[Resolu] Rediriger vers d'autres sites

Salut,

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Merci, voici les 2 rapports :

Le 1er :

Logfile of random's system information tool 1.05 (written by random/random)
Run by A at 2009-03-18 12:17:28
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 36 GB (38%) free of 93 GB
Total RAM: 1022 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:17:29, on 18/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Lexmark\Lexmark Precision Photo\MemCard.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Mio Technology\MioSync\mioSync.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\A\Bureau\RSIT.exe
C:\Program Files\trend micro\A.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.orange.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [MemoryCardManager] C:\Program Files\Lexmark\Lexmark Precision Photo\MemCard.exe -startup
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LXBSCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [orahssStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MioSync.lnk = C:\Program Files\Mio Technology\MioSync\mioSync.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader4.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/Nvi...
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://photoservice.fujicolor.de/ips-opdata/operator/27...
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxbs_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbscoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 12594 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-27 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-27 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-27 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-27 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-09-22 90112]
"ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
""= []
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-10-04 8491008]
"nwiz"=nwiz.exe /install []
"AspireService"=C:\Program Files\Acer\Acer eMode Management\AspireService.exe [2006-01-19 110592]
"MediaSync"=C:\Program Files\Acer\Acer eConsole\MediaSync.exe [2005-09-21 425984]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2005-11-16 397312]
"MemoryCardManager"=C:\Program Files\Lexmark\Lexmark Precision Photo\MemCard.exe [2004-02-02 139264]
"MMTray"=C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe [2006-01-17 135168]
"mmtask"=C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe [2006-01-17 53248]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SystrayORAHSS"=C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [2007-01-04 90112]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-10-04 81920]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2008-05-15 54576]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"LXBSCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll []
"orahssStartup"=C:\Program Files\OrangeHSS\Launcher\Launcher.exe [2007-01-04 462848]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-07-31 139264]
"Orange Desktop Search"=C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe [2006-11-02 4937512]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-04-04 68856]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2008-05-15 95536]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-12-09 234856]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
MioSync.lnk - C:\Program Files\Mio Technology\MioSync\mioSync.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Acer\Acer eConsole\MediaSync.exe"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer"
"C:\Program Files\Acer\Acer eConsole\eConsole.exe"="C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole"
"C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"="C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled NA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62e4b672-22b6-11dd-a34b-001558255a6c}]
shell\AutoRun\command - G:\InstallTomTomHOME.exe


======List of files/folders created in the last 1 months======

2009-03-18 12:14:00 ----D---- C:\Program Files\trend micro
2009-03-18 12:13:58 ----D---- C:\rsit
2009-03-18 11:49:16 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-03-18 11:49:13 ----D---- C:\WINDOWS\LastGood
2009-03-17 16:46:42 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-17 16:46:42 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-17 15:04:02 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft
2009-03-17 14:48:37 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-03-17 13:19:40 ----D---- C:\Documents and Settings\A\Application Data\Malwarebytes
2009-03-17 13:19:34 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-03-11 13:48:37 ----HD---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 13:48:30 ----HD---- C:\WINDOWS\$NtUninstallKB958690$
2009-02-25 22:57:54 ----HD---- C:\WINDOWS\$NtUninstallKB967715$

======List of files/folders modified in the last 1 months======

2009-03-18 09:24:16 ----A---- C:\WINDOWS\system32\eRLog.ini
2009-03-18 09:22:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-15 17:07:14 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-04 19:05:50 ----A---- C:\WINDOWS\BBW_INFO.INI
2009-02-25 21:55:00 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 KM8G8W47;KM8G8W47; \??\C:\WINDOWS\System32\Drivers\TVKS0706.sys []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-09-22 3727680]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 Ma730Pt;MA730 Bluetooth VCOM Driver; C:\WINDOWS\system32\DRIVERS\Ma730Pt.sys [2006-09-21 103040]
R3 Ma730Vad;MA730 Bluetooth Audio; C:\WINDOWS\system32\DRIVERS\Ma730Vad.sys [2005-11-22 23376]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-01-23 6144]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-29 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-29 12928]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 1a973fc0-4a2c-4f74-bbfa-dd3867f3d329;1a973fc0-4a2c-4f74-bbfa-dd3867f3d329; \??\E:\Player\cds300.dll []
S3 a01e29f0-e143-4785-bbee-dc46614f886f;a01e29f0-e143-4785-bbee-dc46614f886f; \??\E:\Player\cds300.dll []
S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender9\bdfdll.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 Ma730c;MA730 Bluetooth Core Driver; C:\WINDOWS\system32\DRIVERS\MA730C.sys [2006-11-02 155648]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PAC207;SoC PC-Camer@; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 162176]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbser;USB Serial emulation modem driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-08-04 32128]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Acer Media Server;Acer Media Server; C:\Program Files\Acer\Acer eConsole\MediaServerService.exe [2005-09-21 438272]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-01-04 57344]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-11 168432]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 lxbs_device;lxbs_device; C:\WINDOWS\system32\lxbscoms.exe [2004-02-20 421888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-07-31 720896]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

Le 2ème :

info.txt logfile of random's system information tool 1.05 2009-03-18 12:14:12

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E54F486-CD4A-44A5-B041-16D4E1E56A53}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.44 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
Acer eConsole-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC028E6B-F3F1-4192-B63E-A7C97302ED5A}\setup.exe" -l0x40c
Acer eMode Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65CDEC30-4BF4-48FB-8059-9FC480E4E94F}\setup.exe" -l0x40c
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
ALCATEL PC Suite V6.2.7-->"C:\Program Files\ALCATEL PC Suite\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Astérix Maxi-Délirium-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{09C8B025-F0C5-4EF2-BC4F-399269BDE0C8}\setup.exe"
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Bugs Bunny - Voyage à travers le temps-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Infogrames\Bugs Bunny - Voyage à travers le temps\Uninst.isu"
Bugs Bunny et Taz - La Spirale du Temps-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Infogrames\Bugs Bunny et Taz - La Spirale du Temps\Uninst.isu"
Cars Quatre Roues - Aventures à Radiator Springs-->"C:\Program Files\THQ\Disney-PIXAR\Cars Quatre Roues\Aventures à Radiator Springs\Uninstall_Cars Quatre Roues - Aventures à Radiator Springs\Uninstall Cars Quatre Roues - Aventures à Radiator Springs.exe"
Correctif Lecteur Windows Media 10 - KB895316-->"C:\WINDOWS\$NtUninstallKB895316$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
eMedia Starter Guitar Lessons-->"C:\Program Files\eMedia Starter Guitar Lessons\Uninstall.exe" "C:\Program Files\eMedia Starter Guitar Lessons\install.log"
EPSON TWAIN 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\Setup.exe" -l0x40c UNINSTALL
Euro Rally Champion-->MsiExec.exe /X{692BC747-FF37-4210-8E0B-F5157FCDE7BF}
foobar2000 v0.9.5.1-->"C:\Program Files\foobar2000\uninstall.exe"
Ford Racing 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{797E03F8-C8A0-47ED-AA9F-D7076276E491}\setup.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
Harry Potter TM-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F50AF3B-8997-4916-0095-99D63DDB785A}\setup.exe" -l0x40c Uninstall
Hercules-->C:\WINDOWS\unin040c.exe -fC:\Disney\Hercules\DeIsL2.isu
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Kaspersky On-line Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lexmark 810 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBSUNST.EXE -NOLICENSE
Lexmark Precision Photo-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{56F81937-C3B5-4C98-A260-E47B631709D7} /l1036 /z/U
Livebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c
Lyra Jukebox Applications-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3374B4A6-5595-4667-882D-755ABE093806}\Setup.exe" -l0x9 -remove
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mio Technology Speedcam Synchronisation ( PNA Version ) 1.2.10.07.06-->C:\PROGRA~1\MIOTEC~1\MioSync\Setup.exe /remove
MioTransfer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{49F00501-E02F-458F-8AED-85949AB9656F}\Setup.exe" -l0x9
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Monopoly-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7E7EC5E-4349-4E40-B37C-4342188B86EC}\setup.exe" -l0x40c
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x40c -uninst
Navigateur Orange-->C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe MainUninstall.shl
Nero 7 Premium-->MsiExec.exe /I{11439F51-B8D2-4736-9CDF-8889FEBE1036}
Nero Sipps-->C:\WINDOWS\UNNeroSipps.exe /UNINSTALL
NTI Backup NOW! 4-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1036 BUN4
NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
NTI HomeVideo-Maker-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}\setup.exe" -l0x40c
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OLYMPUS Master 2-->MsiExec.exe /X{45FCADDB-0B29-457E-83A1-D245C62A716C}
OLYMPUS muvee theaterPack-->MsiExec.exe /X{B3282FB8-874B-4054-8356-9EB391A826F9}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
Orange Plug-in messagerie vocale 888-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}\Setup.exe" -l0x40c --AddRemove
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Panneau de configuration MobileMe-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
PC Camer@-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{C36C3F84-E04B-44E3-9D7B-ABBCC6BE94F5} /l1036
PG Music DirectX Plugins 1.3.4.1-->"C:\Program Files\PowerTracks DirectX Plugins\unins000.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Presto! PageManager for EPSON-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\NewSoft\PageManager\DeIsL1.isu"
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
QVGDM Seconde Edition-->MsiExec.exe /I{735D1B9F-A9A4-4FF2-A830-96C150883B97}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
Ri4m v5.0.1d-->C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Roady Racer-->"C:\Program Files\Roady Racer\unins000.exe"
Safari-->MsiExec.exe /I{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}
Scooby-Doo (TM), Le Mystère du Château hanté(TM)-->C:\Program Files\Mindscape\Scooby-Doo (TM), Le Mystère du Château hanté(TM)\uninstal.exe
Scooby-Doo 2 - Les monstres se déchaînent-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6D7636EB-A089-44B2-BE30-BB301E9C88CB}\setup.exe" -l0x40c -uninst
Scooby-Doo(TM), Panique dans la Ville fantôme(TM)-->C:\Program Files\Mindscape\Scooby-Doo(TM), Panique dans la Ville fantôme(TM)\uninstal.exe
SdLL - Super Vacances vers le CE1-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\SdLL\SupVacCE1\Uninst.isu"
Sports d'hiver-->"C:\Program Files\Micro Application\Sports d'hiver\unins000.exe"
Styles 62: Requested 6-->"c:\bb\unins005.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
TomTom HOME 2.5.2.60-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
Toy Story 2-->C:\WINDOWS\IsUn040c.exe -fC:\PROGRA~2\DISNEY~1\JEUDAC~1\DeIsL1.isu
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VirtualDubMOD 1.5.10.3 Fr-->"C:\Program Files\VirtualDubMOD\unins000.exe"
Wanadoo Messager-->C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Security center information======

AV: Norton AntiVirus 2005
AV: avast! antivirus 4.8.1335 [VPS 090317-0]
FW: Norton Internet Worm Protection

System event log

Computer Name: ACER-9DEB84EBB9
Event Code: 7036
Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.

Record Number: 58268
Source Name: Service Control Manager
Time Written: 20090215100049.000000+060
Event Type: Informations
User:

Computer Name: ACER-9DEB84EBB9
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service int15.sys.

Record Number: 58267
Source Name: Service Control Manager
Time Written: 20090215100049.000000+060
Event Type: Informations
User: ACER-9DEB84EBB9\A

Computer Name: ACER-9DEB84EBB9
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

Record Number: 58266
Source Name: Service Control Manager
Time Written: 20090215100049.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ACER-9DEB84EBB9
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l'état : en cours d'exécution.

Record Number: 58265
Source Name: Service Control Manager
Time Written: 20090215100049.000000+060
Event Type: Informations
User:

Computer Name: ACER-9DEB84EBB9
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Carte de performance WMI.

Record Number: 58264
Source Name: Service Control Manager
Time Written: 20090215100049.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Application event log

Computer Name: ACER-9DEB84EBB9
Event Code: 0
Message:
Record Number: 9611
Source Name: Acer Media Server
Time Written: 20080517161009.000000+120
Event Type: Informations
User:

Computer Name: ACER-9DEB84EBB9
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 9610
Source Name: SecurityCenter
Time Written: 20080517125515.000000+120
Event Type: Informations
User:

Computer Name: ACER-9DEB84EBB9
Event Code: 32068
Message: La règle de routage de trafic sortant n'est pas valide car elle ne peut pas trouver de périphérique valide. Les télécopies sortantes qui utilisent cette règle ne peuvent pas être acheminées. Vérifiez que le ou les périphériques concernés (en cas de routage vers un groupe de périphériques) sont connectés et installés correctement et allumés. En cas de routage vers un groupe, vérifiez que le groupe est configuré correctement.
Code de pays/région : '*'
Indicatif régional : '*'

Record Number: 9609
Source Name: Microsoft Fax
Time Written: 20080517125458.000000+120
Event Type: Avertissement
User:

Computer Name: ACER-9DEB84EBB9
Event Code: 32026
Message: Le service de télécopie n'a pas pu initialiser de périphériques de télécopies attribués (virtuel ou TAPI).
Aucune télécopie ne peut être envoyée ou reçue tant qu'un périphérique de télécopies n'a pas été installé.

Record Number: 9608
Source Name: Microsoft Fax
Time Written: 20080517125458.000000+120
Event Type: Avertissement
User:

Computer Name: ACER-9DEB84EBB9
Event Code: 105
Message: The service was started.

Record Number: 9607
Source Name: STI Simulator
Time Written: 20080517125455.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Je ne vois pas d'infection, l'infection est peut-être cachée.

Télécharge Gmer.

Extrais l'archive (Clic droit > Extraire) puis renomme gmer.exe en IDN.exe (Le .exe n'est pas forcément visible).

Double-clique sur IDN.exe.

Onglet "Rootkit/Malware", clique sur "Scan" puis patiente.

En fin de traitement, clique sur "Save..." et enregistre sur ton Bureau "301108.txt".

Double-clique sur "301108.txt", le rapport apparaît, poste-le.

Voilà le rapport Gmer :

GMER 1.0.15.14939 - http://www.gmer.net
Rootkit scan 2009-03-18 12:41:15
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xF42C46B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xF42C4574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xF42C4A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xF42C414C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xF42C464E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xF42C408C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xF42C40F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xF42C476E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xF42C472E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xF42C48AE]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\spoolsv.exe[184] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\spoolsv.exe[184] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\spoolsv.exe[184] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\spoolsv.exe[184] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\spoolsv.exe[184] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\spoolsv.exe[184] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\nvsvc32.exe[248] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 108431F8
.text C:\WINDOWS\system32\nvsvc32.exe[248] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10843140
.text C:\WINDOWS\system32\nvsvc32.exe[248] ws2_32.dll!send 719F4C27 5 Bytes JMP 10842BA4
.text C:\WINDOWS\system32\nvsvc32.exe[248] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10842404
.text C:\WINDOWS\system32\nvsvc32.exe[248] ws2_32.dll!recv 719F676F 5 Bytes JMP 10842388
.text C:\WINDOWS\system32\nvsvc32.exe[248] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 108430F4
.text C:\WINDOWS\system32\svchost.exe[432] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\svchost.exe[432] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\svchost.exe[432] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\svchost.exe[432] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\svchost.exe[432] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\svchost.exe[432] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\winlogon.exe[712] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\winlogon.exe[712] WS2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\winlogon.exe[712] WS2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\winlogon.exe[712] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\winlogon.exe[712] WS2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\winlogon.exe[712] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\lsass.exe[780] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\lsass.exe[780] WS2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\lsass.exe[780] WS2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\lsass.exe[780] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\lsass.exe[780] WS2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\lsass.exe[780] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\svchost.exe[944] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\svchost.exe[944] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\svchost.exe[944] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\svchost.exe[944] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\svchost.exe[944] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\svchost.exe[944] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\svchost.exe[996] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\svchost.exe[996] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\svchost.exe[996] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\svchost.exe[996] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\svchost.exe[996] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\svchost.exe[996] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100131F8
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 4437F341 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 4451187F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 44511800 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 44511844 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 4451178C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 445117C6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 445118BA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 443A16F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10013140
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] ws2_32.dll!send 719F4C27 5 Bytes JMP 10012BA4
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10012404
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] ws2_32.dll!recv 719F676F 5 Bytes JMP 10012388
.text C:\Program Files\Internet Explorer\iexplore.exe[1028] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100130F4
.text C:\WINDOWS\System32\svchost.exe[1100] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\System32\svchost.exe[1100] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\System32\svchost.exe[1100] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\System32\svchost.exe[1100] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\System32\svchost.exe[1100] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\System32\svchost.exe[1100] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\svchost.exe[1172] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\svchost.exe[1172] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\svchost.exe[1172] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\svchost.exe[1172] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\svchost.exe[1172] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\svchost.exe[1172] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\svchost.exe[1420] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\svchost.exe[1420] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\svchost.exe[1420] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\svchost.exe[1420] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\svchost.exe[1420] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\svchost.exe[1420] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\Program Files\OrangeHSS\Deskboard\deskboard.exe[1448] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100C31F8
.text C:\Program Files\OrangeHSS\Deskboard\deskboard.exe[1448] ws2_32.dll!connect 719F4A07 5 Bytes JMP 100C3140
.text C:\Program Files\OrangeHSS\Deskboard\deskboard.exe[1448] ws2_32.dll!send 719F4C27 5 Bytes JMP 100C2BA4
.text C:\Program Files\OrangeHSS\Deskboard\deskboard.exe[1448] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 100C2404
.text C:\Program Files\OrangeHSS\Deskboard\deskboard.exe[1448] ws2_32.dll!recv 719F676F 5 Bytes JMP 100C2388
.text C:\Program Files\OrangeHSS\Deskboard\deskboard.exe[1448] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100C30F4
.text C:\Program Files\Java\jre6\bin\jqs.exe[2008] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\Program Files\Java\jre6\bin\jqs.exe[2008] WS2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\Program Files\Java\jre6\bin\jqs.exe[2008] WS2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\Program Files\Java\jre6\bin\jqs.exe[2008] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\Program Files\Java\jre6\bin\jqs.exe[2008] WS2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\Program Files\Java\jre6\bin\jqs.exe[2008] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\WINDOWS\System32\svchost.exe[2064] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\System32\svchost.exe[2064] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\System32\svchost.exe[2064] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\System32\svchost.exe[2064] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\System32\svchost.exe[2064] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\System32\svchost.exe[2064] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2400] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2400] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2400] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2400] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2400] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2400] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe[2580] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe[2580] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe[2580] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe[2580] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe[2580] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe[2580] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\WINDOWS\System32\alg.exe[2644] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\System32\alg.exe[2644] WS2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\System32\alg.exe[2644] WS2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\System32\alg.exe[2644] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\System32\alg.exe[2644] WS2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\System32\alg.exe[2644] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\WINDOWS\SOUNDMAN.EXE[2956] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\SOUNDMAN.EXE[2956] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\SOUNDMAN.EXE[2956] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\SOUNDMAN.EXE[2956] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\SOUNDMAN.EXE[2956] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\SOUNDMAN.EXE[2956] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\Acer\Empowering Technology\eRecovery\Monitor.exe[3176] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100431F8
.text C:\Acer\Empowering Technology\eRecovery\Monitor.exe[3176] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10043140
.text C:\Acer\Empowering Technology\eRecovery\Monitor.exe[3176] ws2_32.dll!send 719F4C27 5 Bytes JMP 10042BA4
.text C:\Acer\Empowering Technology\eRecovery\Monitor.exe[3176] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10042404
.text C:\Acer\Empowering Technology\eRecovery\Monitor.exe[3176] ws2_32.dll!recv 719F676F 5 Bytes JMP 10042388
.text C:\Acer\Empowering Technology\eRecovery\Monitor.exe[3176] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100430F4
.text C:\Program Files\OrangeHSS\Systray\SystrayApp.exe[3268] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100C31F8
.text C:\Program Files\OrangeHSS\Systray\SystrayApp.exe[3268] ws2_32.dll!connect 719F4A07 5 Bytes JMP 100C3140
.text C:\Program Files\OrangeHSS\Systray\SystrayApp.exe[3268] ws2_32.dll!send 719F4C27 5 Bytes JMP 100C2BA4
.text C:\Program Files\OrangeHSS\Systray\SystrayApp.exe[3268] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 100C2404
.text C:\Program Files\OrangeHSS\Systray\SystrayApp.exe[3268] ws2_32.dll!recv 719F676F 5 Bytes JMP 100C2388
.text C:\Program Files\OrangeHSS\Systray\SystrayApp.exe[3268] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100C30F4
.text C:\WINDOWS\system32\RUNDLL32.EXE[3280] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\RUNDLL32.EXE[3280] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\RUNDLL32.EXE[3280] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\RUNDLL32.EXE[3280] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\RUNDLL32.EXE[3280] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\RUNDLL32.EXE[3280] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\Program Files\iTunes\iTunesHelper.exe[3392] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100131F8
.text C:\Program Files\iTunes\iTunesHelper.exe[3392] WS2_32.dll!connect 719F4A07 5 Bytes JMP 10013140
.text C:\Program Files\iTunes\iTunesHelper.exe[3392] WS2_32.dll!send 719F4C27 5 Bytes JMP 10012BA4
.text C:\Program Files\iTunes\iTunesHelper.exe[3392] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10012404
.text C:\Program Files\iTunes\iTunesHelper.exe[3392] WS2_32.dll!recv 719F676F 5 Bytes JMP 10012388
.text C:\Program Files\iTunes\iTunesHelper.exe[3392] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 100130F4
.text C:\Program Files\Java\jre6\bin\jusched.exe[3412] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\Program Files\Java\jre6\bin\jusched.exe[3412] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\Program Files\Java\jre6\bin\jusched.exe[3412] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\Program Files\Java\jre6\bin\jusched.exe[3412] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\Program Files\Java\jre6\bin\jusched.exe[3412] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\Program Files\Java\jre6\bin\jusched.exe[3412] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\Program Files\OrangeHSS\Launcher\Launcher.exe[3480] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100231F8
.text C:\Program Files\OrangeHSS\Launcher\Launcher.exe[3480] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10023140
.text C:\Program Files\OrangeHSS\Launcher\Launcher.exe[3480] ws2_32.dll!send 719F4C27 5 Bytes JMP 10022BA4
.text C:\Program Files\OrangeHSS\Launcher\Launcher.exe[3480] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10022404
.text C:\Program Files\OrangeHSS\Launcher\Launcher.exe[3480] ws2_32.dll!recv 719F676F 5 Bytes JMP 10022388
.text C:\Program Files\OrangeHSS\Launcher\Launcher.exe[3480] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100230F4
.text C:\WINDOWS\system32\ctfmon.exe[3496] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\ctfmon.exe[3496] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\ctfmon.exe[3496] ws2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\ctfmon.exe[3496] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\ctfmon.exe[3496] ws2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\ctfmon.exe[3496] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe[3524] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100031F8
.text C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe[3524] WS2_32.dll!connect 719F4A07 5 Bytes JMP 10003140
.text C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe[3524] WS2_32.dll!send 719F4C27 5 Bytes JMP 10002BA4
.text C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe[3524] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10002404
.text C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe[3524] WS2_32.dll!recv 719F676F 5 Bytes JMP 10002388
.text C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe[3524] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 100030F4
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3536] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100231F8
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3536] WS2_32.dll!connect 719F4A07 5 Bytes JMP 10023140
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3536] WS2_32.dll!send 719F4C27 5 Bytes JMP 10022BA4
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3536] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10022404
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3536] WS2_32.dll!recv 719F676F 5 Bytes JMP 10022388
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3536] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 100230F4
.text C:\Program Files\Mio Technology\MioSync\mioSync.exe[3708] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100231F8
.text C:\Program Files\Mio Technology\MioSync\mioSync.exe[3708] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10023140
.text C:\Program Files\Mio Technology\MioSync\mioSync.exe[3708] ws2_32.dll!send 719F4C27 5 Bytes JMP 10022BA4
.text C:\Program Files\Mio Technology\MioSync\mioSync.exe[3708] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10022404
.text C:\Program Files\Mio Technology\MioSync\mioSync.exe[3708] ws2_32.dll!recv 719F676F 5 Bytes JMP 10022388
.text C:\Program Files\Mio Technology\MioSync\mioSync.exe[3708] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100230F4
.text C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe[3716] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100231F8
.text C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe[3716] WS2_32.dll!connect 719F4A07 5 Bytes JMP 10023140
.text C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe[3716] WS2_32.dll!send 719F4C27 5 Bytes JMP 10022BA4
.text C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe[3716] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10022404
.text C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe[3716] WS2_32.dll!recv 719F676F 5 Bytes JMP 10022388
.text C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe[3716] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 100230F4
.text C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe[4024] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 100131F8
.text C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe[4024] ws2_32.dll!connect 719F4A07 5 Bytes JMP 10013140
.text C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe[4024] ws2_32.dll!send 719F4C27 5 Bytes JMP 10012BA4
.text C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe[4024] ws2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 10012404
.text C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe[4024] ws2_32.dll!recv 719F676F 5 Bytes JMP 10012388
.text C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe[4024] ws2_32.dll!WSASend 719F68FA 5 Bytes JMP 100130F4

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[768] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00390002
IAT C:\WINDOWS\system32\services.exe[768] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00390000

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device ACPI.sys (Pilote ACPI pour NT/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

---- EOF - GMER 1.0.15 ----

Rien de particulier, supprime GMER.

Télécharge Catchme (de Przemyslaw Gmerek) sur ton Bureau.

Double-clique sur catchme.exe (le .exe n'est pas forcément visible) afin de le lancer.

Lorsque la recherche sera terminée, poste le rapport catchme.log dans ta prochaine réponse. (Ce rapport est sur ton Bureau.)

Encore merci de prendre du temps pour m'aider

Le rapport catchme :

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXBSCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Supprime Catchme.

Ton PC n'a pas l'air infecté.

Et ça peut venir d'où le problème ?

Je ne sais pas, je vais voir ça avec d'autres personnes.

Je te donne des nouvelles dans la soirée.

OK merci beaucoup.

Encore moi ! Je ne sais pas si les manips que tu m'as fait faire ont résolu mon pb mais ça en a tout l'air car je peux à nouveau consulter les articles du site PRICEMINISTER sans qu'IE ne se ferme (je ne pouvais plus qu'accèder à la page d'accueil) et je n'ai pas été redirigé vers des sites non désirés après plusieurs essais différents. Espérons que ça dure !
Merci beaucoup

Ok.

Désinstalle les programmes suivants :
- HijackThis
- J2SE Runtime Environment 5.0 Update 5
- J2SE Runtime Environment 5.0 Update 6
- Java 6 Update 11
- Java 6 Update 2
- Java 6 Update 3
- Java 6 Update 5
- Java 6 Update 7
- Java SE Runtime Environment 6 Update 1

Mets à jour Java.

Mets à jour Adobe Reader.

Je te conseille de remplacer Avast par Antivir que je trouve plus efficace car Avast met plus de temps à intégrer les nouvelles infections.

---> Ajoute maintenant [Résolu] au titre. Pour cela :

Clique, dans ton premier message, sur le bouton Editer .

Rajoute la mention [Résolu] devant le titre.

Clique ensuite sur Valider votre message.

J'ai suivi tes dernières consignes encore merci.