Probleme virus [resolut]

Salut,

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

voici les rapport
info.txt logfile of random's system information tool 1.05 2009-03-09 11:26:31

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->C:\WINDOWS\UNNVEContent.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\Setup.exe" -l0x40c -uninst
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}
ACDSee for PENTAX 3.0-->MsiExec.exe /X{82515476-A57B-4C43-B642-5F396E20C648}
Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
Age Of Japan Deluxe-->"C:\Program Files\Zylom Games\Age Of Japan Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Airport Mania Deluxe-->"C:\Program Files\Zylom Games\Airport Mania Deluxe\GameInstlr.exe" --uninstall UnInstall.log
AlerteGPS G200-->C:\Program Files\AlerteGPS\G200FR\Uninstal.exe
Alice Greenfingers Deluxe-->"C:\Program Files\Zylom Games\Alice Greenfingers Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Amazing Adventures - Around The World-->"C:\Program Files\Zylom Games\Amazing Adventures - Around The World\GameInstlr.exe" --uninstall UnInstall.log
Amazing Adventures The Lost Tomb Deluxe-->"C:\Program Files\Zylom Games\Amazing Adventures The Lost Tomb Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
AXIS Media Control Embedded-->rundll32 "C:\Program Files\Axis Communications\AXIS Media Control Embedded\AxisMediaControlEmb.dll",UninstallMe
Aztec Ball Deluxe-->"C:\Program Files\Zylom Games\Aztec Ball Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Azureus-->C:\Program Files\Azureus\Uninstall.exe
Bejeweled 2 Deluxe-->"C:\Program Files\Zylom Games\Bejeweled 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Bel Atout 4.03-->"C:\Program Files\Jeux de cartes\Bel Atout\unins000.exe"
Big City Adventure - San Francisco Deluxe-->"C:\Program Files\Zylom Games\Big City Adventure - San Francisco Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Big City Adventure - Sydney Deluxe-->"C:\Program Files\Zylom Games\Big City Adventure - Sydney Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Big Kahuna Reef Deluxe-->"C:\Program Files\Zylom Games\Big Kahuna Reef Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Blood Ties Deluxe-->"C:\Program Files\Zylom Games\Blood Ties Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Build-a-lot - Town of the Year Deluxe-->"C:\Program Files\Zylom Games\Build-a-lot - Town of the Year Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Burger Island Deluxe-->"C:\Program Files\Zylom Games\Burger Island Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Burger Shop Deluxe-->"C:\Program Files\Zylom Games\Burger Shop Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Cake Mania 2 Deluxe-->"C:\Program Files\Zylom Games\Cake Mania 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Cake Mania Deluxe-->"C:\Program Files\Zylom Games\Cake Mania Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Call of Atlantis Deluxe-->"C:\Program Files\Zylom Games\Call of Atlantis Deluxe\GameInstlr.exe" --uninstall UnInstall.log
CamfrogWEB Advanced ActiveX Plugin (remove only)-->"C:\Program Files\CFWebAdvancedU\Uninstall.exe"
CamfrogWEB Advanced ActiveX Plugin (www.bobtv.fr)-->"C:\Program Files\CFWebAdvancedU_BOBTV.FR\Uninstall.exe"
CamfrogWeb Custom ActiveX Plugin (remove only)-->"C:\Program Files\CFWebVCOOL\Uninstall.exe"
Cate West - The Vanishing Files Deluxe-->"C:\Program Files\Zylom Games\Cate West - The Vanishing Files Deluxe\GameInstlr.exe" --uninstall UnInstall.log
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Coloriage-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\Program Files\denouvel\Coloriage\UnInst.log" "/APPNAME=Coloriage"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Cradle of Persia Deluxe-->"C:\Program Files\Zylom Games\Cradle of Persia Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Creative PC-CAM Center Lite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove
Creative WebCam Monitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c /remove
Creative WebCam NX Driver (1.02.01.0827)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script P1110.uns -unsext NT -plugin p1110pin.dll -pluginres p1110pin.crl
Delicious - Emily's Tea Garden Deluxe-->"C:\Program Files\Zylom Games\Delicious - Emily's Tea Garden Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Delicious 2 Deluxe-->"C:\Program Files\Zylom Games\Delicious 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Delicious Deluxe-->"C:\Program Files\Zylom Games\Delicious Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Dialogys-->C:\Program Files\Dialogys\_uninst\uninstaller.exe
Diamond Drop 2 Deluxe-->"C:\Program Files\Zylom Games\Diamond Drop 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Diner Dash - Flo on the Go Deluxe-->"C:\Program Files\Zylom Games\Diner Dash - Flo on the Go Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Diner Dash - Hometown Hero Deluxe-->"C:\Program Files\Zylom Games\Diner Dash - Hometown Hero Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Diner Dash Deluxe-->"C:\Program Files\Zylom Games\Diner Dash Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Diner Dash(R) - Flo Through Time(TM) Deluxe-->"C:\Program Files\Zylom Games\Diner Dash(R) - Flo Through Time(TM) Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Dora Sakado-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3AFC7779-F2B8-49A4-9689-A2EA86ABCC8A}\setup.exe" -l0x40c
Dream Chronicles 2 - The Eternal Maze Deluxe-->"C:\Program Files\Zylom Games\Dream Chronicles 2 - The Eternal Maze Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Dream Chronicles Deluxe-->"C:\Program Files\Zylom Games\Dream Chronicles Deluxe\GameInstlr.exe" --uninstall UnInstall.log
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.2.2-->"C:\Program Files\DVDFab 5\unins000.exe"
DVDFab Decrypter 3.0.2.5-->"C:\Program Files\DVDFab Decrypter 3\unins000.exe"
Emerald Tale Deluxe-->"C:\Program Files\Zylom Games\Emerald Tale Deluxe\GameInstlr.exe" --uninstall UnInstall.log
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Fab Fashion Deluxe-->"C:\Program Files\Zylom Games\Fab Fashion Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Farm Frenzy 2 Deluxe-->"C:\Program Files\Zylom Games\Farm Frenzy 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Farm Mania Deluxe-->"C:\Program Files\Zylom Games\Farm Mania Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Fashion Boutique Deluxe-->"C:\Program Files\Zylom Games\Fashion Boutique Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Favorit-->"c:\documents and settings\gau\local settings\application data\faabuv.exe" -uninstall
Favorit-->"c:\documents and settings\gau\local settings\application data\ircvhztf.exe" -uninstall
Fishing Craze Deluxe-->"C:\Program Files\Zylom Games\Fishing Craze Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Fitness Dash Deluxe-->"C:\Program Files\Zylom Games\Fitness Dash Deluxe\GameInstlr.exe" --uninstall UnInstall.log
FizzBall Deluxe-->"C:\Program Files\Zylom Games\FizzBall Deluxe\GameInstlr.exe" --uninstall UnInstall.log
FlashFXP v3-->"C:\Program Files\FlashFXP\unins000.exe"
Flower Shop - Big City Break Deluxe-->"C:\Program Files\Zylom Games\Flower Shop - Big City Break Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Free Mp3 Wma Converter V 1.7.2-->"C:\Program Files\Free Audio Pack\unins000.exe"
G.H.O.S.T. Hunters Deluxe-->"C:\Program Files\Zylom Games\G.H.O.S.T. Hunters Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
Helix YUV Codecs (remove only)-->"C:\WINDOWS\system32\uninstHelixYUV.exe"
Hide and Secret Deluxe-->"C:\Program Files\Zylom Games\Hide and Secret Deluxe\GameInstlr.exe" --uninstall UnInstall.log
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hijackthis Version Française-->"C:\Program Files\Hijackthis Version Française\unins000.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart All-In-One Driver Software 10.0 Rel .2-->C:\Program Files\HP\Digital Imaging\{20B30DC1-E423-4939-B51D-05C58B0F9BBB}\setup\hpzscr01.exe -datfile hposcr21.dat -onestop
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
Hyperballoid 2 Deluxe-->"C:\Program Files\Zylom Games\Hyperballoid 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
IncrediMail-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
Insaniquarium Deluxe-->"C:\Program Files\Zylom Games\Insaniquarium Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Interpol - The Trail of Dr. Chaos Deluxe-->"C:\Program Files\Zylom Games\Interpol - The Trail of Dr. Chaos Deluxe\GameInstlr.exe" --uninstall UnInstall.log
IZArc 3.5 beta 3-->"C:\Program Files\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 8-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Jane's Hotel - Family Hero Deluxe-->"C:\Program Files\Zylom Games\Jane's Hotel - Family Hero Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Jane's Hotel Deluxe-->"C:\Program Files\Zylom Games\Jane's Hotel Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Jewel of Atlantis Deluxe-->"C:\Program Files\Zylom Games\Jewel of Atlantis Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Jewel Quest 2 Deluxe-->"C:\Program Files\Zylom Games\Jewel Quest 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Jewel Quest Deluxe-->"C:\Program Files\Zylom Games\Jewel Quest Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Jojo's Fashion Show 2 Deluxe-->"C:\Program Files\Zylom Games\Jojo's Fashion Show 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Jojo's Fashion Show Deluxe-->"C:\Program Files\Zylom Games\Jojo's Fashion Show Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
K-Lite Codec Pack 2.79 Standard-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
Little Shop - City Lights Deluxe-->"C:\Program Files\Zylom Games\Little Shop - City Lights Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Little Shop - Road Trip Deluxe-->"C:\Program Files\Zylom Games\Little Shop - Road Trip Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Little Shop of Treasures 2 Deluxe-->"C:\Program Files\Zylom Games\Little Shop of Treasures 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Little Shop of Treasures Deluxe-->"C:\Program Files\Zylom Games\Little Shop of Treasures Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Livebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c
Lucy's Expedition Deluxe-->"C:\Program Files\Zylom Games\Lucy's Expedition Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Luxor Deluxe-->"C:\Program Files\Zylom Games\Luxor Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Magic Academy Deluxe-->"C:\Program Files\Zylom Games\Magic Academy Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Magic Farm Deluxe-->"C:\Program Files\Zylom Games\Magic Farm Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manuel d'utilisation de Creative WebCam NX (Français)-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Creative\Creative WebCam NX\Manuel d'utilisation de Creative WebCam NX\French\CTManual.isu"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
MIKSOFT Mobile 3GP converter-->"C:\Program Files\MIKSOFT\Mobile 3GP converter\unins000.exe"
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Monarch - The Butterfly King Deluxe-->"C:\Program Files\Zylom Games\Monarch - The Butterfly King Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3 Player Utilities 1.47-->MsiExec.exe /I{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Mystery P.I. The Lottery Ticket Deluxe-->"C:\Program Files\Zylom Games\Mystery P.I. The Lottery Ticket Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Mysteryville 2 Deluxe-->"C:\Program Files\Zylom Games\Mysteryville 2 Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Mysteryville Deluxe-->"C:\Program Files\Zylom Games\Mysteryville Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Neptune's Secret Deluxe-->"C:\Program Files\Zylom Games\Neptune's Secret Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Nero Suite-->C:\Program Files\Fichiers communs\Ahead\Uninstall\Setup.exe /uninstall ExtraUninstallID=""
OCR Software by I.R.I.S. 10.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pakoombo Deluxe-->"C:\Program Files\Zylom Games\Pakoombo Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Pantheon Deluxe-->"C:\Program Files\Zylom Games\Pantheon Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Peggle Deluxe-->"C:\Program Files\Zylom Games\Peggle Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Peggle(TM) Nights-->"C:\Program Files\Zylom Games\Peggle(TM) Nights\GameInstlr.exe" --uninstall UnInstall.log
Pet Shop Hop(TM) Deluxe-->"C:\Program Files\Zylom Games\Pet Shop Hop(TM) Deluxe\GameInstlr.exe" --uninstall UnInstall.log
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
Pirate Poppers Deluxe-->"C:\Program Files\Zylom Games\Pirate Poppers Deluxe\GameInstlr.exe" --uninstall UnInstall.log
PL-2303 USB-to-Serial-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\Setup.exe" -l0x9 Installed
Posh Boutique Deluxe-->"C:\Program Files\Zylom Games\Posh Boutique Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Posh Shop Deluxe-->"C:\Program Files\Zylom Games\Posh Shop Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Profitville Deluxe-->"C:\Program Files\Zylom Games\Profitville Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Rainbow Mystery Deluxe-->"C:\Program Files\Zylom Games\Rainbow Mystery Deluxe\GameInstlr.exe" --uninstall UnInstall.log
RamBoost XP 4.0.6-->"C:\Program Files\RamBoost XP\unins000.exe"
Ranch Rush Deluxe-->"C:\Program Files\Zylom Games\Ranch Rush Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Realms of Gold Deluxe-->"C:\Program Files\Zylom Games\Realms of Gold Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Recettes de Cuisine 2004 Light-->C:\WINDOWS\iun6002.exe "C:\Program Files\LudoSoft\Recettes de Cuisine 2004 Light\irunin.ini"
Runic Deluxe-->"C:\Program Files\Zylom Games\Runic Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Sally's Salon Deluxe-->"C:\Program Files\Zylom Games\Sally's Salon Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Security Update pour Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Shopping Blocks Deluxe-->"C:\Program Files\Zylom Games\Shopping Blocks Deluxe\GameInstlr.exe" --uninstall UnInstall.log
SiS 661FX_760_741_M661FX_M760_M741-->Rundll32 SiSInst.dll,Uninstall VGA,r,0
SiS 900 PCI Fast Ethernet Adapter Driver-->C:\Progra~1\SiSLan\Uninst.exe
Slingo Quest Deluxe-->"C:\Program Files\Zylom Games\Slingo Quest Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Sparkle Deluxe-->"C:\Program Files\Zylom Games\Sparkle Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Spin And Play Deluxe-->"C:\Program Files\Zylom Games\Spin And Play Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Spirit of Wandering Deluxe-->"C:\Program Files\Zylom Games\Spirit of Wandering Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Sprill - The Mystery Of The Bermuda Triangle Deluxe-->"C:\Program Files\Zylom Games\Sprill - The Mystery Of The Bermuda Triangle Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Supercow Deluxe-->"C:\Program Files\Zylom Games\Supercow Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Sweetopia Deluxe-->"C:\Program Files\Zylom Games\Sweetopia Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Syberia-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Syberia\Uninstall\Setup.exe" -l0x9
The Hidden Object Show Deluxe-->"C:\Program Files\Zylom Games\The Hidden Object Show Deluxe\GameInstlr.exe" --uninstall UnInstall.log
The Magician's Handbook Deluxe-->"C:\Program Files\Zylom Games\The Magician's Handbook Deluxe\GameInstlr.exe" --uninstall UnInstall.log
The Scruffs Deluxe-->"C:\Program Files\Zylom Games\The Scruffs Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Treasure Island Deluxe-->"C:\Program Files\Zylom Games\Treasure Island Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Treasure Pyramid Deluxe-->"C:\Program Files\Zylom Games\Treasure Pyramid Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Tropix 2-->"C:\Program Files\Zylom Games\Tropix 2\GameInstlr.exe" --uninstall UnInstall.log
Tropix Deluxe-->"C:\Program Files\Zylom Games\Tropix Deluxe\GameInstlr.exe" --uninstall UnInstall.log
UNO(R) - Undercover(TM)-->"C:\Program Files\Zylom Games\UNO(R) - Undercover(TM)\GameInstlr.exe" --uninstall UnInstall.log
VirtualDub 1.6.9 Fr-->C:\Program Files\VirtualDub\UnInstall_VirtualDub.exe
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vogue Tales Deluxe-->"C:\Program Files\Zylom Games\Vogue Tales Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Wedding Dash 2(R) Deluxe-->"C:\Program Files\Zylom Games\Wedding Dash 2(R) Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Wedding Dash Deluxe-->"C:\Program Files\Zylom Games\Wedding Dash Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Westward Deluxe-->"C:\Program Files\Zylom Games\Westward Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Xango Tango Deluxe-->"C:\Program Files\Zylom Games\Xango Tango Deluxe\GameInstlr.exe" --uninstall UnInstall.log

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: Avira AntiVir PersonalEdition

System event log

Computer Name: FAMILLE-BFHC30J
Event Code: 26
Message: Application popup :  : Machine Check: Regs

Record Number: 221130
Source Name: Application Popup
Time Written: 20090216083239.000000+060
Event Type: Informations
User:

Computer Name: FAMILLE-BFHC30J
Event Code: 26
Message: Application popup :  : Machine Check:

Record Number: 221129
Source Name: Application Popup
Time Written: 20090216083239.000000+060
Event Type: Informations
User:

Computer Name: FAMILLE-BFHC30J
Event Code: 26
Message: Application popup :  : Machine Check: Regs

Record Number: 221128
Source Name: Application Popup
Time Written: 20090216083239.000000+060
Event Type: Informations
User:

Computer Name: FAMILLE-BFHC30J
Event Code: 26
Message: Application popup :  : Machine Check:

Record Number: 221127
Source Name: Application Popup
Time Written: 20090216083239.000000+060
Event Type: Informations
User:

Computer Name: FAMILLE-BFHC30J
Event Code: 26
Message: Application popup :  : Machine Check: Regs

Record Number: 221126
Source Name: Application Popup
Time Written: 20090216083239.000000+060
Event Type: Informations
User:

Application event log

Computer Name: FAMILLE-BFHC30J
Event Code: 4096
Message:
Record Number: 1391
Source Name: Avira AntiVir
Time Written: 20081110140235.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: FAMILLE-BFHC30J
Event Code: 4113
Message:
Record Number: 1390
Source Name: Avira AntiVir
Time Written: 20081110114034.000000+060
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: FAMILLE-BFHC30J
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 1389
Source Name: SecurityCenter
Time Written: 20081110105903.000000+060
Event Type: Informations
User:

Computer Name: FAMILLE-BFHC30J
Event Code: 4096
Message:
Record Number: 1388
Source Name: Avira AntiVir
Time Written: 20081110105819.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: FAMILLE-BFHC30J
Event Code: 4113
Message:
Record Number: 1387
Source Name: Avira AntiVir
Time Written: 20081109214551.000000+060
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 6 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0602
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip

-----------------EOF-----------------
Logfile of random's system information tool 1.05 (written by random/random)
Run by gau at 2009-03-09 11:25:47
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 51 GB (44%) free of 117 GB
Total RAM: 319 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:26, on 2009-03-09
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\keyhook.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\system32\202I43NA.exe
C:\Documents and Settings\gau\Bureau\RSIT.exe
C:\Program Files\trend micro\gau.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.visiogood.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.ap...
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://portail.inetpsa.com/http://mailz3.domino.inetps...
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://www.visiogood.com/jalss/cfweb_activex.camfrogweb...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {7B93CAE6-29D1-4E4C-82EF-8648E29FB31F} (CamfrogWEB Advanced Unicode Control) - http://www.visiocool.com/download/cfweb_www.visiocool.c...
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://193.252.208.54:8080/plugin/h263ctrl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://193.252.208.54:8081/activex/AMC.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - http://www.bobtv.fr/download/cfweb_www.bobtv.fr-downloa...
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://zzz3.mpsa.com/dwa7W.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 9215 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At10.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At20.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At9.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{7E1B59A2-2F0C-437C-AF86-B2A33BBE397D}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-20 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-22 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-22 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-22 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-20 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-20 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-22 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"=C:\WINDOWS\SiSUSBrg.exe [2002-07-12 106496]
"Cmaudio"=RunDll32 cmicnfg.cpl []
"SiS Tray"=C:\WINDOWS\System32\sistray.EXE [2003-10-30 667648]
"SiS Windows KeyHook"=C:\WINDOWS\System32\keyhook.exe [2003-10-30 249856]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-20 136600]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-08-09 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-10-11 1961984]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-06 68856]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2009-01-27 251264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe [2006-03-23 1398272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^gau^Menu Démarrer^Programmes^Démarrage^widget_programmes.lnk]
C:\Program Files\widget_programmes\widget_programmes.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"RunStartupScriptSync"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"RunStartupScriptSync"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=91000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\drivers\svchost.exe"="C:\WINDOWS\system32\drivers\svchost.exe:* isabled:svchost"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2009-03-09 11:25:52 ----D---- C:\Program Files\trend micro
2009-03-09 11:25:47 ----D---- C:\rsit
2009-03-09 09:39:43 ----A---- C:\WINDOWS\system32\202I43NA.exe
2009-03-06 21:47:49 ----D---- C:\Documents and Settings\gau\Application Data\BloodTies
2009-03-05 21:29:16 ----D---- C:\Documents and Settings\gau\Application Data\Zylom
2009-03-04 19:22:44 ----D---- C:\Program Files\AlerteGPS
2009-03-04 00:58:28 ----D---- C:\Documents and Settings\gau\Application Data\UNOUndercover
2009-02-25 21:25:25 ----D---- C:\Documents and Settings\gau\Application Data\Shopping Blocks
2009-02-25 15:58:16 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-25 13:57:58 ----D---- C:\Documents and Settings\gau\Application Data\Total Eclipse
2009-02-25 13:45:12 ----D---- C:\Documents and Settings\gau\Application Data\Gamelab
2009-02-24 22:17:32 ----D---- C:\Documents and Settings\gau\Application Data\Fuzzy Games
2009-02-21 23:14:01 ----D---- C:\Documents and Settings\All Users\Application Data\Runic
2009-02-21 14:54:48 ----D---- C:\Documents and Settings\gau\Application Data\Meridian93
2009-02-20 11:56:02 ----D---- C:\Documents and Settings\gau\Application Data\Super-Cow
2009-02-18 23:45:15 ----D---- C:\Documents and Settings\gau\Application Data\Jane s Hotel
2009-02-13 11:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$

======List of files/folders modified in the last 1 months======

2009-03-09 11:25:56 ----D---- C:\WINDOWS\Prefetch
2009-03-09 11:25:52 ----AD---- C:\Program Files
2009-03-09 11:25:24 ----D---- C:\WINDOWS\Temp
2009-03-09 11:11:25 ----D---- C:\Documents and Settings\gau\Application Data\HPAppData
2009-03-09 11:02:45 ----D---- C:\Program Files\Hijackthis Version Française
2009-03-09 10:40:51 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-09 10:25:02 ----D---- C:\WINDOWS\system32\drivers
2009-03-09 10:25:02 ----D---- C:\WINDOWS\system32
2009-03-09 10:25:02 ----D---- C:\WINDOWS
2009-03-09 10:24:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-09 09:39:44 ----SD---- C:\WINDOWS\Tasks
2009-03-09 09:39:35 ----A---- C:\WINDOWS\system32\userinit.exe
2009-03-09 09:16:06 ----RASH---- C:\boot.ini
2009-03-09 09:16:06 ----A---- C:\WINDOWS\win.ini
2009-03-09 09:16:06 ----A---- C:\WINDOWS\system.ini
2009-03-08 17:09:11 ----D---- C:\Program Files\RamBoost XP
2009-03-08 09:11:34 ----D---- C:\Documents and Settings\gau\Application Data\CamfrogWEB
2009-03-08 02:03:59 ----D---- C:\Program Files\Zylom Games
2009-03-08 01:26:44 ----D---- C:\Documents and Settings\gau\Application Data\PlayFirst
2009-03-08 01:18:13 ----D---- C:\Documents and Settings\All Users\Application Data\PlayFirst
2009-03-08 01:18:11 ----D---- C:\Documents and Settings\gau\Application Data\Identities
2009-03-07 16:26:57 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-06 18:41:32 ----D---- C:\Documents and Settings\gau\Application Data\Azureus
2009-03-05 20:49:06 ----D---- C:\Documents and Settings\gau\Application Data\dvdcss
2009-03-05 14:57:35 ----D---- C:\WINDOWS\pss
2009-03-04 19:23:18 ----HD---- C:\WINDOWS\inf
2009-03-04 19:23:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-04 14:51:19 ----D---- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
2009-02-25 15:58:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-25 10:53:50 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-24 12:31:39 ----D---- C:\Documents and Settings\All Users\Application Data\SpinTop Games
2009-02-23 15:16:51 ----D---- C:\Documents and Settings\All Users\Application Data\SugarGames
2009-02-22 11:54:57 ----RSD---- C:\WINDOWS\assembly
2009-02-22 11:54:57 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-22 11:47:22 ----SHD---- C:\WINDOWS\Installer
2009-02-22 11:47:22 ----HD---- C:\Config.Msi
2009-02-22 11:46:23 ----D---- C:\Program Files\Windows Live
2009-02-22 11:44:52 ----D---- C:\WINDOWS\system32\DirectX
2009-02-22 11:42:16 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-02-15 14:48:50 ----D---- C:\Documents and Settings\gau\Application Data\funkitron
2009-02-14 18:58:25 ----D---- C:\Program Files\IncrediMail
2009-02-13 11:53:38 ----A---- C:\WINDOWS\imsins.BAK
2009-02-13 11:53:04 ----D---- C:\Program Files\Internet Explorer
2009-02-13 00:12:03 ----D---- C:\Program Files\eMule
2009-02-12 05:56:17 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-25 75072]
R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-06-14 15232]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2006-03-23 29440]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-03-23 33536]
R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-10-29 11264]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-10-17 754560]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 P1110VID;Creative WebCam NX; C:\WINDOWS\system32\DRIVERS\P1110VID.sys [2003-05-14 90357]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-27 47360]
R3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-10-29 427776]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\System32\DRIVERS\sisnic.sys [2002-07-10 32256]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2006-03-23 102016]
S3 catchme;catchme; \??\C:\DOCUME~1\gau\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-11-01 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-11-01 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-11-01 21568]
S3 MBAMCatchMe;MBAMCatchMe; \??\C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2006-03-23 880128]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-20 152984]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-22 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Télécharge SmitfraudFix (de de S!Ri, balltrap34 et moe31) sur ton Bureau.

Double-clique sur SmitfraudFix.exe pour le lancer.

Choisis l'option 1 puis Entrée.

Un rapport sera généré, poste-le dans ta prochaine réponse.

/!\ process.exe est détecté par certains antivirus comme étant un risktool. Il ne s'agit pas d'un virus mais d'un utilitaire destiné à mettre fin à des processus./!\

** Ne fais l'étape 2 que si on te le demande, on doit d'abord examiner le premier rapport de SmitfraudFix.

voici le rapport
SmitFraudFix v2.400

Rapport fait à 11:35:54.62, 2009-03-09
Executé à partir de C:\Documents and Settings\gau\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\keyhook.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\system32\202I43NA.exe
C:\Documents and Settings\gau\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\Tasks\At?.job PRESENT !
C:\WINDOWS\Tasks\At??.job PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\gau


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\gau\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\gau\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\gau\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!



»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Carte Fast Ethernet PCI de base SiS 900 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{57F64F19-BD16-44D3-AE01-8BDF01D849B4}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{57F64F19-BD16-44D3-AE01-8BDF01D849B4}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{57F64F19-BD16-44D3-AE01-8BDF01D849B4}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{57F64F19-BD16-44D3-AE01-8BDF01D849B4}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Redémarre l'ordinateur en mode sans échec (au démarrage de l'ordinateur, tapote F8).

Double-clique sur SmitfraudFix.exe

Sélectionne 2 et presse Entrée dans le menu pour supprimer les fichiers responsables de l'infection.

A la question : Voulez-vous nettoyer le registre ? réponds O (oui) et presse Entrée afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection.

Un redémarrage sera peut être nécessaire pour terminer la procédure de nettoyage. Le rapport se trouve à la racine du disque système C:\rapport.txt

Copie-colle le rapport dans ton prochain message.

salut apres avoir redémarer en mode sans echac le pc a planté et je n'ai pas reussi a le redemarrer plus rien j'ai donc formater

Bizarre mais ça arrive. Merci de m'avoir prévenu.

---> Ajoute maintenant [Résolu] au titre. Pour cela :

Clique, dans ton premier message, sur le bouton Editer .

Rajoute la mention [Résolu] devant le titre.

Clique ensuite sur Valider votre message.

Bonne soirée