PC RAM A MORT

Bonjour,
depuis hier mon PC c'est mis ramer grave alors que je n'est rien fait de spéciale, aucune installation ni téléchargement,
a un moment l'explorateur windows utilisé comme mémoire plus de 700 000 K. Je sais si un virus a causé cela ou un programme. De plus, j'ai observé les programme ouvert dans le gestionnaire des taches et que des programme
nécessaire au fonctionnement de windows. (je suis sous vista).


Merci d'avance a ceux qui m'aideront.

Tout d'abbord Destrio5, merci de t'être interéssé à mon cas.

Voici les 2 rapport.

info :

info.txt logfile of random's system information tool 1.06 2009-05-07 23:02:14

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files\OrangeHSS\Uninstall\Bas_Debit_CustoUpdate\Shell.exe MainUninstall.shl
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AOL - Assistant de désinstallation-->C:\Program Files\Common Files\AOL\uninstaller.exe
Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
BitTorrent Ultra Accelerator-->C:\Program Files\BitTorrent Ultra Accelerator\uninstall.exe
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Bowling 3D-->C:\Program Files\Anuman Interactive\Bowling 3D\uninst.exe
Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}\SETUP.EXE" -l0x40c UNINST
Casino 3D-->"C:\Program Files\Anuman Interactive\Casino 3D\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cerebral Training - Mon coach particulier-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7E41A97B-173F-4B0F-A3EE-3F278979D9D7}\Setup.exe" -l0x40c
Coffret de pilotes Logitech Legacy USB Camera-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\11.10.2016\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"legacyqcam_11.10" /clone_wait /hide_progress
Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
ConvertMovie 4.1-->C:\Program Files\ConvertMovie 4.1\uninst.exe
Creator 9-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CREATOR9*
EasyCleaner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
Edirol HQ Orchestral VSTi v1.03-->C:\PROGRA~1\EDIROL\ORCHES~1.03\UNWISE.EXE C:\PROGRA~1\EDIROL\ORCHES~1.03\INSTALL.LOG
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EPSON Attach To Email-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}\SETUP.EXE" -l0x40c UNINST
EPSON File Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x40c UNINST
EPSON Logiciel imprimante-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
FairStars Audio Converter 1.77-->"C:\Program Files\FairStars Audio Converter\unins000.exe"
Firebird SQL Server - MAGIX Edition-->I:\Program Files\MAGIX\Common\Database\instslct.exe /p
FL Studio 8-->C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
Flash Player plugins 9-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Flashplayer*
Football Manager 2009-->"C:\Program Files\Sports Interactive\Football Manager 2009\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe"
Free Music Zilla-->"C:\Program Files\Free Music Zilla\unins000.exe"
Free Video Converter V 2.0-->"C:\Program Files\Free Video Converter\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
GameShadow-->MsiExec.exe /I{6AEAD38B-383B-46FF-8A5D-00A822ADA77A}
Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
GoogleDesktop-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleDesktop*
GoogleToolbar-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar*
HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
Hercules DJ Console drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A649F27-1A7B-42B1-8668-3BC2DD590919}\setup.exe" -l0x40c
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP USB Disk Storage Format Tool-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}\Setup.exe" -l0x9 anything
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Infocentre Rev. 2.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*
iTunes-->MsiExec.exe /I{EF6C4600-306D-4F6A-A119-C2A877D25B4A}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Keyboard FIJI-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *FIJI*
K-Lite Codec Pack 4.5.3 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\LHTTSFRF.inf, Uninstall
Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech QuickCam-->MsiExec.exe /X{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}
MAGIX Music Maker 2008 13.0.0.17 (F)-->C:\Program Files\MAGIX\MusicMaker2008\instslct.exe
MAGIX Music Maker 2008 Producer Edition Version à télécharger 13.0.2.1 (F)-->C:\Program Files\MAGIX\MusicMaker2008PE_Version_a_telecharger\unwise.exe
MAGIX PC Visit-->C:\Program Files\MAGIX\PCVisit\instslct.exe
MAGIX Photo Manager 2007 4.2.0.85 (F)-->C:\Program Files\MAGIX\Photo_Manager_2007\instslct.exe
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90120000-00A4-0409-0000-0000000FF1CE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Text-to-Speech Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\msTTS.inf, Uninstall
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\wmv9vcm.inf, Uninstall
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 - fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Mufin MusicFinder Base 1.0.1.255 (F)-->C:\Program Files\MAGIX\Mufin MusicFinder\instslct.exe
MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\16.5.0.135\InstStub.exe /X
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OFFICE One 150 Templates v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA147801-8946-4BBE-BE17-A2199CE52C81}\setup.exe" -l0x40c -removeonly
OFFICE One 7.0-->MsiExec.exe /I{1EF377AC-035A-48BE-8EF7-D18D36308CE9}
OFFICE One ClipArt v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8F3555E-B918-445E-97D1-BC4861C4EF59}\setup.exe" -l0x40c -removeonly
OFFICE One Fonts v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC0C788C-7C68-47A9-BFBF-0DF7B205B4CC}\setup.exe" -l0x40c -removeonly
OFFICE One License v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E1A7B28B-AA31-442C-A4FA-598B65A7F5DA}\setup.exe" -l0x40c -removeonly
OFFICE One Menu v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85C5827E-106F-4497-8066-B7CFEBBEA91D}\setup.exe" -l0x40c -removeonly
OFFICE One Notes v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D2683BE-2C44-4DB5-BECD-87B324077A7F}\setup.exe" -l0x40c -removeonly
OFFICE One QuickZip v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87DEF84E-51A5-4A0E-91C2-E012E92DE69B}\setup.exe" -l0x40c -removeonly
OFFICE One Safety-Box v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B243ABE9-57C2-4B97-BA6B-37DF6C0208ED}\setup.exe" -l0x40c -removeonly
OFFICE One Startup v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FEC30F06-A382-47D1-B828-859AC641EB1D}\setup.exe" -l0x40c -removeonly
Office One-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *OFFICE*
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
Orbit Downloader-->"C:\Program Files\Orbitdownloader\unins000.exe"
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
Prism Video Converter-->C:\Program Files\NCH Software\Prism\uninst.exe
ProtectDisc Helper Driver 10-->C:\Program Files\ProtectDisc Driver Installer\uninstall_v10.exe
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
Realtek HD Audio V6.0.1.5322-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO_REALTEK*
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Roxio Creator 9 LE-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
RTC Client API v1.2-->MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A}
SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR*
Skype 2.5.2.151-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*
Sony Vegas Pro 8.0-->MsiExec.exe /X{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}
Steinberg Cubase Studio 4-->MsiExec.exe /I{A5FB086B-B602-4452-8FE9-DF6BFBCE3D09}
Super Billard et Snooker 3D-->"c:\Program Files\Anuman Interactive\Super billard et snooker 3D\unins000.exe"
SyncroSoft Emu (Remove only)-->C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
Tiger Woods PGA TOUR 08-->C:\Program Files\EA Sports\Tiger Woods PGA TOUR 08\EAUninstall.exe
Todae - Live Media-->C:\Program Files\Windows Media Player\Plugins\Todae\RMP\uninstall_fr.exe
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118}
Update for Outlook 2007 Junk Email Filter (kb968503)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}
VIA Rhine Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
Video NVIDIA v97.46-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *VIDEO_NVIDIA*
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Visual C++ 8.0 ATL (x86) WinSXS MSM Beta2-->MsiExec.exe /I{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}
Visual C++ 8.0 ATL.Policy (x86) WinSXS MSM Beta2-->MsiExec.exe /I{66332652-9C28-58B1-FF1F-C8B3B9A1E18E}
Visual C++ 8.0 CRT (x86) WinSXS MSM Beta2-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM Beta2-->MsiExec.exe /I{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}
Visual C++ 8.0 MFC (x86) WinSXS MSM Beta2-->MsiExec.exe /I{9BAE13A2-E7AF-D6C3-FF1F-C8B3B9A1E18E}
Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM Beta2-->MsiExec.exe /I{68B7C6D9-1DF2-54C1-FF1F-C8B3B9A1E18E}
Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AS: AVG Anti-Spyware (disabled)
AS: Windows Defender

======System event log======

Computer Name: Packard-Bell
Event Code: 20
Message: Échec de l'installation : l'installation de la mise à jour suivante a échoue avec l'erreur 0x80070643 : Installation Windows Live.
Record Number: 168691
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20090507161200.863371-000
Event Type: Erreur
User: AUTORITE NT\SYSTEM

Computer Name: Packard-Bell
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 168706
Source Name: Tcpip
Time Written: 20090507181645.885275-000
Event Type: Avertissement
User:

Computer Name: Packard-Bell
Event Code: 7031
Message: Le service Service Partage réseau du Lecteur Windows Media s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.
Record Number: 168707
Source Name: Service Control Manager
Time Written: 20090507182300.000000-000
Event Type: Erreur
User:

Computer Name: Packard-Bell
Event Code: 7011
Message: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service ShellHWDetection.
Record Number: 168714
Source Name: Service Control Manager
Time Written: 20090507195311.000000-000
Event Type: Erreur
User:

Computer Name: Packard-Bell
Event Code: 7011
Message: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service ShellHWDetection.
Record Number: 168715
Source Name: Service Control Manager
Time Written: 20090507195319.000000-000
Event Type: Erreur
User:

=====Application event log=====

Computer Name: Packard-Bell
Event Code: 502
Message: Le client des services de certification n’a pas pu inscrire les notifications de la stratégie de groupe. Code d’erreur : 2147942405.
Record Number: 73310
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20090506204847.055998-000
Event Type: Avertissement
User: Packard-Bell\Mickael

Computer Name: Packard-Bell
Event Code: 8193
Message: Échec de la création d’un point de restauration sur le volume (Processus = C:\Windows\system32\svchost.exe -k netsvcs ; Description = Windows Update ; Hr = 0x81000101).
Record Number: 73383
Source Name: System Restore
Time Written: 20090507105332.000000-000
Event Type: Erreur
User:

Computer Name: Packard-Bell
Event Code: 4354
Message: Le système d'événements de COM+ n'a pas pu déclencher la méthode ConnectionMadeNoQOCInfo de l'abonnement {C46B786B-2751-41EF-9E08-7BE02C0ADB0E}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. L'abonné a renvoyé HRESULT 80040210.
Record Number: 73415
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090507145929.000000-000
Event Type: Avertissement
User:

Computer Name: Packard-Bell
Event Code: 4356
Message: Le système d'événements de COM+ n'a pas pu créer d'instance de l'abonné {28778B62-8481-400D-8E8A-A4C81ED3F65C}. StandardCreateInstance a renvoyé HRESULT 80080005.
Record Number: 73453
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090507155437.000000-000
Event Type: Avertissement
User:

Computer Name: Packard-Bell
Event Code: 1000
Message: Application défaillante ccSvcHst.exe, version 108.1.0.24, horodatage 0x49a5dac7, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a7a6, code d’exception 0xc0000005, décalage d’erreur 0x00047e8b, ID du processus 0x774, heure de début de l’application 0x01c9cf2bfc29feda.
Record Number: 73456
Source Name: Application Error
Time Written: 20090507155522.000000-000
Event Type: Erreur
User:

=====Security event log=====

Computer Name: Packard-Bell
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 36331
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090105112516.640625-000
Event Type: Succès de l'audit
User:

Computer Name: Packard-Bell
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PACKARD-BELL$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost

Informations sur le processus :
ID du processus : 0x2d0
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Adresse du réseau : -
Port : -

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 36332
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090105112519.772326-000
Event Type: Succès de l'audit
User:

Computer Name: Packard-Bell
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PACKARD-BELL$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x2d0
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 36333
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090105112519.772326-000
Event Type: Succès de l'audit
User:

Computer Name: Packard-Bell
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 36334
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090105112519.772326-000
Event Type: Succès de l'audit
User:

Computer Name: Packard-Bell
Event Code: 5033
Message: Le pilote du Pare-feu Windows est correctement démarré.
Record Number: 36335
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090105112520.383615-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0f02
"NUMBER_OF_PROCESSORS"=2
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip

-----------------EOF-----------------



LOG :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mickael at 2009-05-07 23:00:05
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 47 GB (21%) free of 230 GB
Total RAM: 1022 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02:00, on 07/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\Mickael\Desktop\RSIT.exe
C:\Program Files\trend micro\Mickael.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi- [...] ey=IESTART
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activ [...] stubie.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - I:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

--
End of file - 10190 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Extension de garantie.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1134688716-2738016877-902099103-1003.job
C:\Windows\tasks\Recovery DVD Creator.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2009-02-27 134344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-15 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-15 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-12 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2009-02-27 646264]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-15 259696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-06-15 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-08-01 222592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Users\Mickael\Program Files\DNA\btdna.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CAMP SHIM EXIT HECK]
C:\ProgramData\Part Regs Wave.y4z3meg [2009-02-21 16400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdromatom]
C:\ProgramData\Camp program program.4hnxrwe [2009-02-21 253968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DJ Console]
C:\Program Files\Hercules\Audio\Hercules DJ Console\DJConsoleMixer.exe [2004-12-24 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series]
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet]
C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe /min []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-19 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Mickael\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-12-18 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1169828225\ee\AOLSoftware.exe [2006-11-14 50736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-08-25 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-08-25 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-07-10 289064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-10-25 2178832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-20 228088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2006-11-09 3784704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys]
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2006-10-23 1092152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-12 136600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-06-15 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystrayORAHSS]
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [2006-12-12 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]
C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-01-10 18944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TransVente]
C:\PROGRA~1\TRANSV~1\TransVente.exe 1 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vspdfprsrv.exe]
C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mickael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BitTorrent Ultra Accelerator.lnk]
C:\PROGRA~1\BITTOR~2\BITTOR~1.EXE [2008-12-08 236032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mickael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Moteur du Planificateur de tâches SolidWorks.lnk]
C:\PROGRA~1\SOLIDW~2\SWSCHE~1\SWBOEN~1.EXE []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\River Past\Screen Recorder\ScreenRecorder.exe"="C:\Program Files\River Past\Screen Recorder\ScreenRecorder.exe:*:Enabled:River Past Screen Recorder"
"C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla"
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabledrbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabledrbit"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
shell\AutoRun\command - I:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10371688-96dc-11dd-8969-0019db413655}]
shell\Auto\command - cmd /C launch.bat
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48198042-205c-11dd-be51-00038a000015}]
shell\AutoRun\command - I:\EmDesk.exe
shell\EmDesk\command - I:\EmDesk.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2009-05-07 23:00:15 ----D---- C:\Program Files\trend micro
2009-05-07 23:00:05 ----D---- C:\rsit
2009-05-06 19:49:16 ----D---- C:\Program Files\Acoustica Beatcraft
2009-04-21 15:01:29 ----D---- C:\Users\Mickael\AppData\Roaming\Anuman Interactive
2009-04-19 17:27:49 ----D---- C:\Users\Mickael\AppData\Roaming\Publish Providers
2009-04-19 17:21:42 ----D---- C:\Users\Mickael\AppData\Roaming\Sony
2009-04-19 17:15:05 ----D---- C:\ProgramData\Sony
2009-04-19 17:13:09 ----D---- C:\Program Files\Sony
2009-04-19 17:10:49 ----D---- C:\Program Files\Sony Setup
2009-04-15 11:23:21 ----A---- C:\Windows\system32\xolehlp.dll
2009-04-15 11:23:21 ----A---- C:\Windows\system32\msdtcprx.dll
2009-04-15 11:23:04 ----A---- C:\Windows\system32\winhttp.dll
2009-04-15 11:21:03 ----A---- C:\Windows\system32\rpcss.dll
2009-04-15 11:21:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-04-15 11:21:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-04-15 11:20:58 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-04-15 11:20:57 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-04-15 11:20:56 ----A---- C:\Windows\system32\sdohlp.dll
2009-04-15 11:20:56 ----A---- C:\Windows\system32\iasrecst.dll
2009-04-15 11:20:56 ----A---- C:\Windows\system32\iasdatastore.dll
2009-04-15 11:20:55 ----A---- C:\Windows\system32\iashost.exe
2009-04-15 11:20:55 ----A---- C:\Windows\system32\iasads.dll
2009-04-15 11:20:12 ----A---- C:\Windows\system32\lsasrv.dll
2009-04-15 11:20:11 ----A---- C:\Windows\system32\kernel32.dll
2009-04-15 11:20:09 ----A---- C:\Windows\system32\secur32.dll
2009-04-15 11:20:07 ----A---- C:\Windows\system32\apilogen.dll
2009-04-15 11:20:07 ----A---- C:\Windows\system32\amxread.dll

======List of files/folders modified in the last 1 months======

2009-05-07 23:01:35 ----D---- C:\Windows\Temp
2009-05-07 23:00:15 ----D---- C:\Program Files
2009-05-07 21:35:36 ----D---- C:\Windows\Tasks
2009-05-07 20:19:06 ----D---- C:\Windows\system32\drivers
2009-05-07 18:17:58 ----SHD---- C:\Windows\Installer
2009-05-07 18:17:50 ----SHD---- C:\Config.Msi
2009-05-07 18:17:41 ----D---- C:\Program Files\Microsoft Office
2009-05-07 18:17:41 ----D---- C:\Program Files\Common Files\DESIGNER
2009-05-07 18:15:36 ----SHD---- C:\System Volume Information
2009-05-07 18:13:39 ----D---- C:\Program Files\Anuman Interactive
2009-05-07 18:13:18 ----D---- C:\Program Files\Audacity
2009-05-07 18:13:17 ----D---- C:\Windows\Prefetch
2009-05-07 18:02:47 ----D---- C:\Windows\winsxs
2009-05-07 11:54:53 ----D---- C:\Windows\system32\catroot
2009-05-07 11:54:52 ----D---- C:\Windows\system32\catroot2
2009-05-06 22:49:47 ----D---- C:\ProgramData\Google Updater
2009-05-06 20:04:55 ----D---- C:\Users\Mickael\AppData\Roaming\BitTorrent
2009-05-06 19:50:14 ----D---- C:\Windows
2009-05-06 19:49:53 ----D---- C:\Windows\System32
2009-05-06 13:05:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-06 13:05:06 ----D---- C:\Windows\inf
2009-05-06 12:48:17 ----A---- C:\Windows\Robota.INI
2009-05-06 12:48:17 ----A---- C:\Windows\BeatBox.INI
2009-05-04 12:29:57 ----D---- C:\ProgramData\stop 4
2009-05-02 21:12:36 ----D---- C:\ProgramData\Microsoft Help
2009-05-02 21:10:52 ----RSD---- C:\Windows\assembly
2009-05-02 21:07:56 ----RSD---- C:\Windows\Fonts
2009-05-02 21:07:38 ----D---- C:\Program Files\Common Files\microsoft shared
2009-05-02 21:06:53 ----D---- C:\Program Files\Microsoft Works
2009-05-02 21:03:48 ----A---- C:\Windows\win.ini
2009-05-02 21:03:47 ----D---- C:\Program Files\Common Files\System
2009-04-29 10:27:24 ----D---- C:\temp
2009-04-28 20:06:20 ----D---- C:\Windows\system32\LogFiles
2009-04-24 23:11:28 ----D---- C:\Users\Mickael\AppData\Roaming\BSplayer
2009-04-21 22:00:02 ----D---- C:\Windows\Debug
2009-04-19 17:41:10 ----AD---- C:\ProgramData\TEMP
2009-04-19 17:24:14 ----D---- C:\Program Files\VstPlugins
2009-04-19 17:15:05 ----D---- C:\ProgramData
2009-04-18 22:37:00 ----D---- C:\Program Files\Unlocker
2009-04-16 11:47:48 ----D---- C:\Windows\system32\wbem
2009-04-16 11:47:48 ----D---- C:\Program Files\Windows Mail
2009-04-16 11:47:47 ----D---- C:\Windows\system32\manifeststore
2009-04-16 11:47:47 ----D---- C:\Windows\AppPatch
2009-04-09 12:58:50 ----D---- C:\ProgramData\That Face Camp Shim

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-03-25 482352]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-03-25 371248]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\elrawdsk.sys [2008-09-03 12800]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090501.001\IDSvix86.sys [2009-01-29 292912]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\Windows\system32\drivers\NIS\1005000.087\SRTSPX.SYS [2009-03-12 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIM

Voici le rapport :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Mickael ( Not Administrator ! )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:224 Go (Free:47 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
J:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 08/05/2009|10:36 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[10/12/2008|16:31] C:\Users\Mickael\AppData\Local\{7326CE9D-C0D2-433A-8A57-B7934EA13EC8}
[08/03/2009|20:50] C:\Users\Mickael\AppData\Local\Adobe
[26/12/2008|14:10] C:\Users\Mickael\AppData\Local\Ahead
[12/05/2008|21:55] C:\Users\Mickael\AppData\Local\AOL
[01/06/2008|19:40] C:\Users\Mickael\AppData\Local\Apple
[18/07/2008|11:08] C:\Users\Mickael\AppData\Local\Apple Computer
[12/05/2008|21:53] C:\Users\Mickael\AppData\Local\Application Data
[08/12/2008|19:14] C:\Users\Mickael\AppData\Local\ApplicationHistory
[07/05/2009|20:46] C:\Users\Mickael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[06/12/2008|16:11] C:\Users\Mickael\AppData\Local\Downloaded Installations
[13/05/2008|11:24] C:\Users\Mickael\AppData\Local\eMule
[12/05/2008|21:55] C:\Users\Mickael\AppData\Local\fusioncache.dat
[03/05/2009|10:55] C:\Users\Mickael\AppData\Local\GDIPFONTCACHEV1.DAT
[21/04/2009|13:14] C:\Users\Mickael\AppData\Local\Google
[12/05/2008|21:53] C:\Users\Mickael\AppData\Local\Historique
[08/05/2009|10:28] C:\Users\Mickael\AppData\Local\IconCache.db
[26/03/2009|21:42] C:\Users\Mickael\AppData\Local\IM
[15/12/2008|21:05] C:\Users\Mickael\AppData\Local\Microsoft
[19/09/2008|20:15] C:\Users\Mickael\AppData\Local\Microsoft Games
[28/11/2008|20:13] C:\Users\Mickael\AppData\Local\Microsoft Help
[14/05/2008|20:58] C:\Users\Mickael\AppData\Local\Mozilla
[15/11/2008|17:22] C:\Users\Mickael\AppData\Local\NOS
[04/06/2008|16:20] C:\Users\Mickael\AppData\Local\Oberon Media
[18/05/2008|18:07] C:\Users\Mickael\AppData\Local\Packard Bell
[10/12/2008|16:39] C:\Users\Mickael\AppData\Local\Pando
[09/07/2008|00:26] C:\Users\Mickael\AppData\Local\regrc.bat
[19/04/2009|17:21] C:\Users\Mickael\AppData\Local\Sony
[07/05/2009|20:05] C:\Users\Mickael\AppData\Local\Symantec
[08/05/2009|10:34] C:\Users\Mickael\AppData\Local\Temp
[12/05/2008|21:53] C:\Users\Mickael\AppData\Local\Temporary Internet Files
[26/03/2009|21:32] C:\Users\Mickael\AppData\Local\Thunderbird
[01/02/2009|18:46] C:\Users\Mickael\AppData\Local\vdownloader
[16/06/2008|19:20] C:\Users\Mickael\AppData\Local\vetclci.bat
[12/05/2008|21:56] C:\Users\Mickael\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[08/05/2009 10:33][--a------] C:\Windows\tasks\Google Software Updater.job
[06/05/2009 14:40][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1134688716-2738016877-902099103-1003.job
[08/05/2009 10:00][--a------] C:\Windows\tasks\Extension de garantie.job
[08/05/2009 10:00][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[08/05/2009 10:30][--ah-----] C:\Windows\tasks\SA.DAT
[08/05/2009 10:29][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[07/03/2009|23:04] C:\ProgramData\Adobe
[24/12/2008|19:33] C:\ProgramData\Ahead
[08/10/2008|10:18] C:\ProgramData\AOL
[05/06/2008|10:10] C:\ProgramData\Apple
[18/07/2008|10:37] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[12/05/2008|20:33] C:\ProgramData\Bureau
[21/02/2009|23:25] C:\ProgramData\Camp program program.4hnxrwe
[21/02/2009|23:25] C:\ProgramData\Camp program program.mowmg
[20/11/2008|12:48] C:\ProgramData\Ciel
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[26/05/2008|10:37] C:\ProgramData\Downloaded Installations
[13/05/2008|11:24] C:\ProgramData\eMule
[27/08/2008|11:22] C:\ProgramData\EPSON
[13/09/2008|17:26] C:\ProgramData\eXPert PDF 4
[12/05/2008|20:33] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[07/03/2009|23:16] C:\ProgramData\FLEXnet
[29/12/2008|16:51] C:\ProgramData\Google
[08/05/2009|09:04] C:\ProgramData\Google Updater
[11/03/2009|13:34] C:\ProgramData\Grisoft
[26/03/2009|21:40] C:\ProgramData\IM
[26/03/2009|21:40] C:\ProgramData\IncrediMail
[26/01/2007|18:21] C:\ProgramData\InstallShield
[28/10/2008|14:37] C:\ProgramData\iolo
[15/07/2008|14:49] C:\ProgramData\LogiShrd
[14/06/2008|14:01] C:\ProgramData\Logitech
[02/03/2009|17:31] C:\ProgramData\MAGIX
[12/05/2008|20:33] C:\ProgramData\Menu D‚marrer
[25/02/2009|20:53] C:\ProgramData\Messenger Plus!
[29/05/2008|12:38] C:\ProgramData\MGS
[29/12/2008|19:47] C:\ProgramData\Micro Application
[29/05/2008|12:38] C:\ProgramData\Microgaming
[21/02/2009|21:26] C:\ProgramData\Microsoft
[02/05/2009|21:12] C:\ProgramData\Microsoft Help
[12/05/2008|20:33] C:\ProgramData\ModŠles
[26/08/2008|12:26] C:\ProgramData\N360BUOptions.ini
[30/03/2009|19:51] C:\ProgramData\NCH Software
[24/12/2008|19:28] C:\ProgramData\Nero
[22/10/2008|16:53] C:\ProgramData\Norton
[22/10/2008|16:48] C:\ProgramData\NortonInstaller
[15/11/2008|17:22] C:\ProgramData\NOS
[26/03/2009|09:18] C:\ProgramData\ntuser.pol
[30/10/2008|10:04] C:\ProgramData\NVIDIA
[26/01/2007|18:35] C:\ProgramData\OFFICE One v7
[28/11/2008|23:03] C:\ProgramData\OrbNetworks
[21/02/2009|23:26] C:\ProgramData\Part Regs Wave.y4z3meg
[22/10/2008|16:48] C:\ProgramData\PCSettings
[25/01/2009|12:21] C:\ProgramData\Pinnacle
[09/11/2008|15:19] C:\ProgramData\River Past G5
[10/08/2008|18:12] C:\ProgramData\Roxio
[09/01/2009|23:40] C:\ProgramData\Skype
[20/12/2008|15:06] C:\ProgramData\SolidWorks
[10/08/2008|14:45] C:\ProgramData\Sonic
[19/04/2009|17:15] C:\ProgramData\Sony
[09/03/2009|22:16] C:\ProgramData\Sports Interactive
[02/11/2006|15:02] C:\ProgramData\Start Menu
[04/05/2009|12:29] C:\ProgramData\stop 4
[14/10/2008|17:21] C:\ProgramData\Symantec
[19/01/2009|13:33] C:\ProgramData\Syncrosoft
[19/04/2009|17:41] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[09/04/2009|12:58] C:\ProgramData\That Face Camp Shim
[12/01/2009|18:32] C:\ProgramData\TuneUp Software
[27/08/2008|11:27] C:\ProgramData\UDL
[04/06/2008|21:16] C:\ProgramData\WindowsSearch
[21/02/2009|23:17] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[04/03/2009|15:30] C:\Program Files\7-Zip
[07/05/2009|20:00] C:\Program Files\Acoustica Beatcraft
[07/03/2009|23:05] C:\Program Files\Adobe
[26/10/2008|14:12] C:\Program Files\Alcohol Soft
[07/05/2009|18:13] C:\Program Files\Anuman Interactive
[05/06/2008|10:10] C:\Program Files\Apple Software Update
[07/05/2009|18:13] C:\Program Files\Audacity
[08/02/2009|15:31] C:\Program Files\AviSynth 2.5
[07/11/2008|00:07] C:\Program Files\BitTorrent
[24/01/2009|18:39] C:\Program Files\BitTorrent Ultra Accelerator
[18/07/2008|10:36] C:\Program Files\Bonjour
[05/03/2009|14:22] C:\Program Files\Casse Brique
[17/01/2009|19:46] C:\Program Files\CCleaner
[05/04/2009|21:03] C:\Program Files\Common Files
[13/09/2008|17:16] C:\Program Files\ConvertMovie 4.1
[07/03/2009|16:31] C:\Program Files\Crcle Developement
[01/02/2009|21:06] C:\Program Files\DivX
[13/09/2008|17:21] C:\Program Files\Driver-Soft
[23/02/2009|17:46] C:\Program Files\EA Sports
[08/01/2009|12:40] C:\Program Files\EDIROL
[13/05/2008|11:24] C:\Program Files\eMule
[27/08/2008|11:24] C:\Program Files\epson
[08/02/2009|15:30] C:\Program Files\eRightSoft
[06/01/2009|20:50] C:\Program Files\FairStars Audio Converter
[09/02/2009|10:31] C:\Program Files\ffdshow
[12/05/2008|20:33] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[19/01/2009|23:04] C:\Program Files\Fish Aquarium 3D Screensaver
[19/01/2009|23:02] C:\Program Files\fishaquarium
[28/02/2009|16:29] C:\Program Files\FlashGet Network
[11/01/2009|18:55] C:\Program Files\Free Audio Pack
[19/10/2008|21:28] C:\Program Files\Free Download Manager
[01/02/2009|17:29] C:\Program Files\Free Music Zilla
[29/03/2009|21:21] C:\Program Files\Free Video Converter
[22/02/2009|18:47] C:\Program Files\Golf Adventure Galaxy
[22/02/2009|12:04] C:\Program Files\Google
[26/01/2007|18:16] C:\Program Files\HDReg
[27/01/2009|20:40] C:\Program Files\Hercules
[11/01/2009|18:56] C:\Program Files\Image-Line
[12/10/2008|11:02] C:\Program Files\inKline Global
[14/03/2009|18:36] C:\Program Files\InstallShield Installation Information
[25/03/2009|13:26] C:\Program Files\Internet Explorer
[18/07/2008|10:37] C:\Program Files\iPod
[26/01/2007|18:32] C:\Program Files\ISSENDIS
[18/07/2008|10:37] C:\Program Files\iTunes
[12/01/2009|18:08] C:\Program Files\Java
[08/02/2009|20:50] C:\Program Files\K-Lite Codec Pack
[15/07/2008|14:48] C:\Program Files\Logitech
[02/03/2009|18:02] C:\Program Files\MAGIX
[21/02/2009|23:25] C:\Program Files\Messenger Plus! Live
[14/03/2009|18:35] C:\Program Files\Micro Application
[20/03/2009|23:29] C:\Program Files\Microsoft
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[07/05/2009|18:17] C:\Program Files\Microsoft Office
[26/02/2009|11:25] C:\Program Files\Microsoft Silverlight
[12/05/2008|22:38] C:\Program Files\Microsoft SQL Server Compact Edition
[30/11/2008|19:20] C:\Program Files\Microsoft Visual Studio
[30/11/2008|19:15] C:\Program Files\Microsoft Visual Studio 8
[02/05/2009|21:06] C:\Program Files\Microsoft Works
[30/11/2008|19:18] C:\Program Files\Microsoft.NET
[05/06/2008|17:15] C:\Program Files\Mio Technology
[13/09/2008|17:16] C:\Program Files\MOVAVI
[23/05/2008|19:09] C:\Program Files\Movie Maker
[29/03/2009|14:36] C:\Program Files\Mozilla Firefox
[26/12/2008|19:59] C:\Program Files\MP3Gain
[30/11/2008|19:22] C:\Program Files\MSBuild
[21/02/2009|23:12] C:\Program Files\MSECache
[30/03/2009|19:50] C:\Program Files\NCH Software
[24/12/2008|19:28] C:\Program Files\Nero
[22/10/2008|16:53] C:\Program Files\Norton Internet Security
[14/10/2008|17:25] C:\Program Files\NortonInstaller
[15/11/2008|17:22] C:\Program Files\NOS
[26/01/2007|18:36] C:\Program Files\OFFICE ONE 7.0
[26/01/2007|18:35] C:\Program Files\OFFICE One v7
[08/05/2009|10:06] C:\Program Files\OrangeHSS
[04/03/2009|13:29] C:\Program Files\Orbitdownloader
[31/08/2008|18:52] C:\Program Files\Outsim
[26/01/2007|18:37] C:\Program Files\Packard Bell
[13/05/2008|11:35] C:\Program Files\Panda Security
[14/07/2008|16:58] C:\Program Files\PhotoFiltre
[08/11/2008|16:30] C:\Program Files\PowerISO
[14/05/2008|18:57] C:\Program Files\ProtectDisc Driver Installer
[05/09/2008|17:34] C:\Program Files\QuickTime
[14/05/2008|20:57] C:\Program Files\Real
[26/01/2007|18:14] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[22/02/2009|13:03] C:\Program Files\ReflexiveArcade
[29/12/2008|14:49] C:\Program Files\RegCleaner
[26/01/2007|18:21] C:\Program Files\Roxio
[25/12/2008|12:12] C:\Program Files\SAGEM
[04/03/2009|15:27] C:\Program Files\SolidWorks
[04/03/2009|14:58] C:\Program Files\Sonic and Knuckles
[04/03/2009|14:59] C:\Program Files\Sonik Synth 2 Free
[19/04/2009|17:13] C:\Program Files\Sony
[19/04/2009|17:10] C:\Program Files\Sony Setup
[09/03/2009|22:02] C:\Program Files\Sports Interactive
[20/01/2009|13:26] C:\Program Files\Steinberg
[26/03/2009|09:29] C:\Program Files\Symantec
[05/03/2009|12:45] C:\Program Files\Syncrosoft
[30/12/2008|18:06] C:\Program Files\ToniArts
[07/05/2009|23:02] C:\Program Files\trend micro
[12/01/2009|18:33] C:\Program Files\TuneUp Utilities 2008
[18/04/2009|22:37] C:\Program Files\Unlocker
[25/01/2009|21:02] C:\Program Files\VirtualDJ
[19/04/2009|17:24] C:\Program Files\VstPlugins
[30/09/2008|18:25] C:\Program Files\Webteh
[17/01/2009|18:22] C:\Program Files\Winamp
[06/12/2008|10:34] C:\Program Files\Winamp Remote
[23/05/2008|19:09] C:\Program Files\Windows Calendar
[23/05/2008|19:09] C:\Program Files\Windows Collaboration
[23/05/2008|19:09] C:\Program Files\Windows Defender
[21/02/2009|23:13] C:\Program Files\Windows Installer Clean Up
[21/02/2009|23:22] C:\Program Files\Windows Live
[16/04/2009|11:47] C:\Program Files\Windows Mail
[17/12/2008|15:16] C:\Program Files\Windows Media Components
[26/02/2009|11:24] C:\Program Files\Windows Media Player
[12/05/2008|20:33] C:\Program Files\Windows NT
[23/05/2008|19:09] C:\Program Files\Windows Photo Gallery
[23/05/2008|19:09] C:\Program Files\Windows Sidebar
[07/12/2008|19:05] C:\Program Files\WinRAR
[09/11/2008|15:18] C:\Program Files\WMV9_VCM
[29/05/2008|22:00] C:\Program Files\Zero G Registry

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[31/12/2008|11:28] C:\Program Files\Common Files\Acon Digital Media
[07/03/2009|23:03] C:\Program Files\Common Files\Adobe
[24/12/2008|19:32] C:\Program Files\Common Files\Ahead
[08/10/2008|10:18] C:\Program Files\Common Files\aol
[26/01/2007|18:18] C:\Program Files\Common Files\aolshare
[05/06/2008|10:20] C:\Program Files\Common Files\Apple
[07/04/2009|10:19] C:\Program Files\Common Files\AVSMedia
[07/05/2009|18:17] C:\Program Files\Common Files\DESIGNER
[14/10/2008|20:00] C:\Program Files\Common Files\France Telecom
[05/06/2008|17:13] C:\Program Files\Common Files\InstallShield
[01/06/2008|12:13] C:\Program Files\Common Files\Java
[20/03/2009|23:28] C:\Program Files\Common Files\logishrd
[07/03/2009|22:42] C:\Program Files\Common Files\Macrovision Shared
[17/05/2008|18:20] C:\Program Files\Common Files\MAGIX Shared
[02/05/2009|21:07] C:\Program Files\Common Files\microsoft shared
[21/12/2008|12:56] C:\Program Files\Common Files\Nero
[26/01/2007|18:18] C:\Program Files\Common Files\Nullsoft
[16/06/2008|08:57] C:\Program Files\Common Files\Panda Software
[01/02/2009|20:56] C:\Program Files\Common Files\PX Storage Engine
[30/11/2008|13:19] C:\Program Files\Common Files\Real
[26/01/2007|18:21] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[04/03/2009|15:26] C:\Program Files\Common Files\SolidWorks Shared
[26/01/2007|18:21] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[26/01/2007|18:21] C:\Program Files\Common Files\SureThing Shared
[22/10/2008|17:22] C:\Program Files\Common Files\Symantec Shared
[02/05/2009|21:03] C:\Program Files\Common Files\System
[21/02/2009|21:27] C:\Program Files\Common Files\Windows Live
[12/05/2008|22:35] C:\Program Files\Common Files\WindowsLiveInstaller
[12/01/2009|18:30] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 59 Processes )

iexplore.exe ~ [PID:4996]
iexplore.exe ~ [PID:5500]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\Camp program program.mowmg
C:\ProgramData\Camp program program.4hnxrwe
C:\ProgramData\Part Regs Wave.y4z3meg

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\That Face Camp Shim
C:\ProgramData\That Face Camp Shim\that great.dat
C:\Users\Mickael\AppData\Local\Temp\stadistic.log
C:\Program Files\Orbitdownloader
C:\Program Files\Orbitdownloader\addons
C:\Program Files\Orbitdownloader\banurl.ini
C:\Program Files\Orbitdownloader\banurl.ini.bak
C:\Program Files\Orbitdownloader\changelog.txt
C:\Program Files\Orbitdownloader\download.dll
C:\Program Files\Orbitdownloader\Grab.exe
C:\Program Files\Orbitdownloader\GrabDll.dll
C:\Program Files\Orbitdownloader\GrabKernel.dll
C:\Program Files\Orbitdownloader\GrabPro.dll
C:\Program Files\Orbitdownloader\idht.dll
C:\Program Files\Orbitdownloader\Lang.ini
C:\Program Files\Orbitdownloader\language
C:\Program Files\Orbitdownloader\libeay32.dll
C:\Program Files\Orbitdownloader\orbitcth.dll
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitmxt.dll
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Orbitdownloader\orbitsearch.xml
C:\Program Files\Orbitdownloader\saction.dll
C:\Program Files\Orbitdownloader\siteinfo.ini
C:\Program Files\Orbitdownloader\siteinfo.ini.bak
C:\Program Files\Orbitdownloader\ssleay32.dll
C:\Program Files\Orbitdownloader\unins000.dat
C:\Program Files\Orbitdownloader\unins000.exe
C:\Program Files\Orbitdownloader\update
C:\Program Files\Orbitdownloader\winfile.dll

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-08 10:36:55
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 96

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Mickael\AppData\Roaming\BitTorrent\Adobe Photoshop CS3 Extended + Crack.rar.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation.1.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\doom 3 + patch V3.1 +crack nocd.rar.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Fruity Loops Studio 7 Full + Crack.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%).rar.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Ma 6-t Va Crack-er.avi.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Ma 6T va crack-er.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\MAGIX.Music.Maker.14.v13.0.2.1 + crack.1.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\MAGIX.Music.Maker.14.v13.0.2.1 + crack.2.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\MAGIX.Music.Maker.14.v13.0.2.1 + crack.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Nero 7.11.6.0 [With keygen and Activator].torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Norton-AV-2008-Incl Keygen Fully Avtivated.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Norton-AV-2008-InclKeygen.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\SolidWorks Crack.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Sony Vegas Pro 8.0c Build 260 + Keygen.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen.1.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen.2.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\UseNeXT 4.34 + Crack.rar.torrent
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation
C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Cubase Studio 4 Hybride (Mac et PC).iso
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Nouveau document texte.txt
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Read Me!!!.nfo
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Update_HALion_3.3.1.456.exe
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\SYNSOACC.dll
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1\Cubase_4.5.2.274_Update.exe
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1\Cubase_Studio_Patch_411.msp
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1\Update_HALionOne_1.1.0.0.exe
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Crack
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Crack\fm91_t1.exe
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Instructions.txt
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Keygen
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Patch FR
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Keygen\Keygen.exe
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Keygen\readme.txt
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Patch FR\french.ltc
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Patch\fm2009-crack&patch.sfv
C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Blackcat.nfo
C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Crack
C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Crack\Blackcat.txt
C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Crack\MusicMaker.exe
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack.rar
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\Cubase sx3.exe
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\Leeme.txt
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\SYNSOACC.dll
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\SYNSOACC.dll Original
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\SYNSOACC.dll Original\SYNSOACC.dll
C:\Users\Mickael\Documents\Nouveau dossier\(Serial-Crack-Keygen) - Alcohol 120% and Fantom CD Serials.txt
C:\Users\Mickael\Documents\Nouveau dossier\Ableton Live 7.0.7 FULL crack serial.txt
C:\Users\Mickael\Documents\Nouveau dossier\Alcohol 120% 1.9.7.6221 Retail Crack.txt
C:\Users\Mickael\Documents\Nouveau dossier\ALL SERIAL Cracks,serialnumbers,keygenerators,nero,corel draw,antivirus,adobe,macromedia, norton,paint shop pro,winrar,winzip,x win,astalav.doc
C:\Users\Mickael\Documents\Nouveau dossier\Cracks,Serialnumbers,Keygenerators,Nero,Corel Draw,Antivirus,Adobe,Macromedia, Norton,Paint Shop Pro,Winrar,Winzip,X Win,Astalav.txt
C:\Users\Mickael\Documents\Nouveau dossier\keygen virtual dj 5.0.txt
C:\Users\Mickael\Documents\Nouveau dossier\Nero 9 Ultra Edition 9.0.9.4b + New KeyGen serial valid crack Burning ROM retail upgrade box version.txt
C:\Users\Mickael\Documents\Parole\Nouveau dossier\A VOIR FABULEUX astuces Liste Grossiste Codes Allopass Complet [allopass.crack.site.comment.dvix.Sel 2 Mer.By.Flaviman].rtf
C:\Users\Mickael\Documents\Sample\Pro Samples\ReFX.quadraSID.VSTi.v1.6.incl.KeyGen-BEAT.rar
C:\Users\Mickael\Documents\Sample\Pro Samples\E-Lab Smokers Delight. Sample CD 16bit 44.1kHz .wav\A68-70_FxVox_Loops_80_90_100\A68_MpcScr2_eLAB_Crackl_080.wav
C:\Users\Mickael\Documents\Sample\Pro Samples\E-Lab Smokers Delight. Sample CD 16bit 44.1kHz .wav\A68-70_FxVox_Loops_80_90_100\A68_MpcScr3_eLAB_Crack2_080.wav
C:\Users\Mickael\Documents\Sample\Pro Samples\E-Lab Smokers Delight. Sample CD 16bit 44.1kHz .wav\A68-70_FxVox_Loops_80_90_100\A70_MpcVox3_eLAB_Crackl_100.wav
C:\Users\Mickael\Documents\Sample\Pro Samples\URBAN WARFARE - AIFF\HARD HITN HORNS 3\HN_HORNONCRACK.AIF
C:\Users\Mickael\Documents\Sample\Pro Samples\URBAN WARFARE - WAV\HARD HITN HORNS 3\HN_HORNONCRACK.WAV
C:\Users\Mickael\Documents\Sample\Sound sample\2431-117_Jovica_Tonic_Electronic_Drum_Samples\38254_Jovica_Tonic_Crack.flac
C:\Users\Mickael\Downloads\Crack
C:\Users\Mickael\Downloads\Crack\Craagle.exe
C:\Users\Mickael\Downloads\Crack\Options.ini
C:\Users\Mickael\Downloads\Crack\proxy.txt
C:\Users\Mickael\Music\Assassin-Rockin' Squat\2007-TOO HOT FOR TV\5 Crack game.mp3
C:\Users\Mickael\Videos\Ma 6-t Va Crack-er.avi


[F:1730][D:351]-> C:\Users\Mickael\AppData\Local\Temp
[F:84][D:1]-> C:\Users\Mickael\AppData\Roaming\MICROS~1\Windows\Cookies
[F:3561][D:9]-> C:\Users\Mickael\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:182][D:14]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 08/05/2009|10:46 - Option : [1]

--------------------\\ Fin du rapport a 10:47:04
[ UAC => 1 ]



Est-ce cete infection qui fait ralentir mon ordinateur ?

Voici le rapport :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Mickael ( Not Administrator ! )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:224 Go (Free:46 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
J:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 08/05/2009|12:48 )

[ UAC => 0 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\That Face Camp Shim\that great.dat
Supprime! - C:\Users\Mickael\AppData\Local\Temp\stadistic.log
Supprime! - C:\Program Files\Orbitdownloader\addons
Supprime! - C:\Program Files\Orbitdownloader\banurl.ini
Supprime! - C:\Program Files\Orbitdownloader\banurl.ini.bak
Supprime! - C:\Program Files\Orbitdownloader\changelog.txt
Supprime! - C:\Program Files\Orbitdownloader\download.dll
Supprime! - C:\Program Files\Orbitdownloader\Grab.exe
Supprime! - C:\Program Files\Orbitdownloader\GrabDll.dll
Supprime! - C:\Program Files\Orbitdownloader\GrabKernel.dll
Supprime! - C:\Program Files\Orbitdownloader\GrabPro.dll
Supprime! - C:\Program Files\Orbitdownloader\idht.dll
Supprime! - C:\Program Files\Orbitdownloader\Lang.ini
Supprime! - C:\Program Files\Orbitdownloader\language
Supprime! - C:\Program Files\Orbitdownloader\libeay32.dll
Supprime! - C:\Program Files\Orbitdownloader\orbitcth.dll
Supprime! - C:\Program Files\Orbitdownloader\orbitdm.exe
Supprime! - C:\Program Files\Orbitdownloader\orbitmxt.dll
Supprime! - C:\Program Files\Orbitdownloader\orbitnet.exe
Supprime! - C:\Program Files\Orbitdownloader\orbitsearch.xml
Supprime! - C:\Program Files\Orbitdownloader\saction.dll
Supprime! - C:\Program Files\Orbitdownloader\siteinfo.ini
Supprime! - C:\Program Files\Orbitdownloader\siteinfo.ini.bak
Supprime! - C:\Program Files\Orbitdownloader\ssleay32.dll
Supprime! - C:\Program Files\Orbitdownloader\unins000.dat
Supprime! - C:\Program Files\Orbitdownloader\unins000.exe
Supprime! - C:\Program Files\Orbitdownloader\update
Supprime! - C:\Program Files\Orbitdownloader\winfile.dll
Supprime! - C:\ProgramData\Camp program program.mowmg
Supprime! - C:\ProgramData\Camp program program.4hnxrwe
Supprime! - C:\ProgramData\Part Regs Wave.y4z3meg
Supprime! - C:\ProgramData\That Face Camp Shim
Supprime! - C:\Program Files\Orbitdownloader
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[10/12/2008|16:31] C:\Users\Mickael\AppData\Local\{7326CE9D-C0D2-433A-8A57-B7934EA13EC8}
[08/03/2009|20:50] C:\Users\Mickael\AppData\Local\Adobe
[26/12/2008|14:10] C:\Users\Mickael\AppData\Local\Ahead
[12/05/2008|21:55] C:\Users\Mickael\AppData\Local\AOL
[01/06/2008|19:40] C:\Users\Mickael\AppData\Local\Apple
[18/07/2008|11:08] C:\Users\Mickael\AppData\Local\Apple Computer
[12/05/2008|21:53] C:\Users\Mickael\AppData\Local\Application Data
[08/12/2008|19:14] C:\Users\Mickael\AppData\Local\ApplicationHistory
[07/05/2009|20:46] C:\Users\Mickael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[06/12/2008|16:11] C:\Users\Mickael\AppData\Local\Downloaded Installations
[13/05/2008|11:24] C:\Users\Mickael\AppData\Local\eMule
[12/05/2008|21:55] C:\Users\Mickael\AppData\Local\fusioncache.dat
[03/05/2009|10:55] C:\Users\Mickael\AppData\Local\GDIPFONTCACHEV1.DAT
[21/04/2009|13:14] C:\Users\Mickael\AppData\Local\Google
[12/05/2008|21:53] C:\Users\Mickael\AppData\Local\Historique
[08/05/2009|11:51] C:\Users\Mickael\AppData\Local\IconCache.db
[26/03/2009|21:42] C:\Users\Mickael\AppData\Local\IM
[15/12/2008|21:05] C:\Users\Mickael\AppData\Local\Microsoft
[19/09/2008|20:15] C:\Users\Mickael\AppData\Local\Microsoft Games
[28/11/2008|20:13] C:\Users\Mickael\AppData\Local\Microsoft Help
[14/05/2008|20:58] C:\Users\Mickael\AppData\Local\Mozilla
[15/11/2008|17:22] C:\Users\Mickael\AppData\Local\NOS
[04/06/2008|16:20] C:\Users\Mickael\AppData\Local\Oberon Media
[18/05/2008|18:07] C:\Users\Mickael\AppData\Local\Packard Bell
[10/12/2008|16:39] C:\Users\Mickael\AppData\Local\Pando
[09/07/2008|00:26] C:\Users\Mickael\AppData\Local\regrc.bat
[19/04/2009|17:21] C:\Users\Mickael\AppData\Local\Sony
[07/05/2009|20:05] C:\Users\Mickael\AppData\Local\Symantec
[08/05/2009|12:49] C:\Users\Mickael\AppData\Local\Temp
[12/05/2008|21:53] C:\Users\Mickael\AppData\Local\Temporary Internet Files
[26/03/2009|21:32] C:\Users\Mickael\AppData\Local\Thunderbird
[01/02/2009|18:46] C:\Users\Mickael\AppData\Local\vdownloader
[16/06/2008|19:20] C:\Users\Mickael\AppData\Local\vetclci.bat
[12/05/2008|21:56] C:\Users\Mickael\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[08/05/2009 11:57][--a------] C:\Windows\tasks\Google Software Updater.job
[06/05/2009 14:40][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1134688716-2738016877-902099103-1003.job
[08/05/2009 12:30][--a------] C:\Windows\tasks\Extension de garantie.job
[08/05/2009 12:30][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[08/05/2009 11:54][--ah-----] C:\Windows\tasks\SA.DAT
[08/05/2009 11:52][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[07/03/2009|23:04] C:\ProgramData\Adobe
[24/12/2008|19:33] C:\ProgramData\Ahead
[08/10/2008|10:18] C:\ProgramData\AOL
[05/06/2008|10:10] C:\ProgramData\Apple
[18/07/2008|10:37] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[12/05/2008|20:33] C:\ProgramData\Bureau
[20/11/2008|12:48] C:\ProgramData\Ciel
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[26/05/2008|10:37] C:\ProgramData\Downloaded Installations
[13/05/2008|11:24] C:\ProgramData\eMule
[27/08/2008|11:22] C:\ProgramData\EPSON
[13/09/2008|17:26] C:\ProgramData\eXPert PDF 4
[12/05/2008|20:33] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[07/03/2009|23:16] C:\ProgramData\FLEXnet
[29/12/2008|16:51] C:\ProgramData\Google
[08/05/2009|09:04] C:\ProgramData\Google Updater
[11/03/2009|13:34] C:\ProgramData\Grisoft
[26/03/2009|21:40] C:\ProgramData\IM
[26/03/2009|21:40] C:\ProgramData\IncrediMail
[26/01/2007|18:21] C:\ProgramData\InstallShield
[28/10/2008|14:37] C:\ProgramData\iolo
[15/07/2008|14:49] C:\ProgramData\LogiShrd
[14/06/2008|14:01] C:\ProgramData\Logitech
[02/03/2009|17:31] C:\ProgramData\MAGIX
[12/05/2008|20:33] C:\ProgramData\Menu D‚marrer
[25/02/2009|20:53] C:\ProgramData\Messenger Plus!
[29/05/2008|12:38] C:\ProgramData\MGS
[29/12/2008|19:47] C:\ProgramData\Micro Application
[29/05/2008|12:38] C:\ProgramData\Microgaming
[21/02/2009|21:26] C:\ProgramData\Microsoft
[02/05/2009|21:12] C:\ProgramData\Microsoft Help
[12/05/2008|20:33] C:\ProgramData\ModŠles
[26/08/2008|12:26] C:\ProgramData\N360BUOptions.ini
[30/03/2009|19:51] C:\ProgramData\NCH Software
[24/12/2008|19:28] C:\ProgramData\Nero
[22/10/2008|16:53] C:\ProgramData\Norton
[22/10/2008|16:48] C:\ProgramData\NortonInstaller
[15/11/2008|17:22] C:\ProgramData\NOS
[26/03/2009|09:18] C:\ProgramData\ntuser.pol
[30/10/2008|10:04] C:\ProgramData\NVIDIA
[26/01/2007|18:35] C:\ProgramData\OFFICE One v7
[28/11/2008|23:03] C:\ProgramData\OrbNetworks
[22/10/2008|16:48] C:\ProgramData\PCSettings
[25/01/2009|12:21] C:\ProgramData\Pinnacle
[09/11/2008|15:19] C:\ProgramData\River Past G5
[10/08/2008|18:12] C:\ProgramData\Roxio
[09/01/2009|23:40] C:\ProgramData\Skype
[20/12/2008|15:06] C:\ProgramData\SolidWorks
[10/08/2008|14:45] C:\ProgramData\Sonic
[19/04/2009|17:15] C:\ProgramData\Sony
[09/03/2009|22:16] C:\ProgramData\Sports Interactive
[02/11/2006|15:02] C:\ProgramData\Start Menu
[04/05/2009|12:29] C:\ProgramData\stop 4
[14/10/2008|17:21] C:\ProgramData\Symantec
[19/01/2009|13:33] C:\ProgramData\Syncrosoft
[19/04/2009|17:41] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[12/01/2009|18:32] C:\ProgramData\TuneUp Software
[27/08/2008|11:27] C:\ProgramData\UDL
[04/06/2008|21:16] C:\ProgramData\WindowsSearch
[21/02/2009|23:17] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[04/03/2009|15:30] C:\Program Files\7-Zip
[07/05/2009|20:00] C:\Program Files\Acoustica Beatcraft
[07/03/2009|23:05] C:\Program Files\Adobe
[26/10/2008|14:12] C:\Program Files\Alcohol Soft
[07/05/2009|18:13] C:\Program Files\Anuman Interactive
[05/06/2008|10:10] C:\Program Files\Apple Software Update
[07/05/2009|18:13] C:\Program Files\Audacity
[08/02/2009|15:31] C:\Program Files\AviSynth 2.5
[07/11/2008|00:07] C:\Program Files\BitTorrent
[24/01/2009|18:39] C:\Program Files\BitTorrent Ultra Accelerator
[18/07/2008|10:36] C:\Program Files\Bonjour
[05/03/2009|14:22] C:\Program Files\Casse Brique
[17/01/2009|19:46] C:\Program Files\CCleaner
[05/04/2009|21:03] C:\Program Files\Common Files
[13/09/2008|17:16] C:\Program Files\ConvertMovie 4.1
[07/03/2009|16:31] C:\Program Files\Crcle Developement
[01/02/2009|21:06] C:\Program Files\DivX
[13/09/2008|17:21] C:\Program Files\Driver-Soft
[23/02/2009|17:46] C:\Program Files\EA Sports
[08/01/2009|12:40] C:\Program Files\EDIROL
[13/05/2008|11:24] C:\Program Files\eMule
[27/08/2008|11:24] C:\Program Files\epson
[08/02/2009|15:30] C:\Program Files\eRightSoft
[06/01/2009|20:50] C:\Program Files\FairStars Audio Converter
[09/02/2009|10:31] C:\Program Files\ffdshow
[12/05/2008|20:33] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[19/01/2009|23:04] C:\Program Files\Fish Aquarium 3D Screensaver
[19/01/2009|23:02] C:\Program Files\fishaquarium
[28/02/2009|16:29] C:\Program Files\FlashGet Network
[11/01/2009|18:55] C:\Program Files\Free Audio Pack
[19/10/2008|21:28] C:\Program Files\Free Download Manager
[01/02/2009|17:29] C:\Program Files\Free Music Zilla
[29/03/2009|21:21] C:\Program Files\Free Video Converter
[22/02/2009|18:47] C:\Program Files\Golf Adventure Galaxy
[22/02/2009|12:04] C:\Program Files\Google
[26/01/2007|18:16] C:\Program Files\HDReg
[27/01/2009|20:40] C:\Program Files\Hercules
[11/01/2009|18:56] C:\Program Files\Image-Line
[12/10/2008|11:02] C:\Program Files\inKline Global
[14/03/2009|18:36] C:\Program Files\InstallShield Installation Information
[25/03/2009|13:26] C:\Program Files\Internet Explorer
[18/07/2008|10:37] C:\Program Files\iPod
[26/01/2007|18:32] C:\Program Files\ISSENDIS
[18/07/2008|10:37] C:\Program Files\iTunes
[12/01/2009|18:08] C:\Program Files\Java
[08/02/2009|20:50] C:\Program Files\K-Lite Codec Pack
[15/07/2008|14:48] C:\Program Files\Logitech
[02/03/2009|18:02] C:\Program Files\MAGIX
[21/02/2009|23:25] C:\Program Files\Messenger Plus! Live
[14/03/2009|18:35] C:\Program Files\Micro Application
[20/03/2009|23:29] C:\Program Files\Microsoft
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[07/05/2009|18:17] C:\Program Files\Microsoft Office
[26/02/2009|11:25] C:\Program Files\Microsoft Silverlight
[12/05/2008|22:38] C:\Program Files\Microsoft SQL Server Compact Edition
[30/11/2008|19:20] C:\Program Files\Microsoft Visual Studio
[30/11/2008|19:15] C:\Program Files\Microsoft Visual Studio 8
[02/05/2009|21:06] C:\Program Files\Microsoft Works
[30/11/2008|19:18] C:\Program Files\Microsoft.NET
[05/06/2008|17:15] C:\Program Files\Mio Technology
[13/09/2008|17:16] C:\Program Files\MOVAVI
[23/05/2008|19:09] C:\Program Files\Movie Maker
[29/03/2009|14:36] C:\Program Files\Mozilla Firefox
[26/12/2008|19:59] C:\Program Files\MP3Gain
[30/11/2008|19:22] C:\Program Files\MSBuild
[21/02/2009|23:12] C:\Program Files\MSECache
[30/03/2009|19:50] C:\Program Files\NCH Software
[24/12/2008|19:28] C:\Program Files\Nero
[22/10/2008|16:53] C:\Program Files\Norton Internet Security
[14/10/2008|17:25] C:\Program Files\NortonInstaller
[15/11/2008|17:22] C:\Program Files\NOS
[26/01/2007|18:36] C:\Program Files\OFFICE ONE 7.0
[26/01/2007|18:35] C:\Program Files\OFFICE One v7
[08/05/2009|10:06] C:\Program Files\OrangeHSS
[31/08/2008|18:52] C:\Program Files\Outsim
[26/01/2007|18:37] C:\Program Files\Packard Bell
[13/05/2008|11:35] C:\Program Files\Panda Security
[14/07/2008|16:58] C:\Program Files\PhotoFiltre
[08/11/2008|16:30] C:\Program Files\PowerISO
[14/05/2008|18:57] C:\Program Files\ProtectDisc Driver Installer
[05/09/2008|17:34] C:\Program Files\QuickTime
[14/05/2008|20:57] C:\Program Files\Real
[26/01/2007|18:14] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[22/02/2009|13:03] C:\Program Files\ReflexiveArcade
[29/12/2008|14:49] C:\Program Files\RegCleaner
[26/01/2007|18:21] C:\Program Files\Roxio
[25/12/2008|12:12] C:\Program Files\SAGEM
[04/03/2009|15:27] C:\Program Files\SolidWorks
[04/03/2009|14:58] C:\Program Files\Sonic and Knuckles
[04/03/2009|14:59] C:\Program Files\Sonik Synth 2 Free
[19/04/2009|17:13] C:\Program Files\Sony
[19/04/2009|17:10] C:\Program Files\Sony Setup
[09/03/2009|22:02] C:\Program Files\Sports Interactive
[20/01/2009|13:26] C:\Program Files\Steinberg
[26/03/2009|09:29] C:\Program Files\Symantec
[05/03/2009|12:45] C:\Program Files\Syncrosoft
[30/12/2008|18:06] C:\Program Files\ToniArts
[07/05/2009|23:02] C:\Program Files\trend micro
[12/01/2009|18:33] C:\Program Files\TuneUp Utilities 2008
[18/04/2009|22:37] C:\Program Files\Unlocker
[25/01/2009|21:02] C:\Program Files\VirtualDJ
[19/04/2009|17:24] C:\Program Files\VstPlugins
[30/09/2008|18:25] C:\Program Files\Webteh
[17/01/2009|18:22] C:\Program Files\Winamp
[06/12/2008|10:34] C:\Program Files\Winamp Remote
[23/05/2008|19:09] C:\Program Files\Windows Calendar
[23/05/2008|19:09] C:\Program Files\Windows Collaboration
[23/05/2008|19:09] C:\Program Files\Windows Defender
[21/02/2009|23:13] C:\Program Files\Windows Installer Clean Up
[21/02/2009|23:22] C:\Program Files\Windows Live
[16/04/2009|11:47] C:\Program Files\Windows Mail
[17/12/2008|15:16] C:\Program Files\Windows Media Components
[26/02/2009|11:24] C:\Program Files\Windows Media Player
[12/05/2008|20:33] C:\Program Files\Windows NT
[23/05/2008|19:09] C:\Program Files\Windows Photo Gallery
[23/05/2008|19:09] C:\Program Files\Windows Sidebar
[07/12/2008|19:05] C:\Program Files\WinRAR
[09/11/2008|15:18] C:\Program Files\WMV9_VCM
[29/05/2008|22:00] C:\Program Files\Zero G Registry

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[31/12/2008|11:28] C:\Program Files\Common Files\Acon Digital Media
[07/03/2009|23:03] C:\Program Files\Common Files\Adobe
[24/12/2008|19:32] C:\Program Files\Common Files\Ahead
[08/10/2008|10:18] C:\Program Files\Common Files\aol
[26/01/2007|18:18] C:\Program Files\Common Files\aolshare
[05/06/2008|10:20] C:\Program Files\Common Files\Apple
[07/04/2009|10:19] C:\Program Files\Common Files\AVSMedia
[07/05/2009|18:17] C:\Program Files\Common Files\DESIGNER
[14/10/2008|20:00] C:\Program Files\Common Files\France Telecom
[05/06/2008|17:13] C:\Program Files\Common Files\InstallShield
[01/06/2008|12:13] C:\Program Files\Common Files\Java
[20/03/2009|23:28] C:\Program Files\Common Files\logishrd
[07/03/2009|22:42] C:\Program Files\Common Files\Macrovision Shared
[17/05/2008|18:20] C:\Program Files\Common Files\MAGIX Shared
[02/05/2009|21:07] C:\Program Files\Common Files\microsoft shared
[21/12/2008|12:56] C:\Program Files\Common Files\Nero
[26/01/2007|18:18] C:\Program Files\Common Files\Nullsoft
[16/06/2008|08:57] C:\Program Files\Common Files\Panda Software
[01/02/2009|20:56] C:\Program Files\Common Files\PX Storage Engine
[30/11/2008|13:19] C:\Program Files\Common Files\Real
[26/01/2007|18:21] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[04/03/2009|15:26] C:\Program Files\Common Files\SolidWorks Shared
[26/01/2007|18:21] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[26/01/2007|18:21] C:\Program Files\Common Files\SureThing Shared
[22/10/2008|17:22] C:\Program Files\Common Files\Symantec Shared
[02/05/2009|21:03] C:\Program Files\Common Files\System
[21/02/2009|21:27] C:\Program Files\Common Files\Windows Live
[12/05/2008|22:35] C:\Program Files\Common Files\WindowsLiveInstaller
[12/01/2009|18:30] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 56 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-08 12:51:09
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 96

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Mickael\AppData\Roaming\BitTorrent\Adobe Photoshop CS3 Extended + Crack.rar.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation.1.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\doom 3 + patch V3.1 +crack nocd.rar.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Fruity Loops Studio 7 Full + Crack.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%).rar.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Ma 6-t Va Crack-er.avi.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Ma 6T va crack-er.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\MAGIX.Music.Maker.14.v13.0.2.1 + crack.1.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\MAGIX.Music.Maker.14.v13.0.2.1 + crack.2.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\MAGIX.Music.Maker.14.v13.0.2.1 + crack.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Nero 7.11.6.0 [With keygen and Activator].torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Norton-AV-2008-Incl Keygen Fully Avtivated.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Norton-AV-2008-InclKeygen.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\SolidWorks Crack.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Sony Vegas Pro 8.0c Build 260 + Keygen.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen.1.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen.2.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen.torrent
C:\Users\Mickael\AppData\Roaming\BitTorrent\UseNeXT 4.34 + Crack.rar.torrent
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation
C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Cubase Studio 4 Hybride (Mac et PC).iso
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Nouveau document texte.txt
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Read Me!!!.nfo
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Update_HALion_3.3.1.456.exe
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\SYNSOACC.dll
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1\Cubase_4.5.2.274_Update.exe
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1\Cubase_Studio_Patch_411.msp
C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1\Update_HALionOne_1.1.0.0.exe
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Crack
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Crack\fm91_t1.exe
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Instructions.txt
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Keygen
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Patch FR
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Keygen\Keygen.exe
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Keygen\readme.txt
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Patch FR\french.ltc
C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Patch\fm2009-crack&patch.sfv
C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Blackcat.nfo
C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Crack
C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Crack\Blackcat.txt
C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Crack\MusicMaker.exe
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack.rar
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\Cubase sx3.exe
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\Leeme.txt
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\SYNSOACC.dll
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\SYNSOACC.dll Original
C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\SYNSOACC.dll Original\SYNSOACC.dll
C:\Users\Mickael\Documents\Nouveau dossier\(Serial-Crack-Keygen) - Alcohol 120% and Fantom CD Serials.txt
C:\Users\Mickael\Documents\Nouveau dossier\Ableton Live 7.0.7 FULL crack serial.txt
C:\Users\Mickael\Documents\Nouveau dossier\Alcohol 120% 1.9.7.6221 Retail Crack.txt
C:\Users\Mickael\Documents\Nouveau dossier\ALL SERIAL Cracks,serialnumbers,keygenerators,nero,corel draw,antivirus,adobe,macromedia, norton,paint shop pro,winrar,winzip,x win,astalav.doc
C:\Users\Mickael\Documents\Nouveau dossier\Cracks,Serialnumbers,Keygenerators,Nero,Corel Draw,Antivirus,Adobe,Macromedia, Norton,Paint Shop Pro,Winrar,Winzip,X Win,Astalav.txt
C:\Users\Mickael\Documents\Nouveau dossier\keygen virtual dj 5.0.txt
C:\Users\Mickael\Documents\Nouveau dossier\Nero 9 Ultra Edition 9.0.9.4b + New KeyGen serial valid crack Burning ROM retail upgrade box version.txt
C:\Users\Mickael\Documents\Parole\Nouveau dossier\A VOIR FABULEUX astuces Liste Grossiste Codes Allopass Complet [allopass.crack.site.comment.dvix.Sel 2 Mer.By.Flaviman].rtf
C:\Users\Mickael\Documents\Sample\Pro Samples\ReFX.quadraSID.VSTi.v1.6.incl.KeyGen-BEAT.rar
C:\Users\Mickael\Documents\Sample\Pro Samples\E-Lab Smokers Delight. Sample CD 16bit 44.1kHz .wav\A68-70_FxVox_Loops_80_90_100\A68_MpcScr2_eLAB_Crackl_080.wav
C:\Users\Mickael\Documents\Sample\Pro Samples\E-Lab Smokers Delight. Sample CD 16bit 44.1kHz .wav\A68-70_FxVox_Loops_80_90_100\A68_MpcScr3_eLAB_Crack2_080.wav
C:\Users\Mickael\Documents\Sample\Pro Samples\E-Lab Smokers Delight. Sample CD 16bit 44.1kHz .wav\A68-70_FxVox_Loops_80_90_100\A70_MpcVox3_eLAB_Crackl_100.wav
C:\Users\Mickael\Documents\Sample\Pro Samples\URBAN WARFARE - AIFF\HARD HITN HORNS 3\HN_HORNONCRACK.AIF
C:\Users\Mickael\Documents\Sample\Pro Samples\URBAN WARFARE - WAV\HARD HITN HORNS 3\HN_HORNONCRACK.WAV
C:\Users\Mickael\Documents\Sample\Sound sample\2431-117_Jovica_Tonic_Electronic_Drum_Samples\38254_Jovica_Tonic_Crack.flac
C:\Users\Mickael\Downloads\Crack
C:\Users\Mickael\Downloads\Crack\Craagle.exe
C:\Users\Mickael\Downloads\Crack\Options.ini
C:\Users\Mickael\Downloads\Crack\proxy.txt
C:\Users\Mickael\Music\Assassin-Rockin' Squat\2007-TOO HOT FOR TV\5 Crack game.mp3
C:\Users\Mickael\Videos\Ma 6-t Va Crack-er.avi


[F:1729][D:351]-> C:\Users\Mickael\AppData\Local\Temp
[F:86][D:1]-> C:\Users\Mickael\AppData\Roaming\MICROS~1\Windows\Cookies
[F:3983][D:9]-> C:\Users\Mickael\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:184][D:15]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 08/05/2009|10:46 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/05/2009|13:35 - Option : [2]

--------------------\\ Fin du rapport a 13:35:52
[ UAC => 1 ]



Pour info ce n'est plus l'explorateur windows qui utilise 700 000 K mais SearchProtocolHost.exe

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Program Files\Crcle Developement moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Windows\temp\JETD2A1.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\JETDE1B.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05082009_153503

Files moved on Reboot...
File C:\Windows\temp\JETD2A1.tmp not found!
C:\Windows\temp\JETDE1B.tmp moved successfully.

Voici le rapport :

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2095
Windows 6.0.6001 Service Pack 1

08/05/2009 19:39:24
mbam-log-2009-05-08 (19-39-24).txt

Type de recherche: Examen rapide
Eléments examinés: 87670
Temps écoulé: 6 minute(s), 48 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1" ) Good: (regedit.exe "%1" ) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Il a l'air de ramer un peu moins mais rame encore

Finalement si l'ordinateur rame toujours autant la mémoire utilisé tourne à 95% alors qu'avant elle tourné
a 40 maxi


Voila le Log :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mickael at 2009-05-08 21:48:57
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 51 GB (22%) free of 230 GB
Total RAM: 1022 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:50:00, on 08/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Webteh\BSplayer\bsplayer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\Mickael\Desktop\RSIT.exe
C:\Program Files\trend micro\Mickael.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi- [...] ey=IESTART
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activ [...] stubie.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.ado [...] nos/gp.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - I:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

--
End of file - 10644 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Extension de garantie.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1134688716-2738016877-902099103-1003.job
C:\Windows\tasks\Recovery DVD Creator.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-15 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-15 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-08 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-15 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-08 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-06-15 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-08-01 222592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Users\Mickael\Program Files\DNA\btdna.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CAMP SHIM EXIT HECK]
C:\ProgramData\Part Regs Wave.y4z3meg []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdromatom]
C:\ProgramData\Camp program program.4hnxrwe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DJ Console]
C:\Program Files\Hercules\Audio\Hercules DJ Console\DJConsoleMixer.exe [2004-12-24 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series]
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet]
C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe /min []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-19 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Mickael\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-12-18 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1169828225\ee\AOLSoftware.exe [2006-11-14 50736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-08-25 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-08-25 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-07-10 289064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-10-25 2178832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-20 228088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2006-11-09 3784704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys]
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2006-10-23 1092152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-08 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-06-15 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystrayORAHSS]
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [2006-12-12 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]
C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-01-10 18944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TransVente]
C:\PROGRA~1\TRANSV~1\TransVente.exe 1 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vspdfprsrv.exe]
C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mickael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BitTorrent Ultra Accelerator.lnk]
C:\PROGRA~1\BITTOR~2\BITTOR~1.EXE [2008-12-08 236032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mickael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Moteur du Planificateur de tâches SolidWorks.lnk]
C:\PROGRA~1\SOLIDW~2\SWSCHE~1\SWBOEN~1.EXE []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\River Past\Screen Recorder\ScreenRecorder.exe"="C:\Program Files\River Past\Screen Recorder\ScreenRecorder.exe:*:Enabled:River Past Screen Recorder"
"C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla"
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabledrbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabledrbit"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
shell\AutoRun\command - I:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10371688-96dc-11dd-8969-0019db413655}]
shell\Auto\command - cmd /C launch.bat
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48198042-205c-11dd-be51-00038a000015}]
shell\AutoRun\command - I:\EmDesk.exe
shell\EmDesk\command - I:\EmDesk.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e02d29d6-2058-11dd-ba10-806e6f6e6963}]
shell\AutoRun\command - D:\setup.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-05-08 19:29:14 ----D---- C:\Users\Mickael\AppData\Roaming\Malwarebytes
2009-05-08 19:29:06 ----D---- C:\ProgramData\Malwarebytes
2009-05-08 19:29:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-08 18:57:54 ----A---- C:\Windows\system32\javaws.exe
2009-05-08 18:57:54 ----A---- C:\Windows\system32\javaw.exe
2009-05-08 18:57:53 ----A---- C:\Windows\system32\java.exe
2009-05-08 15:35:03 ----D---- C:\_OTMoveIt
2009-05-08 10:36:25 ----A---- C:\lopR.txt
2009-05-08 10:34:44 ----D---- C:\Lop SD
2009-05-07 23:00:15 ----D---- C:\Program Files\trend micro
2009-05-07 23:00:05 ----D---- C:\rsit
2009-05-06 19:49:16 ----D---- C:\Program Files\Acoustica Beatcraft
2009-04-21 15:01:29 ----D---- C:\Users\Mickael\AppData\Roaming\Anuman Interactive
2009-04-19 17:27:49 ----D---- C:\Users\Mickael\AppData\Roaming\Publish Providers
2009-04-19 17:21:42 ----D---- C:\Users\Mickael\AppData\Roaming\Sony
2009-04-19 17:15:05 ----D---- C:\ProgramData\Sony
2009-04-19 17:13:09 ----D---- C:\Program Files\Sony
2009-04-19 17:10:49 ----D---- C:\Program Files\Sony Setup
2009-04-15 11:23:21 ----A---- C:\Windows\system32\xolehlp.dll
2009-04-15 11:23:21 ----A---- C:\Windows\system32\msdtcprx.dll
2009-04-15 11:23:04 ----A---- C:\Windows\system32\winhttp.dll
2009-04-15 11:21:03 ----A---- C:\Windows\system32\rpcss.dll
2009-04-15 11:21:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-04-15 11:21:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-04-15 11:20:58 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-04-15 11:20:57 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-04-15 11:20:56 ----A---- C:\Windows\system32\sdohlp.dll
2009-04-15 11:20:56 ----A---- C:\Windows\system32\iasrecst.dll
2009-04-15 11:20:56 ----A---- C:\Windows\system32\iasdatastore.dll
2009-04-15 11:20:55 ----A---- C:\Windows\system32\iashost.exe
2009-04-15 11:20:55 ----A---- C:\Windows\system32\iasads.dll
2009-04-15 11:20:12 ----A---- C:\Windows\system32\lsasrv.dll
2009-04-15 11:20:11 ----A---- C:\Windows\system32\kernel32.dll
2009-04-15 11:20:09 ----A---- C:\Windows\system32\secur32.dll
2009-04-15 11:20:07 ----A---- C:\Windows\system32\apilogen.dll
2009-04-15 11:20:07 ----A---- C:\Windows\system32\amxread.dll

======List of files/folders modified in the last 1 months======

2009-05-08 21:48:54 ----D---- C:\Windows\Temp
2009-05-08 19:48:28 ----D---- C:\Windows\Tasks
2009-05-08 19:43:57 ----SHD---- C:\Config.Msi
2009-05-08 19:43:41 ----D---- C:\Windows\system32\drivers
2009-05-08 19:29:06 ----D---- C:\ProgramData
2009-05-08 19:29:06 ----D---- C:\Program Files
2009-05-08 19:26:21 ----SHD---- C:\Windows\Installer
2009-05-08 19:21:01 ----D---- C:\ProgramData\Adobe
2009-05-08 19:20:16 ----D---- C:\Program Files\Common Files\Adobe
2009-05-08 19:19:58 ----D---- C:\Program Files\Adobe
2009-05-08 19:16:20 ----D---- C:\Windows\System32
2009-05-08 19:15:23 ----SHD---- C:\System Volume Information
2009-05-08 19:00:02 ----SD---- C:\Windows\Downloaded Program Files
2009-05-08 18:56:58 ----A---- C:\Windows\system32\deploytk.dll
2009-05-08 18:51:30 ----D---- C:\Program Files\Java
2009-05-08 18:51:29 ----D---- C:\Program Files\Common Files
2009-05-08 16:49:00 ----D---- C:\Windows\winsxs
2009-05-08 16:48:59 ----D---- C:\Program Files\Internet Explorer
2009-05-08 15:10:16 ----D---- C:\Windows\system32\catroot
2009-05-08 10:47:31 ----A---- C:\Windows\NeroDigital.ini
2009-05-08 10:10:02 ----A---- C:\ExtractLog.txt
2009-05-08 10:06:59 ----D---- C:\Program Files\OrangeHSS
2009-05-08 09:04:41 ----D---- C:\ProgramData\Google Updater
2009-05-08 09:01:43 ----D---- C:\Windows
2009-05-07 18:17:41 ----D---- C:\Program Files\Microsoft Office
2009-05-07 18:17:41 ----D---- C:\Program Files\Common Files\DESIGNER
2009-05-07 18:13:39 ----D---- C:\Program Files\Anuman Interactive
2009-05-07 18:13:18 ----D---- C:\Program Files\Audacity
2009-05-07 18:13:17 ----D---- C:\Windows\Prefetch
2009-05-07 11:54:52 ----D---- C:\Windows\system32\catroot2
2009-05-06 20:04:55 ----D---- C:\Users\Mickael\AppData\Roaming\BitTorrent
2009-05-06 13:05:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-06 13:05:06 ----D---- C:\Windows\inf
2009-05-06 12:48:17 ----A---- C:\Windows\Robota.INI
2009-05-06 12:48:17 ----A---- C:\Windows\BeatBox.INI
2009-05-04 12:29:57 ----D---- C:\ProgramData\stop 4
2009-05-02 21:12:36 ----D---- C:\ProgramData\Microsoft Help
2009-05-02 21:10:52 ----RSD---- C:\Windows\assembly
2009-05-02 21:07:56 ----RSD---- C:\Windows\Fonts
2009-05-02 21:07:38 ----D---- C:\Program Files\Common Files\microsoft shared
2009-05-02 21:06:53 ----D---- C:\Program Files\Microsoft Works
2009-05-02 21:03:48 ----A---- C:\Windows\win.ini
2009-05-02 21:03:47 ----D---- C:\Program Files\Common Files\System
2009-04-29 10:27:24 ----D---- C:\temp
2009-04-28 20:06:20 ----D---- C:\Windows\system32\LogFiles
2009-04-24 23:11:28 ----D---- C:\Users\Mickael\AppData\Roaming\BSplayer
2009-04-21 22:00:02 ----D---- C:\Windows\Debug
2009-04-19 17:41:10 ----AD---- C:\ProgramData\TEMP
2009-04-19 17:24:14 ----D---- C:\Program Files\VstPlugins
2009-04-18 22:37:00 ----D---- C:\Program Files\Unlocker
2009-04-16 11:47:48 ----D---- C:\Windows\system32\wbem
2009-04-16 11:47:48 ----D---- C:\Program Files\Windows Mail
2009-04-16 11:47:47 ----D---- C:\Windows\system32\manifeststore
2009-04-16 11:47:47 ----D---- C:\Windows\AppPatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-03-25 482352]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-03-25 371248]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\elrawdsk.sys [2008-09-03 12800]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090501.001\IDSvix86.sys [2009-01-29 292912]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\Windows\system32\drivers\NIS\1005000.087\SRTSPX.SYS [2009-03-12 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-03-12 25136]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392]
R2 acedrv10;acedrv10; \??\C:\Windows\system32\drivers\acedrv10.sys [2007-07-27 330144]
R2 acehlp10;acehlp10; \??\C:\Windows\system32\drivers\acehlp10.sys [2007-07-27 251680]
R3 CLEDX;Team H2O CLEDX service; C:\Windows\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-03-25 101936]
R3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fetnd6v.sys [2008-09-22 43520]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-08 1647976]
R3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090508.003\NAVENG.SYS [2009-03-25 89104]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090508.003\NAVEX15.SYS [2009-03-25 876144]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-03-26 124464]
R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776]
R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1005000.087\SYMNDISV.SYS [2009-03-12 39984]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S2 Nsynas32;Nsynas32; C:\Windows\system32\drivers\Nsynas32.sys []
S3 alha9p7u;alha9p7u; C:\Windows\system32\drivers\alha9p7u.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\Windows\system32\DRIVERS\fetnd5bv.sys [2008-02-26 43520]
S3 FETNDIS;Service de pilote de carte VIA famille Rhine 10/100Mo Fast Ethernet; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter; \??\C:\Users\Mickael\AppData\Local\Temp\Low\OnlineScanner\Anti-Virus\fsgk.sys []
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-03-29 47360]
S3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\NIS\1002000.007\SYMDNS.SYS []
S3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\NIS\1002000.007\SYMREDRV.SYS []
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynasUSB.sys [2007-10-24 23288]
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-19 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [2006-11-01 33588]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2008-01-19 31616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2006-12-12 57344]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-20 166648]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-20 887544]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; I:\Program Files\MAGIX\Common\Database\bin\fbserver.exe []
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-07 654848]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-19 29744]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-07-10 532264]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2008-12-20 79360]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-01-12 355584]
S3 UPnPService;UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

Pour info, avant hier dans l'après midi bien avant que le PC se soit mis à ramer,
un logiciel avait était installé, c'est BeatCraft, la version démo téléchargé sur 01.net.
Mais je doute que se soit lui qui ait fait buger mon PC on ne sait jamais. Je l'ai désinstallé depuis.

Tu parles de la restauration système ?

Je n'ai pas compris.

Je t'ai demandé si tu parlais de la restauration système et tu m'as répondu non...

Je n'ai pas de solution pour toi.