files\Webroot\WebrootSecurity\SpySweeper.exe
c:\program files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
c:\program files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-02-22 21:51:38 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-02-23 02:51:33

Avant-CF: 7 490 256 896 octets libres
Après-CF: 8,461,529,088 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn /TUTag=NYDXPN /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale (TuneUp Backup)" /fastdetect /NoExecute=OptIn /TUTag=NYDXPN-BAK

277 --- E O F --- 2009-02-11 20:20:16

Répondre à valou04
Destrio5   23-02-2009 à 11:55:12

  • Menu Démarrer > Exécuter > Tape combofix /u et valide.


  • Désinstalle Java(TM) 6 Update 11.




  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :


:processes
explorer.exe

:reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\drivers\svchost.exe"=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\drivers\svchost.exe"=-

:commands
[purity]
[emptytemp]
[reboot]



  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.


---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\

---> Le nom du rapport correspond au moment de sa création : date_heure.log

Message cité 1 fois
Répondre à Destrio5
valou04   23-02-2009 à 15:56:54

Destrio5 a écrit :

  • Menu Démarrer > Exécuter > Tape combofix /u et valide.


  • Désinstalle Java(TM) 6 Update 11.




  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :


:processes
explorer.exe

:reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\drivers\svchost.exe"=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\drivers\svchost.exe"=-

:commands
[purity]
[emptytemp]
[reboot]



  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.


---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\

---> Le nom du rapport correspond au moment de sa création : date_heure.log



Résultat moveit
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\%windir%\system32\drivers\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list\\%windir%\system32\drivers\svchost.exe deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp\etilqs_NXl0EieWzya0fZcKKH1N scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp\~DFF929.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS029AFB31-F58F-4D30-BC1C-A01443C50175.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS095786D1-B040-47E2-A35C-6BD47A1435FB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS0A4C34D2-02CB-4F0E-B0D4-414E085F2741.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS0DA6C314-B418-4B24-A1E1-372AC66692C7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1292B0DE-05E2-4D76-B604-641266D3A200.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1600F702-7F29-478C-A410-2B70C47C3871.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1695C112-EB57-4BF3-8BF0-BACDA266845B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS180C5DE4-636C-4E6E-93E2-16DE32588387.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS18ECD82D-E8AA-4876-8038-D7D5015233E9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS198416AF-1DB2-4FB1-A8E3-8A7F247A8846.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS19B0A465-F50D-4CE2-B790-312436BDD1B5.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS19B52330-AE53-48F3-8452-38B7B1B149BC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1B6AD12C-D206-4F1D-9BC7-F25D9BC4EE67.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1CA96055-A31E-48FF-AA22-621546DC2E05.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1D1C13B2-BC39-468C-9CE0-5378F9F5C0E7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1DA05180-8C4A-4987-ADFB-942E77E829B2.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1FAEDF36-8678-4538-82E4-5928C5FF6C72.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS26477984-4801-4BE3-BF52-33DF9BB2B1EB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2927A624-4FD8-44D8-AE4B-AD5E6ECBC033.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2AB07FEA-423B-4B9E-B084-268A44AD8BCE.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2BEDF8E4-38ED-472F-B033-81D7EEA57B04.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2D4FAECA-4F61-44D1-9FC7-EDD2597AFD81.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2F58877C-9FEC-46C5-8F73-9CDFFF3A2724.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS31BBE64F-74D0-4529-BC50-643CC20030D6.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS36A5CB5E-50F0-44D4-AEF8-B89E94F5D708.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS37982F73-F661-4066-A58D-9B409DE95CEC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS37C6CA47-2D60-4008-9102-49CD6401256C.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS3904DBA6-6B3C-4294-8808-4936A3240414.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS393BBE75-6DA1-47C2-A841-6E1F532484DD.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS3CABCA00-C30B-4881-8484-F2F8FAE3A421.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS3E77D7D3-2E80-416D-81D0-2E434A037F17.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS42CCFC19-0E35-4CE3-BC88-2A750E22453D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS452D575F-0FF3-4768-9D89-6B029E59786F.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS46FB3940-1FA2-4EE4-B311-C976A57ABC8B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS48B67499-48DB-4A9A-99D2-BA3AB86E4A9B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS4BB068A5-A898-4160-827D-D67A14E93AFD.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS4E7ED5AF-54CA-4F11-9FFA-392BB5BCDB1D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS52AA0309-719C-4E50-AA9D-AF31B9227C18.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS52E6C487-90DD-4490-B2DF-9817EF8CCA36.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS54E3F624-7390-474E-B8B6-BE7B00AD6625.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS59167DB3-1E4F-4623-A831-F36016B52B09.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS5977144E-3862-4143-8D38-5EE46D0F655E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS63BEA960-FBA5-4031-9016-7DAB73F92290.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS67FEEAD7-5986-4E7D-87ED-2C896197E087.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS6DB73364-0581-41F0-9F4C-EC073806E72E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS70498249-A8BE-420D-A47E-89174014CC12.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS736BE1EE-FC2E-4988-B3EA-69D2B0750523.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS757DE1B3-9E1D-4D8D-BBC3-C246B00667D5.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7647C868-A387-4A0A-8DB7-8E90AAD4EF79.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS78AD35AA-4354-43DA-A0F1-7E6FF92BFFF9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7990401B-F87B-4F5D-89E9-38987E97BD86.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7EBE84A3-8402-4344-8C7D-E48E86AA9FBA.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7F64A952-3579-4C92-80BA-CEAD1F536887.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7F7CC340-80B2-482C-8FB5-F8B6CEBC258B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7FDCB46C-30B4-4EFD-9EB2-D2B730BC5686.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS85DFCA30-42A1-454B-BE02-6421FED30D6E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS89E09191-48A2-4AE6-B60C-DB247A7B1B7C.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS8C2C2078-87CC-44E8-9AB5-E88CE1DF3432.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS8CB2D983-5DF9-4362-A300-67F76C4F1D8B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS8FFCD590-F6ED-49C2-B5DA-A7DE5E949316.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS90EBB7B7-62E9-427D-946E-B2D6747D3A2C.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS91E1A101-223A-4C75-8ABE-576C00BF06D0.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS95D79570-3900-4E80-8294-12C129ECB05E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS96773D4D-68BB-43D5-817F-AFFF8CFC65CC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS97A6E634-8EA8-4EB7-95A2-D13D305C949B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS9866DDA3-4FB2-4172-A082-AE0EF180E4A1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS9894B1EC-8A1B-453B-A89F-6C71F9A8D116.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA083B4E1-2D09-4952-BFAB-0EC9ACBF6D18.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA0B8177C-BE9C-4332-917F-FA1A4C4E25C1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA55BB05A-640D-4C23-A168-45AD09F33CAF.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA5983A5C-8D1B-4ECE-B277-BC02C39B5698.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA91C0851-F582-4F76-9323-74CE45175D8C.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA99B8EF5-24D2-42B9-870B-850DD1EAD51E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSAA3BBDEF-EC8F-45BC-BB74-13CE723181C8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSAADD4618-4D4C-44A4-ADD1-E79A250DF367.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSACCBDCF7-6072-4168-916E-3FDCC01802A7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB208AB17-B6BB-40C8-BB57-145B2886ADBE.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB4D53C3A-0E3F-4967-B4C1-23CE689F18D3.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB61C11CE-236C-43C5-8457-4335269744BC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB6513743-4483-4915-AA7C-9D6F2758DA98.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB8CE2E97-FD5C-4564-9EE2-1A697FBAA93E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSBC23AA06-20E2-48A7-B43F-DA5728F328E6.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC1D1FEDD-1FA6-48B2-ABED-644546887521.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC3E2F198-0918-4EF4-859C-50A1321F86D5.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC6313C5E-6A69-4642-A054-B5477E28B857.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC6485AB1-750A-4A73-884A-CE39A7450304.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC8A01121-AB36-483D-8757-BEDAA9A78288.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSCA2095FA-14EE-4CD3-B042-CCCF07A49D1D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSCC3FAE7B-9CC8-40AB-8113-EF62BB26A0B7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD7197B8E-68DB-46A5-8E7C-0084F3494E4D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSDAF5341E-B273-497A-A2AC-6B82289BA95E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSDD21ACC6-99C2-4A38-9A38-345F99FE0548.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSDE304C35-72FC-44A5-81B2-AB6F1E51EFE1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSDFB34DF9-05D6-4E04-82A5-127E89013AA2.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE3E277E4-57D8-4443-BD3B-CD628DC47EDC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE40F9752-A934-434C-81D8-BC69E97C6ABF.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE4F23A07-903A-45A0-A219-89E9F0A881BE.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE4F7236C-156F-4602-A22A-DD19E0C086A0.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE6706CCB-BEEF-4862-B616-0B2742B64729.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE8FC50C1-CF41-460B-B81F-17FF0AD9666A.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSECFC1D5C-674C-46CD-9379-E821C7102BBB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSF6C54D03-B3B9-478A-A4C3-FD3962A76A39.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSF7DB24A9-1CAE-478E-B990-33658D9C67B5.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSFB1F8474-0962-4498-A3E5-C15BE334ACEF.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_52c.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_8a0.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02232009_095008

Files moved on Reboot...
File C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp\etilqs_NXl0EieWzya0fZcKKH1N not found!
C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp\~DFF929.tmp moved successfully.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\wrstemp\SSMS029AFB31-F58F-4D30-BC1C-A01443C50175.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS095786D1-B040-47E2-A35C-6BD47A1435FB.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS0A4C34D2-02CB-4F0E-B0D4-414E085F2741.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS0DA6C314-B418-4B24-A1E1-372AC66692C7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1292B0DE-05E2-4D76-B604-641266D3A200.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1600F702-7F29-478C-A410-2B70C47C3871.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1695C112-EB57-4BF3-8BF0-BACDA266845B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS180C5DE4-636C-4E6E-93E2-16DE32588387.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS18ECD82D-E8AA-4876-8038-D7D5015233E9.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS198416AF-1DB2-4FB1-A8E3-8A7F247A8846.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS19B0A465-F50D-4CE2-B790-312436BDD1B5.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS19B52330-AE53-48F3-8452-38B7B1B149BC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1B6AD12C-D206-4F1D-9BC7-F25D9BC4EE67.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1CA96055-A31E-48FF-AA22-621546DC2E05.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1D1C13B2-BC39-468C-9CE0-5378F9F5C0E7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1DA05180-8C4A-4987-ADFB-942E77E829B2.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1FAEDF36-8678-4538-82E4-5928C5FF6C72.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS26477984-4801-4BE3-BF52-33DF9BB2B1EB.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2927A624-4FD8-44D8-AE4B-AD5E6ECBC033.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2AB07FEA-423B-4B9E-B084-268A44AD8BCE.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2BEDF8E4-38ED-472F-B033-81D7EEA57B04.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2D4FAECA-4F61-44D1-9FC7-EDD2597AFD81.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2F58877C-9FEC-46C5-8F73-9CDFFF3A2724.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS31BBE64F-74D0-4529-BC50-643CC20030D6.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS36A5CB5E-50F0-44D4-AEF8-B89E94F5D708.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS37982F73-F661-4066-A58D-9B409DE95CEC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS37C6CA47-2D60-4008-9102-49CD6401256C.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS3904DBA6-6B3C-4294-8808-4936A3240414.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS393BBE75-6DA1-47C2-A841-6E1F532484DD.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS3CABCA00-C30B-4881-8484-F2F8FAE3A421.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS3E77D7D3-2E80-416D-81D0-2E434A037F17.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS42CCFC19-0E35-4CE3-BC88-2A750E22453D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS452D575F-0FF3-4768-9D89-6B029E59786F.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS46FB3940-1FA2-4EE4-B311-C976A57ABC8B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS48B67499-48DB-4A9A-99D2-BA3AB86E4A9B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS4BB068A5-A898-4160-827D-D67A14E93AFD.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS4E7ED5AF-54CA-4F11-9FFA-392BB5BCDB1D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS52AA0309-719C-4E50-AA9D-AF31B9227C18.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS52E6C487-90DD-4490-B2DF-9817EF8CCA36.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS54E3F624-7390-474E-B8B6-BE7B00AD6625.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS59167DB3-1E4F-4623-A831-F36016B52B09.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS5977144E-3862-4143-8D38-5EE46D0F655E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS63BEA960-FBA5-4031-9016-7DAB73F92290.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS67FEEAD7-5986-4E7D-87ED-2C896197E087.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS6DB73364-0581-41F0-9F4C-EC073806E72E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS70498249-A8BE-420D-A47E-89174014CC12.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS736BE1EE-FC2E-4988-B3EA-69D2B0750523.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS757DE1B3-9E1D-4D8D-BBC3-C246B00667D5.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7647C868-A387-4A0A-8DB7-8E90AAD4EF79.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS78AD35AA-4354-43DA-A0F1-7E6FF92BFFF9.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7990401B-F87B-4F5D-89E9-38987E97BD86.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7EBE84A3-8402-4344-8C7D-E48E86AA9FBA.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7F64A952-3579-4C92-80BA-CEAD1F536887.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7F7CC340-80B2-482C-8FB5-F8B6CEBC258B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7FDCB46C-30B4-4EFD-9EB2-D2B730BC5686.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS85DFCA30-42A1-454B-BE02-6421FED30D6E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS89E09191-48A2-4AE6-B60C-DB247A7B1B7C.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS8C2C2078-87CC-44E8-9AB5-E88CE1DF3432.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS8CB2D983-5DF9-4362-A300-67F76C4F1D8B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS8FFCD590-F6ED-49C2-B5DA-A7DE5E949316.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS90EBB7B7-62E9-427D-946E-B2D6747D3A2C.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS91E1A101-223A-4C75-8ABE-576C00BF06D0.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS95D79570-3900-4E80-8294-12C129ECB05E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS96773D4D-68BB-43D5-817F-AFFF8CFC65CC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS97A6E634-8EA8-4EB7-95A2-D13D305C949B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS9866DDA3-4FB2-4172-A082-AE0EF180E4A1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS9894B1EC-8A1B-453B-A89F-6C71F9A8D116.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA083B4E1-2D09-4952-BFAB-0EC9ACBF6D18.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA0B8177C-BE9C-4332-917F-FA1A4C4E25C1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA55BB05A-640D-4C23-A168-45AD09F33CAF.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA5983A5C-8D1B-4ECE-B277-BC02C39B5698.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA91C0851-F582-4F76-9323-74CE45175D8C.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA99B8EF5-24D2-42B9-870B-850DD1EAD51E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSAA3BBDEF-EC8F-45BC-BB74-13CE723181C8.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSAADD4618-4D4C-44A4-ADD1-E79A250DF367.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSACCBDCF7-6072-4168-916E-3FDCC01802A7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB208AB17-B6BB-40C8-BB57-145B2886ADBE.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB4D53C3A-0E3F-4967-B4C1-23CE689F18D3.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB61C11CE-236C-43C5-8457-4335269744BC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB6513743-4483-4915-AA7C-9D6F2758DA98.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB8CE2E97-FD5C-4564-9EE2-1A697FBAA93E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSBC23AA06-20E2-48A7-B43F-DA5728F328E6.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC1D1FEDD-1FA6-48B2-ABED-644546887521.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC3E2F198-0918-4EF4-859C-50A1321F86D5.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC6313C5E-6A69-4642-A054-B5477E28B857.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC6485AB1-750A-4A73-884A-CE39A7450304.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC8A01121-AB36-483D-8757-BEDAA9A78288.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSCA2095FA-14EE-4CD3-B042-CCCF07A49D1D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSCC3FAE7B-9CC8-40AB-8113-EF62BB26A0B7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD7197B8E-68DB-46A5-8E7C-0084F3494E4D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSDAF5341E-B273-497A-A2AC-6B82289BA95E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSDD21ACC6-99C2-4A38-9A38-345F99FE0548.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSDE304C35-72FC-44A5-81B2-AB6F1E51EFE1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSDFB34DF9-05D6-4E04-82A5-127E89013AA2.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE3E277E4-57D8-4443-BD3B-CD628DC47EDC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE40F9752-A934-434C-81D8-BC69E97C6ABF.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE4F23A07-903A-45A0-A219-89E9F0A881BE.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE4F7236C-156F-4602-A22A-DD19E0C086A0.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE6706CCB-BEEF-4862-B616-0B2742B64729.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE8FC50C1-CF41-460B-B81F-17FF0AD9666A.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSECFC1D5C-674C-46CD-9379-E821C7102BBB.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSF6C54D03-B3B9-478A-A4C3-FD3962A76A39.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSF7DB24A9-1CAE-478E-B990-33658D9C67B5.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSFB1F8474-0962-4498-A3E5-C15BE334ACEF.tmp not found!
C:\WINDOWS\temp\Perflib_Perfdata_52c.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_8a0.dat not found!
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\urlclassifier3.sqlite moved successfully.

Répondre à valou04
Destrio5   23-02-2009 à 16:05:51

Ton PC va mieux ?

  • Refais un scan RSIT et poste le rapport log.

Répondre à Destrio5
valou04   23-02-2009 à 16:28:12

Non, pas vraiment. Je suis toujours dirigée vers d'autres sites que celui que je veux !!
Même word 2000 bloque quand je veux l'ouvrir !! Horreur !!
J'ai refais un scan RSIT
Logfile of random's system information tool 1.05 (written by random/random)
Run by v.Rosset at 2009-02-23 10:18:30
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (23%) free of 39 GB
Total RAM: 1503 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:18:39, on 2009-02-23
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\v.Rosset\Bureau\RSIT.exe
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\v.Rosset.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~1\Flashget\jccatch.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [mspd] "C:\WINDOWS\system32\mspd.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe /startintray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Enregistreur Vidéo Internet : rechercher des streams vidéo - file://D:\Programmes\scan.vbs
O8 - Extra context menu item: Ouvrir avec Enregistreur Vidéo Internet - file://D:\Programmes\anchor.vbs
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Programmes\Flashget\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Programmes\Flashget\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {B794C572-4E4D-4D4B-A115-25DBEB29EA71} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {DFD9C994-2EF1-4B7F-92B5-98E2D0A7CEB7} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.registrefoncier.gouv.qc [...] ViewAX.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareup [...] TSUEng.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.registrefoncier.gouv.qc [...] M/Acgm.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareup [...] /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 9292 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\RegTool Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - D:\PROGRA~1\Flashget\jccatch.dll [2006-05-16 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-23 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-23 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"mspd"=C:\WINDOWS\system32\mspd.exe [2003-08-27 389632]
"ISUSPM Startup"=c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe [2004-07-27 221184]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-23 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SpySweeper"=C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-02-22 509784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MétéoIMédia]
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-15 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-11-21 1687552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-11-27 180269]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2002-08-12 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^v.Rosset^Menu Démarrer^Programmes^Démarrage^Pense-bête.lnk]
C:\PROGRA~1\MINDSC~1\PRINTM~1\PMREMIND.EXE [2006-05-23 2344920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programmes\Azureus\Azureus.exe"="D:\Programmes\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe"="C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e341aa0-9cb1-11dd-ac7e-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58611ed2-98ae-11dd-ac6a-000ae6896f3f}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95a972c0-d18e-11da-a70f-000ae6896f3f}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22b4960-987f-11dd-ac68-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe


======List of files/folders created in the last 1 months======

2009-02-23 09:50:08 ----D---- C:\_OTMoveIt
2009-02-23 09:14:45 ----D---- C:\Program Files\NOS
2009-02-23 09:14:45 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\java.exe
2009-02-23 09:10:37 ----A---- C:\Program Files\jxpiinstall-6u12-fcs-bin-b04-windows-i586-17_jan_2009.exe
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENF.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENE.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\REND.tmp
2009-02-23 08:56:40 ----D---- C:\ComboFix
2009-02-22 23:16:41 ----SHD---- C:\RECYCLER
2009-02-22 21:51:40 ----A---- C:\ComboFix.txt
2009-02-22 21:39:26 ----A---- C:\Boot.bak
2009-02-22 21:39:17 ----RASHD---- C:\cmdcons
2009-02-22 21:37:42 ----D---- C:\WINDOWS\ERDNT
2009-02-22 18:25:16 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-02-22 17:39:35 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-22 17:29:16 ----A---- C:\WINDOWS\system32\tmp.txt
2009-02-22 17:29:06 ----A---- C:\rapport.txt
2009-02-22 17:14:20 ----D---- C:\rsit
2009-02-22 08:32:22 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-21 20:39:57 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-02-21 18:07:12 ----A---- C:\WINDOWS\system32\capicom.dll
2009-02-21 18:05:43 ----D---- C:\Program Files\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2009-02-21 18:05:43 ----A---- C:\WINDOWS\WRSetup.dll
2009-02-20 19:32:31 ----D---- C:\Program Files\VS Revo Group
2009-02-15 22:43:32 ----D---- C:\Program Files\Learning Essentials
2009-02-15 22:43:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-02-15 22:43:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-02-15 22:43:10 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-02-15 22:43:09 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-02-15 22:43:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-02-15 08:51:47 ----D---- C:\Program Files\Fichiers communs\Skype
2009-02-14 22:25:46 ----D---- C:\Program Files\PowerISO
2009-02-14 11:02:58 ----A---- C:\fixnavi.txt
2009-02-13 22:57:13 ----A---- C:\Program Files\HJTInstall.exe
2009-02-12 15:47:39 ----D---- C:\Malwarebytes' Anti-Malware
2009-02-10 07:50:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware(2)
2009-02-08 19:41:28 ----D---- C:\Documents and Settings\v.Rosset\Application Data\DAEMON Tools Lite
2009-02-08 08:36:31 ----A---- C:\avenger.txt
2009-02-07 12:09:09 ----A---- C:\Program Files\Vuze_4.1.0.2_windows.exe
2009-02-06 19:29:52 ----D---- C:\Documents and Settings\v.Rosset\Application Data\RegTool
2009-02-06 15:42:52 ----A---- C:\WINDOWS\Sysvxd.exe
2009-02-06 09:03:23 ----D---- C:\Program Files\WinAVI Video Converter
2009-02-02 15:21:15 ----D---- C:\Program Files\Microsoft Encarta
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Flood Light Games
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\All Users\Application Data\Flood Light Games

======List of files/folders modified in the last 1 months======

2009-02-23 10:18:37 ----D---- C:\WINDOWS\Prefetch
2009-02-23 10:08:25 ----RD---- C:\Program Files
2009-02-23 09:55:39 ----D---- C:\Program Files\Mozilla Thunderbird
2009-02-23 09:54:45 ----D---- C:\Program Files\Mozilla Firefox
2009-02-23 09:54:16 ----D---- C:\WINDOWS\Temp
2009-02-23 09:50:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-23 09:48:40 ----SHD---- C:\WINDOWS\Installer
2009-02-23 09:48:40 ----D---- C:\Config.Msi
2009-02-23 09:48:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-02-23 09:48:06 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-23 09:47:46 ----D---- C:\Program Files\Adobe
2009-02-23 09:21:55 ----D---- C:\WINDOWS\system32
2009-02-23 09:11:58 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-02-23 09:11:53 ----D---- C:\Program Files\Java
2009-02-23 08:57:37 ----SHD---- C:\System Volume Information
2009-02-23 08:57:37 ----D---- C:\WINDOWS\system32\Restore
2009-02-23 08:57:17 ----D---- C:\WINDOWS
2009-02-22 23:18:36 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-22 21:51:46 ----D---- C:\WINDOWS\system32\drivers
2009-02-22 21:47:20 ----A---- C:\WINDOWS\system.ini
2009-02-22 21:43:18 ----D---- C:\WINDOWS\system32\config
2009-02-22 21:41:49 ----D---- C:\WINDOWS\AppPatch
2009-02-22 21:41:45 ----D---- C:\Program Files\Fichiers communs
2009-02-22 21:39:26 ----RASH---- C:\boot.ini
2009-02-22 18:25:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-22 18:25:15 ----HD---- C:\WINDOWS\inf
2009-02-22 17:42:28 ----SD---- C:\WINDOWS\Tasks
2009-02-22 16:32:42 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-22 16:03:27 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-02-22 16:02:19 ----A---- C:\WINDOWS\DVDRegionFree.INI
2009-02-22 08:47:37 ----AC---- C:\WINDOWS\win.ini
2009-02-22 08:44:50 ----D---- C:\Program Files\Free FLV Converter
2009-02-22 08:44:21 ----D---- C:\Program Files\VSO
2009-02-22 08:42:28 ----D---- C:\Program Files\Lavasoft
2009-02-22 08:22:25 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Skype
2009-02-22 08:20:18 ----D---- C:\Documents and Settings\v.Rosset\Application Data\skypePM
2009-02-21 21:16:59 ----D---- C:\WINDOWS\system32\DirectX
2009-02-21 21:16:58 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Azureus
2009-02-21 21:16:57 ----RSD---- C:\WINDOWS\assembly
2009-02-21 21:11:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-21 20:39:52 ----D---- C:\WINDOWS\WinSxS
2009-02-21 19:14:55 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-21 19:14:55 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Lavasoft
2009-02-21 15:42:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-18 08:42:46 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Vso
2009-02-16 09:30:18 ----SD---- C:\Documents and Settings\v.Rosset\Application Data\Microsoft
2009-02-15 22:43:15 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-15 08:51:48 ----RD---- C:\Program Files\Skype
2009-02-15 08:51:48 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-02-12 19:20:18 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-12 19:20:18 ----D---- C:\WINDOWS\Debug
2009-02-11 15:18:38 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 15:18:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-11 15:18:16 ----D---- C:\Program Files\Internet Explorer
2009-02-11 15:18:06 ----D---- C:\WINDOWS\ie7updates
2009-02-10 13:03:42 ----D---- C:\WINDOWS\system32\wbem
2009-02-10 13:03:42 ----D---- C:\WINDOWS\Registration
2009-02-10 13:03:09 ----D---- C:\WINDOWS\speech
2009-02-10 13:03:09 ----D---- C:\WINDOWS\Help
2009-02-09 23:15:02 ----D---- C:\WINDOWS\system
2009-02-09 22:39:06 ----D---- C:\WINDOWS\msagent
2009-02-09 22:35:17 ----D---- C:\WINDOWS\system32\Macromed
2009-02-07 16:58:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2009-02-07 13:36:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-06 22:10:55 ----AC---- C:\WINDOWS\WININIT.INI
2009-02-06 21:29:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-06 20:16:52 ----A---- C:\WINDOWS\system32\338fa633-.txt
2009-02-06 20:15:31 ----D---- C:\Program Files\CCleaner
2009-02-06 20:02:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-06 14:51:12 ----D---- C:\Program Files\MediaCoder
2009-02-05 16:11:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-04 22:15:18 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-02-03 18:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-03 12:02:16 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-27 11:02:41 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2005-10-22 311680]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2005-10-22 119168]
R1 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2005-11-21 50176]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.0.1; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2006-03-08 19915]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-21 8064]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2005-10-22 27264]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 OM518P;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\om518vid.sys [2002-06-27 185256]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-06-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 RT2500;Linksys Wireless-G PCI Adapter Driver; C:\WINDOWS\System32\DRIVERS\RT2500.sys [2005-04-21 242176]
R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2003-09-02 166912]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-02-26 370048]
S2 ADSEXPB;ADS DVD Xpress B; C:\WINDOWS\System32\Drivers\adsexpb.sys [2003-10-08 32084]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\drivers\zumbus.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Jukebox3;Jukebox3; C:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2006-01-19 17280]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2005-10-22 27136]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2008-05-21 34576]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-03-09 37768]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-23 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [2008-11-12 3667312]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [2008-11-13 1086840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-22 950096]
S2 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-11-22 233472]
S2 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-11-21 409600]
S2 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-11-22 155648]
S2 WMP54Gv4SVC;WMP54Gv4SVC; C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe [2004-02-06 41025]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-05-07 779824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-07 271920]
S3 RoxMediaDB;RoxMediaDB; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe [2005-11-22 864256]
S3 RoxUPnPRenderer;RoxUpnpRenderer; C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe [2005-11-21 45056]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2008-05-21 92792]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-17 362240]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Répondre à valou04
Destrio5   23-02-2009 à 16:45:25

Refais un scan RSIT mais choisis l'option 3 Months cette fois-ci.


Message édité par Destrio5 le 23-02-2009 à 16:45:33
Répondre à Destrio5
valou04   23-02-2009 à 16:47:39

Logfile of random's system information tool 1.05 (written by random/random)
Run by v.Rosset at 2009-02-23 10:46:47
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (23%) free of 39 GB
Total RAM: 1503 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:46:50, on 2009-02-23
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Documents and Settings\v.Rosset\Bureau\RSIT.exe
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\v.Rosset.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~1\Flashget\jccatch.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [mspd] "C:\WINDOWS\system32\mspd.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe /startintray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Enregistreur Vidéo Internet : rechercher des streams vidéo - file://D:\Programmes\scan.vbs
O8 - Extra context menu item: Ouvrir avec Enregistreur Vidéo Internet - file://D:\Programmes\anchor.vbs
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Programmes\Flashget\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Programmes\Flashget\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {B794C572-4E4D-4D4B-A115-25DBEB29EA71} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {DFD9C994-2EF1-4B7F-92B5-98E2D0A7CEB7} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.registrefoncier.gouv.qc [...] ViewAX.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareup [...] TSUEng.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.registrefoncier.gouv.qc [...] M/Acgm.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareup [...] /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 9346 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\RegTool Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - D:\PROGRA~1\Flashget\jccatch.dll [2006-05-16 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-23 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-23 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"mspd"=C:\WINDOWS\system32\mspd.exe [2003-08-27 389632]
"ISUSPM Startup"=c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe [2004-07-27 221184]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-23 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SpySweeper"=C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-02-22 509784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MétéoIMédia]
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-15 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-11-21 1687552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-11-27 180269]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2002-08-12 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^v.Rosset^Menu Démarrer^Programmes^Démarrage^Pense-bête.lnk]
C:\PROGRA~1\MINDSC~1\PRINTM~1\PMREMIND.EXE [2006-05-23 2344920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programmes\Azureus\Azureus.exe"="D:\Programmes\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe"="C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e341aa0-9cb1-11dd-ac7e-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{194f9a2a-e9c5-11dd-ad2f-000ae6896f3f}]
shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58611ed2-98ae-11dd-ac6a-000ae6896f3f}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95a972c0-d18e-11da-a70f-000ae6896f3f}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22b4960-987f-11dd-ac68-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe


======List of files/folders created in the last 3 months======

2009-02-23 09:50:08 ----D---- C:\_OTMoveIt
2009-02-23 09:14:45 ----D---- C:\Program Files\NOS
2009-02-23 09:14:45 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\java.exe
2009-02-23 09:10:37 ----A---- C:\Program Files\jxpiinstall-6u12-fcs-bin-b04-windows-i586-17_jan_2009.exe
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENF.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENE.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\REND.tmp
2009-02-23 08:56:40 ----D---- C:\ComboFix
2009-02-22 23:16:41 ----SHD---- C:\RECYCLER
2009-02-22 21:51:40 ----A---- C:\ComboFix.txt
2009-02-22 21:39:26 ----A---- C:\Boot.bak
2009-02-22 21:39:17 ----RASHD---- C:\cmdcons
2009-02-22 21:37:42 ----D---- C:\WINDOWS\ERDNT
2009-02-22 18:25:16 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-02-22 17:39:35 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-22 17:29:16 ----A---- C:\WINDOWS\system32\tmp.txt
2009-02-22 17:29:06 ----A---- C:\rapport.txt
2009-02-22 17:14:20 ----D---- C:\rsit
2009-02-22 08:32:22 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-21 20:39:57 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-02-21 18:07:12 ----A---- C:\WINDOWS\system32\capicom.dll
2009-02-21 18:05:43 ----D---- C:\Program Files\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2009-02-21 18:05:43 ----A---- C:\WINDOWS\WRSetup.dll
2009-02-20 19:32:31 ----D---- C:\Program Files\VS Revo Group
2009-02-15 22:43:32 ----D---- C:\Program Files\Learning Essentials
2009-02-15 22:43:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-02-15 22:43:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-02-15 22:43:10 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-02-15 22:43:09 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-02-15 22:43:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-02-15 08:51:47 ----D---- C:\Program Files\Fichiers communs\Skype
2009-02-14 22:25:46 ----D---- C:\Program Files\PowerISO
2009-02-14 11:02:58 ----A---- C:\fixnavi.txt
2009-02-13 22:57:13 ----A---- C:\Program Files\HJTInstall.exe
2009-02-12 15:47:39 ----D---- C:\Malwarebytes' Anti-Malware
2009-02-10 07:50:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware(2)
2009-02-08 19:41:28 ----D---- C:\Documents and Settings\v.Rosset\Application Data\DAEMON Tools Lite
2009-02-08 08:36:31 ----A---- C:\avenger.txt
2009-02-07 12:09:09 ----A---- C:\Program Files\Vuze_4.1.0.2_windows.exe
2009-02-06 19:29:52 ----D---- C:\Documents and Settings\v.Rosset\Application Data\RegTool
2009-02-06 15:42:52 ----A---- C:\WINDOWS\Sysvxd.exe
2009-02-06 09:03:23 ----D---- C:\Program Files\WinAVI Video Converter
2009-02-02 15:21:15 ----D---- C:\Program Files\Microsoft Encarta
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Flood Light Games
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\All Users\Application Data\Flood Light Games
2009-01-23 22:14:35 ----D---- C:\Documents and Settings\v.Rosset\Application Data\U3
2009-01-20 00:12:40 ----A---- C:\WINDOWS\DVDRegionFree.INI
2009-01-20 00:12:00 ----D---- C:\Program Files\DVD Region+CSS Free
2009-01-18 22:55:14 ----A---- C:\WINDOWS\IfoEdit.INI
2009-01-18 22:53:23 ----D---- C:\Program Files\IfoEdit
2009-01-18 19:15:04 ----A---- C:\WINDOWS\iPlayer.INI
2009-01-18 19:14:10 ----D---- C:\Program Files\InterActual
2009-01-18 13:45:04 ----D---- C:\Documents and Settings\All Users\Application Data\vsosdk
2009-01-18 01:34:48 ----A---- C:\WINDOWS\system32\sipr3260.dll
2009-01-18 01:34:48 ----A---- C:\WINDOWS\system32\drv43260.dll
2009-01-18 01:34:48 ----A---- C:\WINDOWS\system32\drv33260.dll
2009-01-18 01:34:48 ----A---- C:\WINDOWS\system32\drv23260.dll
2009-01-18 01:34:48 ----A---- C:\WINDOWS\system32\cook3260.dll
2009-01-18 01:34:47 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2009-01-18 01:34:47 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2009-01-18 01:34:45 ----D---- C:\Program Files\VSO
2009-01-17 23:01:06 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-01-17 22:57:32 ----A---- C:\WINDOWS\system32\TUKernel.exe
2009-01-17 08:33:49 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-01-16 23:00:13 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-01-16 22:59:33 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-12 23:24:34 ----A---- C:\WINDOWS\system32\AVERM.dll
2009-01-12 23:24:34 ----A---- C:\WINDOWS\system32\AVEQT.dll
2009-01-09 15:29:03 ----D---- C:\Documents and Settings\v.Rosset\Application Data\vlc
2009-01-02 15:42:42 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-27 23:44:49 ----D---- C:\Program Files\Fichiers communs\xing shared
2008-11-27 23:44:39 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2008-11-27 23:44:28 ----A---- C:\WINDOWS\system32\pndx5032.dll
2008-11-27 23:44:28 ----A---- C:\WINDOWS\system32\pndx5016.dll

======List of files/folders modified in the last 3 months======

2009-02-23 10:46:07 ----D---- C:\WINDOWS\Prefetch
2009-02-23 10:35:27 ----D---- C:\Program Files\Mozilla Thunderbird
2009-02-23 10:35:11 ----D---- C:\WINDOWS\Temp
2009-02-23 10:35:11 ----D---- C:\WINDOWS\system32
2009-02-23 10:08:25 ----RD---- C:\Program Files
2009-02-23 09:54:45 ----D---- C:\Program Files\Mozilla Firefox
2009-02-23 09:50:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-23 09:48:40 ----SHD---- C:\WINDOWS\Installer
2009-02-23 09:48:40 ----D---- C:\Config.Msi
2009-02-23 09:48:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-02-23 09:48:06 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-23 09:47:46 ----D---- C:\Program Files\Adobe
2009-02-23 09:11:53 ----D---- C:\Program Files\Java
2009-02-23 08:57:37 ----SHD---- C:\System Volume Information
2009-02-23 08:57:37 ----D---- C:\WINDOWS\system32\Restore
2009-02-23 08:57:17 ----D---- C:\WINDOWS
2009-02-22 23:18:36 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-22 21:51:46 ----D---- C:\WINDOWS\system32\drivers
2009-02-22 21:47:20 ----A---- C:\WINDOWS\system.ini
2009-02-22 21:43:18 ----D---- C:\WINDOWS\system32\config
2009-02-22 21:41:49 ----D---- C:\WINDOWS\AppPatch
2009-02-22 21:41:45 ----D---- C:\Program Files\Fichiers communs
2009-02-22 21:39:26 ----RASH---- C:\boot.ini
2009-02-22 18:25:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-22 18:25:15 ----HD---- C:\WINDOWS\inf
2009-02-22 17:42:28 ----SD---- C:\WINDOWS\Tasks
2009-02-22 16:32:42 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-22 16:03:27 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-02-22 08:47:37 ----AC---- C:\WINDOWS\win.ini
2009-02-22 08:44:50 ----D---- C:\Program Files\Free FLV Converter
2009-02-22 08:42:28 ----D---- C:\Program Files\Lavasoft
2009-02-22 08:22:25 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Skype
2009-02-22 08:20:18 ----D---- C:\Documents and Settings\v.Rosset\Application Data\skypePM
2009-02-21 21:16:59 ----D---- C:\WINDOWS\system32\DirectX
2009-02-21 21:16:58 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Azureus
2009-02-21 21:16:57 ----RSD---- C:\WINDOWS\assembly
2009-02-21 21:11:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-21 20:39:52 ----D---- C:\WINDOWS\WinSxS
2009-02-21 19:14:55 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-21 19:14:55 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Lavasoft
2009-02-21 15:42:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-18 08:42:46 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Vso
2009-02-16 09:30:18 ----SD---- C:\Documents and Settings\v.Rosset\Application Data\Microsoft
2009-02-15 22:43:15 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-15 08:51:48 ----RD---- C:\Program Files\Skype
2009-02-15 08:51:48 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-02-12 19:20:18 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-12 19:20:18 ----D---- C:\WINDOWS\Debug
2009-02-11 15:18:38 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 15:18:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-11 15:18:16 ----D---- C:\Program Files\Internet Explorer
2009-02-11 15:18:06 ----D---- C:\WINDOWS\ie7updates
2009-02-10 13:03:42 ----D---- C:\WINDOWS\system32\wbem
2009-02-10 13:03:42 ----D---- C:\WINDOWS\Registration
2009-02-10 13:03:09 ----D---- C:\WINDOWS\speech
2009-02-10 13:03:09 ----D---- C:\WINDOWS\Help
2009-02-09 23:15:02 ----D---- C:\WINDOWS\system
2009-02-09 22:39:06 ----D---- C:\WINDOWS\msagent
2009-02-09 22:35:17 ----D---- C:\WINDOWS\system32\Macromed
2009-02-07 16:58:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2009-02-07 13:36:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-06 22:10:55 ----AC---- C:\WINDOWS\WININIT.INI
2009-02-06 21:29:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-06 20:16:52 ----A---- C:\WINDOWS\system32\338fa633-.txt
2009-02-06 20:15:31 ----D---- C:\Program Files\CCleaner
2009-02-06 20:02:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-06 14:51:12 ----D---- C:\Program Files\MediaCoder
2009-02-05 16:11:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-04 22:15:18 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-02-03 18:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-03 12:02:16 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-27 11:02:41 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Opera
2009-01-20 19:35:14 ----D---- C:\Documents and Settings\v.Rosset\Application Data\dvdcss
2009-01-17 23:04:33 ----RSD---- C:\WINDOWS\Fonts
2009-01-16 21:15:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-01-14 09:20:38 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-01-02 16:37:42 ----D---- C:\Program Files\Real
2009-01-02 16:23:09 ----D---- C:\Program Files\Canon
2008-12-20 17:47:04 ----A---- C:\WINDOWS\system32\wininet.dll
2008-12-20 17:47:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-12-20 17:47:03 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-12-20 17:47:02 ----A---- C:\WINDOWS\system32\url.dll
2008-12-20 17:47:02 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-12-20 17:47:02 ----A---- C:\WINDOWS\system32\occache.dll
2008-12-20 17:47:02 ----A---- C:\WINDOWS\system32\mstime.dll
2008-12-20 17:47:01 ----A---- C:\WINDOWS\system32\msrating.dll
2008-12-20 17:47:01 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-12-20 17:46:57 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-12-20 17:46:56 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-12-20 17:46:56 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-12-20 17:46:54 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-12-20 17:46:54 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-12-20 17:46:54 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-12-20 17:46:50 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-12-20 17:46:50 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-12-20 17:46:49 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-12-20 17:46:49 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-12-20 17:46:49 ----A---- C:\WINDOWS\system32\icardie.dll
2008-12-20 17:46:49 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-12-20 17:46:48 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-12-20 17:46:48 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-12-20 17:46:48 ----A---- C:\WINDOWS\system32\advpack.dll
2008-12-19 04:11:12 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-12-19 04:10:15 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-12-19 00:23:56 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-12-10 21:27:15 ----AC---- C:\WINDOWS\SGTBox.INI
2008-12-10 18:29:17 ----D---- C:\WINDOWS\Minidump
2008-12-08 20:22:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-08 20:21:14 ----D---- C:\Program Files\ma-config.com
2008-12-08 20:21:13 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-12-08 19:50:46 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-11-27 23:50:03 ----AC---- C:\WINDOWS\cdplayer.ini
2008-11-27 23:45:29 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Real
2008-11-27 23:44:43 ----D---- C:\Program Files\Fichiers communs\Real
2008-11-27 23:44:27 ----A---- C:\WINDOWS\system32\pncrt.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2005-10-22 311680]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2005-10-22 119168]
R1 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2005-11-21 50176]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.0.1; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2006-03-08 19915]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-21 8064]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2005-10-22 27264]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 OM518P;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\om518vid.sys [2002-06-27 185256]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-06-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 RT2500;Linksys Wireless-G PCI Adapter Driver; C:\WINDOWS\System32\DRIVERS\RT2500.sys [2005-04-21 242176]
R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2003-09-02 166912]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-02-26 370048]
S2 ADSEXPB;ADS DVD Xpress B; C:\WINDOWS\System32\Drivers\adsexpb.sys [2003-10-08 32084]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\drivers\zumbus.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Jukebox3;Jukebox3; C:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2006-01-19 17280]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2005-10-22 27136]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2008-05-21 34576]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-03-09 37768]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-23 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [2008-11-12 3667312]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [2008-11-13 1086840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-22 950096]
S2 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-11-22 233472]
S2 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-11-21 409600]
S2 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-11-22 155648]
S2 WMP54Gv4SVC;WMP54Gv4SVC; C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe [2004-02-06 41025]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-05-07 779824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-07 271920]
S3 RoxMediaDB;RoxMediaDB; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe [2005-11-22 864256]
S3 RoxUPnPRenderer;RoxUpnpRenderer; C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe [2005-11-21 45056]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2008-05-21 92792]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-17 362240]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Répondre à valou04
Destrio5   23-02-2009 à 16:59:07

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :


:processes
explorer.exe

:files
C:\WINDOWS\system32\338fa633-.txt

:commands
[purity]
[emptytemp]
[reboot]



  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.


---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\

---> Le nom du rapport correspond au moment de sa création : date_heure.log

Message cité 1 fois
Répondre à Destrio5
valou04   23-02-2009 à 17:21:23

Destrio5 a écrit :

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :


:processes
explorer.exe

:files
C:\WINDOWS\system32\338fa633-.txt

:commands
[purity]
[emptytemp]
[reboot]



  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.


---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\

---> Le nom du rapport correspond au moment de sa création : date_heure.log



========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\338fa633-.txt not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp\etilqs_CeWeRyAVbXLgAr6XZZzt scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS01AF788B-8C7C-418B-B75E-887BEBF4CE82.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS04C1E41B-2363-4DEC-A4BC-38EA01077BB6.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS068A7C30-FA37-468A-8463-62E83B19669D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS07FB6A02-340E-480F-AC79-7F672A8CEFA0.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS098763FF-A9EE-4018-AED8-7B446A32A6D7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS0B45A1E7-2441-4937-A149-E68B04DDEA01.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS106F8730-336A-4DD5-90BA-7DF84E10C738.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS128864F3-28EF-4DF5-B097-4FBB994EF0B0.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS15A56B5B-F7C9-4CDA-AF43-60AAA452E678.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS15F8070B-02E6-4CDC-A2D8-D74DA58A2C32.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS181D7D33-F183-4E9D-835A-7CCEB30577D4.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1C9C2D9A-1F00-425F-AC6D-DE7A0670C412.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS1E36DCBC-BFBD-4720-A12A-3B0870AAAFF7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS21F9A39C-3908-4BB0-9EBC-482FD77E66A7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS279E0171-562A-47DC-8767-1BF391615C0F.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS27DC8FFA-D886-4593-B432-C6E677E660EB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2C00810F-9442-4E99-8528-9A8096E951D1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS2C4362E5-124B-465E-A61E-9B38F3C7A907.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS308665E5-01E4-467C-8905-60E91F7C2831.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS34C559F6-6D12-4138-A9C5-2684F8E45289.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS3B24112D-CCE5-4395-94F1-37A15B30C9DC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS3C1F0C32-D602-4BC3-B2C9-0702496D302B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS3E05BA98-529B-41C5-8F29-7071465E89B9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS4069611B-05DC-4CA6-BA30-484EC9559EE3.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS40B0A622-3D87-4BDB-8F28-A58E39D3837D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS415C75FC-0435-4D8A-A996-30E782852354.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS430A7458-8E09-4A1F-9238-5010F6404317.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS44CAD30A-5B41-4075-8929-9051EDA6A885.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS45A6A779-51A0-4AC4-8D6B-7E9A75896C89.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS494F99A6-1311-413C-85EC-348744A9EAFD.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS4CAF0851-C67B-44FE-8DF0-1B47EBB30E03.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS512D40A9-97BF-48CB-8036-C55BABED1552.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS5197937C-8DBE-4D1D-8B46-915E732B69DB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS5656A623-628C-45EB-B2A7-B7203BF6E7EE.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS5758122A-BC10-46D5-98D3-240A219007A1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS592DCBC8-8A41-4A13-B404-6354DBDFF940.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS5D7D9371-5664-40F4-822B-415EC7DBC246.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS62377044-8C0A-4EA2-8AF4-5281D4FB5657.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS63035CDF-5055-4D2A-8266-B427F147C5B2.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS6583947F-AEC7-419F-ADB9-2D9094D79BB8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS66D715E0-2CFC-4354-A4FD-75E9333C5150.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS67767C27-C3C4-4017-9624-21243545A4A4.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS691DBE0C-7C95-4706-84DD-3B68F905DDE1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS696F987B-64B7-4665-8578-6418EA07A174.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS6A716B27-BE33-4B4A-82E1-6F74A9487178.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS6AF2F2BF-3712-4BF6-82C2-517D08F72D98.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS6ED1C620-7D9C-4923-B6CC-D3968A2081A7.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS706B6053-6854-4E11-A40C-F8386B047C16.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS70C77886-ACCE-4F19-AD36-1B38D3D0C89C.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS72ADC202-7529-434A-BFF9-5EBA6DABA4A2.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS731B9273-9E4F-4076-8740-F724E4E6B3AC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS788676B1-721F-4D15-AF91-AFBC68D44EDF.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS79AF8EF9-C5F4-4D69-9835-E50AD20503C9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS7D69ECD8-155C-4E16-8B3D-C98CEF550404.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS80173A25-4F3B-473A-BAA1-01943EDF7221.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS8302AB9A-8326-482A-A349-A3EF424FD831.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS8466423C-FCA0-4577-BDA7-6744FC1D1BAE.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS85714E70-BE33-40FE-B5B3-8702B1C33992.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS86C2AE59-9FD8-4662-AC93-46105AC50240.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS87BD9387-05AC-4D9F-9745-726C02B0949F.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS891F6681-8867-47D6-A3DC-2D1910848086.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS8F1C4AFE-B6B5-48CA-BE56-CF88920D44CC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS944D7331-E4FE-4598-B1B0-B41046256EBD.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS97AC0A83-BC38-4D9C-9457-2AF19883FF70.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMS9EAB1AE1-4865-4D05-8E6B-3A01C7A9E479.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA1139D5D-DF29-480C-B3E7-4AE672FA0197.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA18CBFE8-944B-43F3-A34B-6A2154F2E639.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA2A955A9-5CF6-4140-B45C-EC21E313071B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA48C64E1-8F2D-4B0F-8253-2A8A876CA8D9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA8B79DC1-42DA-40DE-AA5E-537D322391DC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA8EBF360-BB1C-447A-9DA4-4D17A071A1C8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSA9A9E3E4-6FB2-4F9B-974E-CBCF232AA9D9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSAFAD275C-8F16-49EB-9CE8-BA367360EF40.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB22CC460-9AA3-4BF7-91D0-A2C6B8B4F8DC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB60FC072-AD22-4A1A-92E6-ECA16A0047B0.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSB9B33D65-76E4-42A9-9DD6-11ADD2416E4D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSBAC1EE72-067D-45A4-90C6-B60C92FC0C57.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSBAD9F531-E2D6-494C-A047-04DB9E15F033.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC10FDFBB-5129-402C-B0C4-104B8B5196AB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC3E8A642-A701-4597-A0C2-22C79F331501.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC7B5B10C-75BC-4FF3-91BC-AEC5240A4811.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSC9B9350F-98DB-4285-97E9-170D1517933D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD03CCF00-599B-49A3-A380-ECF5CB46451B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD23BDCA1-F945-41F7-84F6-65EE13CEC2BC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD3900D3E-0EFE-4545-8360-6BFA9B4C6771.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD480E996-C0EF-45FB-861C-483D39C3B853.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD4F30954-CA91-4CB5-9F4F-0919162CE7B1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSD9930F75-99D1-46A1-8E20-E01CD1AB4B55.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSDDBC0985-E479-40BC-A4C0-33F8AEFF1940.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSDDEA78A5-2F7B-48FE-B5E7-520A4F4F5421.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE1EFE591-72FB-4691-9946-0F40EF7A63B6.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE2F5F74A-6B88-4F78-B71B-B76CC6DD5A30.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSE4EA20C4-0DDC-4D6E-80A9-9CD78E28886D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSEDFD3B34-256E-4D17-A913-CBAFB87CB921.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSEE51C839-0587-48EC-A6FB-61E5623802C6.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSEEB887B6-426C-4110-A5A5-2561BEF94189.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSEF1956CC-53E2-4E61-8587-75A9C717D270.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSF5D7D95F-A4EA-49D5-AE46-0B3DD9D9EDD1.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSF804B192-002A-496D-B2C3-90795C55BD69.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSF8336ADB-7164-4D84-921F-537CCE8381B8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSFA0ED83D-00FA-40A8-87B3-B9E9FE13A354.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSFA23AA11-9DC7-49DF-B483-E0A997D3D727.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSFA48D3E1-254B-436F-ADDA-91E1BA328D5E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\wrstemp\SSMSFEB08ABB-F284-4932-8BE7-171D7C506D94.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_128.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_548.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02232009_111519

Files moved on Reboot...
File C:\DOCUME~1\VF82C~1.ROS\LOCALS~1\Temp\etilqs_CeWeRyAVbXLgAr6XZZzt not found!
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\wrstemp\SSMS01AF788B-8C7C-418B-B75E-887BEBF4CE82.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS04C1E41B-2363-4DEC-A4BC-38EA01077BB6.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS068A7C30-FA37-468A-8463-62E83B19669D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS07FB6A02-340E-480F-AC79-7F672A8CEFA0.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS098763FF-A9EE-4018-AED8-7B446A32A6D7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS0B45A1E7-2441-4937-A149-E68B04DDEA01.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS106F8730-336A-4DD5-90BA-7DF84E10C738.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS128864F3-28EF-4DF5-B097-4FBB994EF0B0.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS15A56B5B-F7C9-4CDA-AF43-60AAA452E678.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS15F8070B-02E6-4CDC-A2D8-D74DA58A2C32.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS181D7D33-F183-4E9D-835A-7CCEB30577D4.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1C9C2D9A-1F00-425F-AC6D-DE7A0670C412.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS1E36DCBC-BFBD-4720-A12A-3B0870AAAFF7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS21F9A39C-3908-4BB0-9EBC-482FD77E66A7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS279E0171-562A-47DC-8767-1BF391615C0F.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS27DC8FFA-D886-4593-B432-C6E677E660EB.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2C00810F-9442-4E99-8528-9A8096E951D1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS2C4362E5-124B-465E-A61E-9B38F3C7A907.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS308665E5-01E4-467C-8905-60E91F7C2831.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS34C559F6-6D12-4138-A9C5-2684F8E45289.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS3B24112D-CCE5-4395-94F1-37A15B30C9DC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS3C1F0C32-D602-4BC3-B2C9-0702496D302B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS3E05BA98-529B-41C5-8F29-7071465E89B9.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS4069611B-05DC-4CA6-BA30-484EC9559EE3.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS40B0A622-3D87-4BDB-8F28-A58E39D3837D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS415C75FC-0435-4D8A-A996-30E782852354.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS430A7458-8E09-4A1F-9238-5010F6404317.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS44CAD30A-5B41-4075-8929-9051EDA6A885.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS45A6A779-51A0-4AC4-8D6B-7E9A75896C89.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS494F99A6-1311-413C-85EC-348744A9EAFD.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS4CAF0851-C67B-44FE-8DF0-1B47EBB30E03.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS512D40A9-97BF-48CB-8036-C55BABED1552.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS5197937C-8DBE-4D1D-8B46-915E732B69DB.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS5656A623-628C-45EB-B2A7-B7203BF6E7EE.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS5758122A-BC10-46D5-98D3-240A219007A1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS592DCBC8-8A41-4A13-B404-6354DBDFF940.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS5D7D9371-5664-40F4-822B-415EC7DBC246.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS62377044-8C0A-4EA2-8AF4-5281D4FB5657.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS63035CDF-5055-4D2A-8266-B427F147C5B2.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS6583947F-AEC7-419F-ADB9-2D9094D79BB8.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS66D715E0-2CFC-4354-A4FD-75E9333C5150.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS67767C27-C3C4-4017-9624-21243545A4A4.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS691DBE0C-7C95-4706-84DD-3B68F905DDE1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS696F987B-64B7-4665-8578-6418EA07A174.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS6A716B27-BE33-4B4A-82E1-6F74A9487178.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS6AF2F2BF-3712-4BF6-82C2-517D08F72D98.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS6ED1C620-7D9C-4923-B6CC-D3968A2081A7.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS706B6053-6854-4E11-A40C-F8386B047C16.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS70C77886-ACCE-4F19-AD36-1B38D3D0C89C.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS72ADC202-7529-434A-BFF9-5EBA6DABA4A2.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS731B9273-9E4F-4076-8740-F724E4E6B3AC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS788676B1-721F-4D15-AF91-AFBC68D44EDF.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS79AF8EF9-C5F4-4D69-9835-E50AD20503C9.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS7D69ECD8-155C-4E16-8B3D-C98CEF550404.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS80173A25-4F3B-473A-BAA1-01943EDF7221.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS8302AB9A-8326-482A-A349-A3EF424FD831.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS8466423C-FCA0-4577-BDA7-6744FC1D1BAE.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS85714E70-BE33-40FE-B5B3-8702B1C33992.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS86C2AE59-9FD8-4662-AC93-46105AC50240.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS87BD9387-05AC-4D9F-9745-726C02B0949F.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS891F6681-8867-47D6-A3DC-2D1910848086.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS8F1C4AFE-B6B5-48CA-BE56-CF88920D44CC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS944D7331-E4FE-4598-B1B0-B41046256EBD.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS97AC0A83-BC38-4D9C-9457-2AF19883FF70.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMS9EAB1AE1-4865-4D05-8E6B-3A01C7A9E479.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA1139D5D-DF29-480C-B3E7-4AE672FA0197.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA18CBFE8-944B-43F3-A34B-6A2154F2E639.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA2A955A9-5CF6-4140-B45C-EC21E313071B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA48C64E1-8F2D-4B0F-8253-2A8A876CA8D9.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA8B79DC1-42DA-40DE-AA5E-537D322391DC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA8EBF360-BB1C-447A-9DA4-4D17A071A1C8.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSA9A9E3E4-6FB2-4F9B-974E-CBCF232AA9D9.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSAFAD275C-8F16-49EB-9CE8-BA367360EF40.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB22CC460-9AA3-4BF7-91D0-A2C6B8B4F8DC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB60FC072-AD22-4A1A-92E6-ECA16A0047B0.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSB9B33D65-76E4-42A9-9DD6-11ADD2416E4D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSBAC1EE72-067D-45A4-90C6-B60C92FC0C57.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSBAD9F531-E2D6-494C-A047-04DB9E15F033.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC10FDFBB-5129-402C-B0C4-104B8B5196AB.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC3E8A642-A701-4597-A0C2-22C79F331501.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC7B5B10C-75BC-4FF3-91BC-AEC5240A4811.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSC9B9350F-98DB-4285-97E9-170D1517933D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD03CCF00-599B-49A3-A380-ECF5CB46451B.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD23BDCA1-F945-41F7-84F6-65EE13CEC2BC.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD3900D3E-0EFE-4545-8360-6BFA9B4C6771.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD480E996-C0EF-45FB-861C-483D39C3B853.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD4F30954-CA91-4CB5-9F4F-0919162CE7B1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSD9930F75-99D1-46A1-8E20-E01CD1AB4B55.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSDDBC0985-E479-40BC-A4C0-33F8AEFF1940.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSDDEA78A5-2F7B-48FE-B5E7-520A4F4F5421.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE1EFE591-72FB-4691-9946-0F40EF7A63B6.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE2F5F74A-6B88-4F78-B71B-B76CC6DD5A30.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSE4EA20C4-0DDC-4D6E-80A9-9CD78E28886D.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSEDFD3B34-256E-4D17-A913-CBAFB87CB921.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSEE51C839-0587-48EC-A6FB-61E5623802C6.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSEEB887B6-426C-4110-A5A5-2561BEF94189.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSEF1956CC-53E2-4E61-8587-75A9C717D270.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSF5D7D95F-A4EA-49D5-AE46-0B3DD9D9EDD1.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSF804B192-002A-496D-B2C3-90795C55BD69.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSF8336ADB-7164-4D84-921F-537CCE8381B8.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSFA0ED83D-00FA-40A8-87B3-B9E9FE13A354.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSFA23AA11-9DC7-49DF-B483-E0A997D3D727.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSFA48D3E1-254B-436F-ADDA-91E1BA328D5E.tmp not found!
File C:\WINDOWS\temp\wrstemp\SSMSFEB08ABB-F284-4932-8BE7-171D7C506D94.tmp not found!
File C:\WINDOWS\temp\Perflib_Perfdata_128.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_548.dat moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\v.Rosset\Local Settings\Application Data\Mozilla\Firefox\Profiles\fx6ut845.default\urlclassifier3.sqlite moved successfully.

Répondre à valou04
Destrio5   23-02-2009 à 17:27:35

1/

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).



2/

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).


Note : les rapports sont sauvegardés dans le dossier C:\rsit\.

Message cité 1 fois
Répondre à Destrio5
valou04   23-02-2009 à 17:51:10

Destrio5 a écrit :

1/

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).



2/

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).


Note : les rapports sont sauvegardés dans le dossier C:\rsit\.



[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\fixnavi.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\avenger.txt: trouvé !
C:\Combofix: trouvé !
C:\_OtMoveIt: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\Look2Me-Destroyer.exe: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\SmitFraudFix.exe: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\hijackthis.log: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\Look2Me-Destroyer.txt: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\Rsit.exe: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\SmitFraudfix: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\HijackThis.lnk: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\hijackthis.log: trouvé !
C:\Program Files\HJTInstall.exe: trouvé !

Logfile of random's system information tool 1.05 (written by random/random)
Run by v.Rosset at 2009-02-23 11:47:06
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (23%) free of 39 GB
Total RAM: 1503 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:47:14, on 2009-02-23
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\v.Rosset\Bureau\RSIT.exe
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\v.Rosset.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~1\Flashget\jccatch.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [mspd] "C:\WINDOWS\system32\mspd.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Enregistreur Vidéo Internet : rechercher des streams vidéo - file://D:\Programmes\scan.vbs
O8 - Extra context menu item: Ouvrir avec Enregistreur Vidéo Internet - file://D:\Programmes\anchor.vbs
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Programmes\Flashget\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Programmes\Flashget\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {B794C572-4E4D-4D4B-A115-25DBEB29EA71} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {DFD9C994-2EF1-4B7F-92B5-98E2D0A7CEB7} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.registrefoncier.gouv.qc [...] ViewAX.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareup [...] TSUEng.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.registrefoncier.gouv.qc [...] M/Acgm.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareup [...] /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 9457 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\RegTool Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - D:\PROGRA~1\Flashget\jccatch.dll [2006-05-16 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-23 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-23 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"mspd"=C:\WINDOWS\system32\mspd.exe [2003-08-27 389632]
"ISUSPM Startup"=c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe [2004-07-27 221184]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-23 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SpySweeper"=C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-02-22 509784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MétéoIMédia]
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-15 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-11-21 1687552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-11-27 180269]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2002-08-12 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^v.Rosset^Menu Démarrer^Programmes^Démarrage^Pense-bête.lnk]
C:\PROGRA~1\MINDSC~1\PRINTM~1\PMREMIND.EXE [2006-05-23 2344920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programmes\Azureus\Azureus.exe"="D:\Programmes\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe"="C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e341aa0-9cb1-11dd-ac7e-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{194f9a2a-e9c5-11dd-ad2f-000ae6896f3f}]
shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58611ed2-98ae-11dd-ac6a-000ae6896f3f}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95a972c0-d18e-11da-a70f-000ae6896f3f}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22b4960-987f-11dd-ac68-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe


======List of files/folders created in the last 1 months======

2009-02-23 09:50:08 ----D---- C:\_OTMoveIt
2009-02-23 09:14:45 ----D---- C:\Program Files\NOS
2009-02-23 09:14:45 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\java.exe
2009-02-23 09:10:37 ----A---- C:\Program Files\jxpiinstall-6u12-fcs-bin-b04-windows-i586-17_jan_2009.exe
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENF.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENE.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\REND.tmp
2009-02-23 08:56:40 ----D---- C:\ComboFix
2009-02-22 23:16:41 ----SHD---- C:\RECYCLER
2009-02-22 21:51:40 ----A---- C:\ComboFix.txt
2009-02-22 21:39:26 ----A---- C:\Boot.bak
2009-02-22 21:39:17 ----RASHD---- C:\cmdcons
2009-02-22 21:37:42 ----D---- C:\WINDOWS\ERDNT
2009-02-22 18:25:16 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-02-22 17:39:35 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-22 17:29:16 ----A---- C:\WINDOWS\system32\tmp.txt
2009-02-22 17:29:06 ----A---- C:\rapport.txt
2009-02-22 17:14:20 ----D---- C:\rsit
2009-02-22 08:32:22 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-21 20:39:57 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-02-21 18:07:12 ----A---- C:\WINDOWS\system32\capicom.dll
2009-02-21 18:05:43 ----D---- C:\Program Files\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2009-02-21 18:05:43 ----A---- C:\WINDOWS\WRSetup.dll
2009-02-20 19:32:31 ----D---- C:\Program Files\VS Revo Group
2009-02-15 22:43:32 ----D---- C:\Program Files\Learning Essentials
2009-02-15 22:43:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-02-15 22:43:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-02-15 22:43:10 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-02-15 22:43:09 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-02-15 22:43:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-02-15 08:51:47 ----D---- C:\Program Files\Fichiers communs\Skype
2009-02-14 22:25:46 ----D---- C:\Program Files\PowerISO
2009-02-14 11:02:58 ----A---- C:\fixnavi.txt
2009-02-13 22:57:13 ----A---- C:\Program Files\HJTInstall.exe
2009-02-12 15:47:39 ----D---- C:\Malwarebytes' Anti-Malware
2009-02-10 07:50:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware(2)
2009-02-08 19:41:28 ----D---- C:\Documents and Settings\v.Rosset\Application Data\DAEMON Tools Lite
2009-02-08 08:36:31 ----A---- C:\avenger.txt
2009-02-07 12:09:09 ----A---- C:\Program Files\Vuze_4.1.0.2_windows.exe
2009-02-06 19:29:52 ----D---- C:\Documents and Settings\v.Rosset\Application Data\RegTool
2009-02-06 15:42:52 ----A---- C:\WINDOWS\Sysvxd.exe
2009-02-06 09:03:23 ----D---- C:\Program Files\WinAVI Video Converter
2009-02-02 15:21:15 ----D---- C:\Program Files\Microsoft Encarta
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Flood Light Games
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\All Users\Application Data\Flood Light Games

======List of files/folders modified in the last 1 months======

2009-02-23 11:45:28 ----D---- C:\Program Files\Mozilla Thunderbird
2009-02-23 11:34:01 ----D---- C:\WINDOWS\Prefetch
2009-02-23 11:33:00 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Skype
2009-02-23 11:29:26 ----D---- C:\Program Files\Mozilla Firefox
2009-02-23 11:19:39 ----D---- C:\WINDOWS\Temp
2009-02-23 11:15:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-23 11:07:10 ----D---- C:\WINDOWS\system32
2009-02-23 10:57:04 ----D---- C:\Documents and Settings\v.Rosset\Application Data\skypePM
2009-02-23 10:08:25 ----RD---- C:\Program Files
2009-02-23 09:51:44 ----D---- C:\Config.Msi
2009-02-23 09:48:40 ----SHD---- C:\WINDOWS\Installer
2009-02-23 09:48:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-02-23 09:48:06 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-23 09:47:46 ----D---- C:\Program Files\Adobe
2009-02-23 09:11:58 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-02-23 09:11:53 ----D---- C:\Program Files\Java
2009-02-23 08:57:37 ----SHD---- C:\System Volume Information
2009-02-23 08:57:37 ----D---- C:\WINDOWS\system32\Restore
2009-02-23 08:57:17 ----D---- C:\WINDOWS
2009-02-22 23:18:36 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-22 21:51:46 ----D---- C:\WINDOWS\system32\drivers
2009-02-22 21:47:20 ----A---- C:\WINDOWS\system.ini
2009-02-22 21:43:18 ----D---- C:\WINDOWS\system32\config
2009-02-22 21:41:49 ----D---- C:\WINDOWS\AppPatch
2009-02-22 21:41:45 ----D---- C:\Program Files\Fichiers communs
2009-02-22 21:39:26 ----RASH---- C:\boot.ini
2009-02-22 18:25:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-22 18:25:15 ----HD---- C:\WINDOWS\inf
2009-02-22 17:42:28 ----SD---- C:\WINDOWS\Tasks
2009-02-22 16:32:42 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-22 16:03:27 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-02-22 16:02:19 ----A---- C:\WINDOWS\DVDRegionFree.INI
2009-02-22 08:47:37 ----AC---- C:\WINDOWS\win.ini
2009-02-22 08:44:50 ----D---- C:\Program Files\Free FLV Converter
2009-02-22 08:44:21 ----D---- C:\Program Files\VSO
2009-02-22 08:42:28 ----D---- C:\Program Files\Lavasoft
2009-02-21 21:16:59 ----D---- C:\WINDOWS\system32\DirectX
2009-02-21 21:16:58 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Azureus
2009-02-21 21:16:57 ----RSD---- C:\WINDOWS\assembly
2009-02-21 21:11:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-21 20:39:52 ----D---- C:\WINDOWS\WinSxS
2009-02-21 19:14:55 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-21 19:14:55 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Lavasoft
2009-02-21 15:42:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-18 08:42:46 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Vso
2009-02-16 09:30:18 ----SD---- C:\Documents and Settings\v.Rosset\Application Data\Microsoft
2009-02-15 22:43:15 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-15 08:51:48 ----RD---- C:\Program Files\Skype
2009-02-15 08:51:48 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-02-12 19:20:18 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-12 19:20:18 ----D---- C:\WINDOWS\Debug
2009-02-11 15:18:38 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 15:18:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-11 15:18:16 ----D---- C:\Program Files\Internet Explorer
2009-02-11 15:18:06 ----D---- C:\WINDOWS\ie7updates
2009-02-10 13:03:42 ----D---- C:\WINDOWS\system32\wbem
2009-02-10 13:03:42 ----D---- C:\WINDOWS\Registration
2009-02-10 13:03:09 ----D---- C:\WINDOWS\speech
2009-02-10 13:03:09 ----D---- C:\WINDOWS\Help
2009-02-09 23:15:02 ----D---- C:\WINDOWS\system
2009-02-09 22:39:06 ----D---- C:\WINDOWS\msagent
2009-02-09 22:35:17 ----D---- C:\WINDOWS\system32\Macromed
2009-02-07 16:58:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2009-02-07 13:36:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-06 22:10:55 ----AC---- C:\WINDOWS\WININIT.INI
2009-02-06 21:29:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-06 20:15:31 ----D---- C:\Program Files\CCleaner
2009-02-06 20:02:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-06 14:51:12 ----D---- C:\Program Files\MediaCoder
2009-02-05 16:11:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-04 22:15:18 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-02-03 18:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-03 12:02:16 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-27 11:02:41 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2005-10-22 311680]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2005-10-22 119168]
R1 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2005-11-21 50176]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.0.1; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2006-03-08 19915]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-21 8064]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2005-10-22 27264]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 OM518P;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\om518vid.sys [2002-06-27 185256]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-06-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 RT2500;Linksys Wireless-G PCI Adapter Driver; C:\WINDOWS\System32\DRIVERS\RT2500.sys [2005-04-21 242176]
R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2003-09-02 166912]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-02-26 370048]
S2 ADSEXPB;ADS DVD Xpress B; C:\WINDOWS\System32\Drivers\adsexpb.sys [2003-10-08 32084]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\drivers\zumbus.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Jukebox3;Jukebox3; C:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2006-01-19 17280]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2005-10-22 27136]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2008-05-21 34576]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-03-09 37768]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-23 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-11-22 155648]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [2008-11-12 3667312]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [2008-11-13 1086840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-22 950096]
S2 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-11-22 233472]
S2 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-11-21 409600]
S2 WMP54Gv4SVC;WMP54Gv4SVC; C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe [2004-02-06 41025]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-05-07 779824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-07 271920]
S3 RoxMediaDB;RoxMediaDB; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe [2005-11-22 864256]
S3 RoxUPnPRenderer;RoxUpnpRenderer; C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe [2005-11-21 45056]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2008-05-21 92792]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-17 362240]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-02-22 17:14:59

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {637099FB-45FD-4BC7-9651-6FB540DBB749}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
-->MsiExec.exe /I{26792CA7-D87A-4DBE-896B-C2F66B344511}
-->MsiExec.exe /I{637099FB-45FD-4BC7-9651-6FB540DBB749}
-->MsiExec.exe /I{6D4F02C4-F6AF-4659-A933-7FC06235A8D5}
-->MsiExec.exe /I{7FD9FD10-9F7F-4DDF-B9F0-911209FF0CEA}
-->MsiExec.exe /I{8C60949A-46F9-4DD7-BA9F-78C00D9D4C8D}
-->MsiExec.exe /I{EB748B9B-F872-4E95-98E8-5CA7E5425DAF}
-->MsiExec.exe /I{F0EACC27-A729-406C-9BF6-C8F10CEC36F8}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Camera Suite 1.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD13BFB0-FDD2-4AFA-A8AF-9F4A950D56B7}\setup.exe" -l0x40c
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{26BDE7D8-93F0-4A07-AD47-1707DB417941} /l1036
Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}
Canon iP4500 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series /L0x000c
Canon MovieEdit Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DE286975-ACF1-45B8-9EF7-34E162B2C817}
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}
Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}
Canon ScanGear Toolbox 3.1-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\ScanGear Toolbox Ver3.1\Uninst.isu" -c"C:\Program Files\Canon\ScanGear Toolbox Ver3.1\uninst.dll"
Canon Utilities ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
ConvertXtoDVD 3.4.7.121-->"D:\Programmes\convertx\unins000.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
D-Link VGA Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A783A9B5-9249-494C-8766-ECDE41FD6160}\Setup.exe" -l0x40c
DriverAgent by TouchStone Software-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove
DVD Decrypter 3.5.4.0 Fr-->C:\Program Files\DVD Decrypter\UnInstall_DVDdecrypt.exe
DVD Region+CSS Free 5.9.8.5-->"C:\Program Files\DVD Region+CSS Free\unins000.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVD Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
DVDCoach Express 0.9.2-->"C:\Program Files\Kibisoft\DVDCoach Express\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.3.0-->"C:\Program Files\DVDFab 5\unins000.exe"
DVDFab Decrypter 3.0.8.0-->"C:\Program Files\DVDFab Decrypter 3\unins000.exe"
DVDFab HD Decrypter 4.1.0.2-->"C:\Program Files\DVDFab HD Decrypter 4\unins000.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Free FLV Converter V 6.1.0-->"C:\Program Files\Free FLV Converter\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IFOEdit 0.971 Fr-->C:\Program Files\IfoEdit\UnInstall_IfoEdit.exe
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
InterVideo WinDVD 4-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Indispensables Éducation pour Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
LimeWire 4.16.6-->"C:\Program Files\LimeWire\uninstall.exe"
Linksys Wireless-G PCI Adapter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4DDC3BED-CC68-44AA-B435-D727B620CA5B}\setup.exe" -l0x40c
Macromedia Flash Player 8-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
Malwarebytes' Anti-Malware-->"C:\Malwarebytes' Anti-Malware\unins000.exe"
MediaCoder 0.6.0-->C:\Program Files\MediaCoder\uninst.exe
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Encarta 2009 - Collection-->MsiExec.exe /I{09180081-2C94-4A67-8E55-8483C019C7D2}
Microsoft Encarta Maths-->MsiExec.exe /I{07183840-959A-4B0D-8825-2C533F0DDB19}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Disque 2-->MsiExec.exe /I{0004040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 SR-1 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
MioTransfer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{49F00501-E02F-458F-8AED-85949AB9656F}\setup.exe" -l0x40c
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MPEG2 Video Encoder-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E6A0986D-3244-4AB7-BE29-11500E68EF46}\Setup.exe" -l0x40c
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 and SOAP Toolkit 3.0-->MsiExec.exe /I{32343DB6-9A52-40C9-87E4-5E7C79791C87}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
muvee autoProducer 3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD057516-AE06-44FA-B615-463FD524526F}\Setup.exe" -l0x40c
Nero 7 Essentials-->MsiExec.exe /X{E11BD6A7-5046-4D25-ABCB-386A54F71036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Net Transport 1.94.282-->"C:\Program Files\Xi\NetTransport 2\unins000.exe"
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PIXMA Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PrintMaster 7.00-->c:\PROGRA~1\MINDSC~1\PRINTM~1\uninst32.exe /IFirst
ProSavageDDR and Utilities-->C:\PROGRA~1\S3Inc\P4M266\s3setvga.exe -s -fC:\PROGRA~1\S3Inc\P4M266\P4M266.uns
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RamBoost XP 4.0.6-->"C:\Program Files\RamBoost XP\unins000.exe"
Revo Uninstaller 1.71-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Roxio Content 8-->MsiExec.exe /X{329B7564-7E13-4A70-BC2B-F9870C82AAB6}
Roxio Easy Media Creator 8 Suite-->MsiExec.exe /I{868901EE-7807-4F89-A134-7C705D34F91F}
S3Display-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
Scan Manager 5.2-->MsiExec.exe /I{E0A1559B-9886-11D4-8D06-0050DA284A39}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Spy Sweeper Core-->MsiExec.exe /I{3F5B6210-0903-4DC6-8034-8F488AA3A782}
Spy Sweeper-->"C:\Program Files\Webroot\WebrootSecurity\unins000.exe"
Spybot - Search & Destroy 1.5.2.20-->"C:\WINDOWS\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
VIA Audio Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -f"C:\PROGRA~1\VIATEC~1\VIAAUD~1/Uninst.isu"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->D:\Programmes\vlc\uninstall.exe
Vuze-->D:\Programmes\Azureus\uninstall.exe
WinAVI Video Converter 8.0-->"C:\Program Files\WinAVI Video Converter\unins000.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPcap 4.1 beta4-->C:\Program Files\WinPcap\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

=====HijackThis Backups=====

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\fgiebar.dll (file missing)

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090221-0]
FW: Webroot Internet Security Essentials (disabled)

System event log

Computer Name: VALOU
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 123460
Source Name: EventLog
Time Written: 20090207080303.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.

Record Number: 123459
Source Name: EventLog
Time Written: 20090207000050.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 123458
Source Name: EventLog
Time Written: 20090207000034.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 123457
Source Name: EventLog
Time Written: 20090207000034.000000-300
Event Type: Informations
User:

Computer Name: VALOU
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.

Record Number: 123456
Source Name: EventLog
Time Written: 20090206234355.000000-300
Event Type: Informations
User:

Application event log

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201982
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201981
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201980
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201979
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

Computer Name: VALOU
Event Code: 11328
Message: Produit : TuneUp Utilities 2009 -- Erreur 1328. Erreur lors de l'application du programme correctif au fichier C:\Config.Msi\PT84.tmp. Il a sans doute été mis à jour de manière différente et ne peut plus être modifié par ce programme correctif. Pour obtenir des informations complémentaires, contactez le revendeur de votre programme correctif. Erreur système : -1072807676

Record Number: 201978
Source Name: MsiInstaller
Time Written: 20090116231743.000000-300
Event Type: erreur
User: VALOU\v.Rosset

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0207
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"RoxioCentral"=C:\Program Files\Fichiers communs\Roxio Shared\Roxio Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

Répondre à valou04
valou04   23-02-2009 à 17:52:46

OUps ! Mon info texte est celui d'hier ! Je ne trouve pas celui d'aujourd'hui, juste le log ! Je refais un scan !

Répondre à valou04
Destrio5   23-02-2009 à 17:57:31

C'est normal, tu n'as pas cliqué sur Suppression dans ToolsCleaner.

Message cité 1 fois
Répondre à Destrio5
valou04   23-02-2009 à 18:18:23

Destrio5 a écrit :

C'est normal, tu n'as pas cliqué sur Suppression dans ToolsCleaner.



Destrio, je dois absolument m'absenter. Pourra-t-on reprendre une prochaine fois ?
Merci encore pour ton aide
Valérie

Répondre à valou04
valou04   24-02-2009 à 16:19:20

Destrio5 a écrit :

Pas de soucis.



Bonjour Destrio5, me revoilà !
je te joins les rapports :
[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Rsit: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\Rsit.exe: trouvé !
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\v.Rosset\Bureau\Rsit.exe: supprimé !
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\hijackthis.log: supprimé !
C:\Rsit: supprimé !

Logfile of random's system information tool 1.05 (written by random/random)
Run by v.Rosset at 2009-02-24 10:12:01
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (23%) free of 39 GB
Total RAM: 1503 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:12:12, on 2009-02-24
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Documents and Settings\v.Rosset\Bureau\RSIT.exe
C:\Documents and Settings\v.Rosset\Bureau\Nettoyage\v.Rosset.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~1\Flashget\jccatch.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [mspd] "C:\WINDOWS\system32\mspd.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Enregistreur Vidéo Internet : rechercher des streams vidéo - file://D:\Programmes\scan.vbs
O8 - Extra context menu item: Ouvrir avec Enregistreur Vidéo Internet - file://D:\Programmes\anchor.vbs
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Programmes\Flashget\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Programmes\Flashget\jc_all.htm
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {B794C572-4E4D-4D4B-A115-25DBEB29EA71} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Flashget\flashget.exe (file missing)
O9 - Extra button: Enregistreur Vidéo Internet : rechercher des streams vidéo - {DFD9C994-2EF1-4B7F-92B5-98E2D0A7CEB7} - file://D:\Programmes\scan.vbs (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.registrefoncier.gouv.qc [...] ViewAX.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareup [...] TSUEng.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.registrefoncier.gouv.qc [...] M/Acgm.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareup [...] /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 9529 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\RegTool Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - D:\PROGRA~1\Flashget\jccatch.dll [2006-05-16 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-23 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-23 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"mspd"=C:\WINDOWS\system32\mspd.exe [2003-08-27 389632]
"ISUSPM Startup"=c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe [2004-07-27 221184]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-23 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SpySweeper"=C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-02-22 509784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MétéoIMédia]
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-15 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe [2005-11-21 1687552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-11-27 180269]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2002-08-12 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^v.Rosset^Menu Démarrer^Programmes^Démarrage^Pense-bête.lnk]
C:\PROGRA~1\MINDSC~1\PRINTM~1\PMREMIND.EXE [2006-05-23 2344920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programmes\Azureus\Azureus.exe"="D:\Programmes\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe"="C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e341aa0-9cb1-11dd-ac7e-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{194f9a2a-e9c5-11dd-ad2f-000ae6896f3f}]
shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58611ed2-98ae-11dd-ac6a-000ae6896f3f}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95a972c0-d18e-11da-a70f-000ae6896f3f}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22b4960-987f-11dd-ac68-0012178290da}]
shell\AutoRun\command - G:\WD_Windows_Tools\Setup.exe


======List of files/folders created in the last 1 months======

2009-02-24 10:12:01 ----D---- C:\rsit
2009-02-23 13:33:18 ----A---- C:\TCleaner.txt
2009-02-23 09:14:45 ----D---- C:\Program Files\NOS
2009-02-23 09:14:45 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-23 09:12:26 ----A---- C:\WINDOWS\system32\java.exe
2009-02-23 09:10:37 ----A---- C:\Program Files\jxpiinstall-6u12-fcs-bin-b04-windows-i586-17_jan_2009.exe
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENF.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\RENE.tmp
2009-02-23 09:00:11 ----A---- C:\WINDOWS\system32\REND.tmp
2009-02-22 23:16:41 ----SHD---- C:\RECYCLER
2009-02-22 21:39:26 ----A---- C:\Boot.bak
2009-02-22 21:39:17 ----RASHD---- C:\cmdcons
2009-02-22 21:37:42 ----D---- C:\WINDOWS\ERDNT
2009-02-22 18:25:16 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-02-22 17:39:35 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-22 17:29:16 ----A---- C:\WINDOWS\system32\tmp.txt
2009-02-22 17:29:06 ----A---- C:\rapport.txt
2009-02-22 08:32:22 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-21 20:39:57 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-02-21 18:07:12 ----A---- C:\WINDOWS\system32\capicom.dll
2009-02-21 18:05:43 ----D---- C:\Program Files\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Webroot
2009-02-21 18:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2009-02-21 18:05:43 ----A---- C:\WINDOWS\WRSetup.dll
2009-02-20 19:32:31 ----D---- C:\Program Files\VS Revo Group
2009-02-15 22:43:32 ----D---- C:\Program Files\Learning Essentials
2009-02-15 22:43:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-02-15 22:43:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-02-15 22:43:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-02-15 22:43:10 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-02-15 22:43:09 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-02-15 22:43:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-02-15 08:51:47 ----D---- C:\Program Files\Fichiers communs\Skype
2009-02-14 22:25:46 ----D---- C:\Program Files\PowerISO
2009-02-12 15:47:39 ----D---- C:\Malwarebytes' Anti-Malware
2009-02-10 07:50:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware(2)
2009-02-08 19:41:28 ----D---- C:\Documents and Settings\v.Rosset\Application Data\DAEMON Tools Lite
2009-02-07 12:09:09 ----A---- C:\Program Files\Vuze_4.1.0.2_windows.exe
2009-02-06 19:29:52 ----D---- C:\Documents and Settings\v.Rosset\Application Data\RegTool
2009-02-06 15:42:52 ----A---- C:\WINDOWS\Sysvxd.exe
2009-02-06 09:03:23 ----D---- C:\Program Files\WinAVI Video Converter
2009-02-02 15:21:15 ----D---- C:\Program Files\Microsoft Encarta
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Flood Light Games
2009-01-30 15:06:07 ----D---- C:\Documents and Settings\All Users\Application Data\Flood Light Games

======List of files/folders modified in the last 1 months======

2009-02-24 10:05:48 ----D---- C:\WINDOWS\system32
2009-02-24 10:05:46 ----D---- C:\Program Files\Mozilla Firefox
2009-02-24 10:02:34 ----D---- C:\WINDOWS\Temp
2009-02-24 09:46:13 ----D---- C:\Program Files\Mozilla Thunderbird
2009-02-24 09:27:00 ----D---- C:\WINDOWS\Prefetch
2009-02-23 23:44:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-23 23:37:38 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Skype
2009-02-23 16:02:02 ----D---- C:\Documents and Settings\v.Rosset\Application Data\skypePM
2009-02-23 13:33:04 ----RD---- C:\Program Files
2009-02-23 09:51:44 ----D---- C:\Config.Msi
2009-02-23 09:48:40 ----SHD---- C:\WINDOWS\Installer
2009-02-23 09:48:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-02-23 09:48:06 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-23 09:47:46 ----D---- C:\Program Files\Adobe
2009-02-23 09:11:58 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-02-23 09:11:53 ----D---- C:\Program Files\Java
2009-02-23 08:57:37 ----SHD---- C:\System Volume Information
2009-02-23 08:57:37 ----D---- C:\WINDOWS\system32\Restore
2009-02-23 08:57:17 ----D---- C:\WINDOWS
2009-02-22 23:18:36 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-22 21:51:46 ----D---- C:\WINDOWS\system32\drivers
2009-02-22 21:47:20 ----A---- C:\WINDOWS\system.ini
2009-02-22 21:43:18 ----D---- C:\WINDOWS\system32\config
2009-02-22 21:41:49 ----D---- C:\WINDOWS\AppPatch
2009-02-22 21:41:45 ----D---- C:\Program Files\Fichiers communs
2009-02-22 21:39:26 ----RASH---- C:\boot.ini
2009-02-22 18:25:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-22 18:25:15 ----HD---- C:\WINDOWS\inf
2009-02-22 17:42:28 ----SD---- C:\WINDOWS\Tasks
2009-02-22 16:32:42 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-22 16:03:27 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-02-22 16:02:19 ----A---- C:\WINDOWS\DVDRegionFree.INI
2009-02-22 08:47:37 ----AC---- C:\WINDOWS\win.ini
2009-02-22 08:44:50 ----D---- C:\Program Files\Free FLV Converter
2009-02-22 08:44:21 ----D---- C:\Program Files\VSO
2009-02-22 08:42:28 ----D---- C:\Program Files\Lavasoft
2009-02-21 21:16:59 ----D---- C:\WINDOWS\system32\DirectX
2009-02-21 21:16:58 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Azureus
2009-02-21 21:16:57 ----RSD---- C:\WINDOWS\assembly
2009-02-21 21:11:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-21 20:39:52 ----D---- C:\WINDOWS\WinSxS
2009-02-21 19:14:55 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-21 19:14:55 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Lavasoft
2009-02-21 15:42:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-18 08:42:46 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Vso
2009-02-16 09:30:18 ----SD---- C:\Documents and Settings\v.Rosset\Application Data\Microsoft
2009-02-15 22:43:15 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-15 08:51:48 ----RD---- C:\Program Files\Skype
2009-02-15 08:51:48 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-02-12 19:20:18 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-12 19:20:18 ----D---- C:\WINDOWS\Debug
2009-02-11 15:18:38 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 15:18:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-11 15:18:16 ----D---- C:\Program Files\Internet Explorer
2009-02-11 15:18:06 ----D---- C:\WINDOWS\ie7updates
2009-02-10 13:03:42 ----D---- C:\WINDOWS\system32\wbem
2009-02-10 13:03:42 ----D---- C:\WINDOWS\Registration
2009-02-10 13:03:09 ----D---- C:\WINDOWS\speech
2009-02-10 13:03:09 ----D---- C:\WINDOWS\Help
2009-02-09 23:15:02 ----D---- C:\WINDOWS\system
2009-02-09 22:39:06 ----D---- C:\WINDOWS\msagent
2009-02-09 22:35:17 ----D---- C:\WINDOWS\system32\Macromed
2009-02-07 16:58:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2009-02-07 13:36:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-06 22:10:55 ----AC---- C:\WINDOWS\WININIT.INI
2009-02-06 21:29:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-06 20:15:31 ----D---- C:\Program Files\CCleaner
2009-02-06 20:02:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-06 14:51:12 ----D---- C:\Program Files\MediaCoder
2009-02-05 16:11:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-04 22:15:18 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2009-02-03 18:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-03 12:02:16 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-27 11:02:41 ----D---- C:\Documents and Settings\v.Rosset\Application Data\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2005-10-22 311680]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2005-10-22 119168]
R1 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2005-11-21 50176]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.0.1; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2006-03-08 19915]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-21 8064]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2005-10-22 27264]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 OM518P;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\om518vid.sys [2002-06-27 185256]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-06-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 RT2500;Linksys Wireless-G PCI Adapter Driver; C:\WINDOWS\System32\DRIVERS\RT2500.sys [2005-04-21 242176]
R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2003-09-02 166912]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-02-26 370048]
S2 ADSEXPB;ADS DVD Xpress B; C:\WINDOWS\System32\Drivers\adsexpb.sys [2003-10-08 32084]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\drivers\zumbus.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Jukebox3;Jukebox3; C:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2006-01-19 17280]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2005-10-22 27136]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2008-05-21 34576]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-03-09 37768]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-23 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 RoxWatch;Roxio Hard Drive Watcher; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe [2005-11-22 155648]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [2008-11-12 3667312]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [2008-11-13 1086840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-22 950096]
S2 RoxLiveShare;LiveShare P2P Server; C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe [2005-11-22 233472]
S2 RoxUpnpServer;RoxUpnpServer; C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe [2005-11-21 409600]
S2 WMP54Gv4SVC;WMP54Gv4SVC; C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe [2004-02-06 41025]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-05-07 779824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingServ