Tom's Guide > Forum > Sécurité - Virus > Infecté par un cheval de troie

Infecté par un cheval de troie

Forum Sécurité - Virus : Infecté par un cheval de troie

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !

Contenu relatif
Actualités
Téléchargement

Voir tous les sujets correspondants à "infecte cheval troie"

Créer un nouveau sujet Répondre

Bas de page Chercher dans ce sujet

bonjour quelqu'un peut m'aider ? Voila depuis hier avast se met en alerte car il y a un cheval de troie. pouvez vous me donner toute la démarche a suivre pour le supprimer ? merci d'avance

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Bonjour,

Tu peux me donner l'emplacement de l'infection ?

Télécharge Random's System Information Tool (RSIT) (de random/random) et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (qui sera affiché)

ainsi que de info.txt (qui sera réduit dans la Barre des Tâches)

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
Répondre à Angeldark

Logfile of random's system information tool 1.06 (written by random/random)
Run by gregory at 2009-06-17 11:50:06
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 46 GB (62%) free of 74 GB
Total RAM: 1215 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:50:45, on 17/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\gregory\Mes documents\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\gregory.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://moteur.chat-land.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=13928&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/adve [...] t=redirect
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe,
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [cch] C:\WINDOWS\system32\cch.exe \u
O4 - HKLM\..\Run: [rgcr3cj0er1q] C:\WINDOWS\system32\qgct3cj0er1q.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [gregory] C:\Documents and Settings\gregory\gregory.exe /i
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Documents and Settings\gregory\Bureau\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Documents and Settings\gregory\Bureau\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Documents and Settings\gregory\Bureau\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Documents and Settings\gregory\Bureau\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\1616031.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\1616031.dll
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawfl [...] awflow.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O20 - Winlogon Notify: adsveoco - C:\WINDOWS\SYSTEM32\adsveoco.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9e374a88d47b4) (gupdate1c9e374a88d47b4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe

--
End of file - 12300 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2009-02-07 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-03 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-03 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-09-26 352256]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2009-02-07 806912]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-06-28 185632]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"a-squared"=C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe [2009-06-02 2940560]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-11-06 29744]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-05-26 414480]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-03 148888]
"cch"=C:\WINDOWS\system32\cch.exe \u []
"rgcr3cj0er1q"=C:\WINDOWS\system32\qgct3cj0er1q.exe []
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-04-30 3885408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"UberIcon"=C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 180224]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-04-02 68856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"gregory"=C:\Documents and Settings\gregory\gregory.exe [2009-06-15 21090]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-11-06 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower]
SiSPower.dll,ModeAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-04-02 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UberIcon]
C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

C:\Documents and Settings\gregory\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\adsveoco]
C:\WINDOWS\system32\adsveoco.dll [2009-04-23 65536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoBandCustomize"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Acer\Acer eConsole\eConsole.exe"="C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole"
"C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"="C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server"
"C:\Program Files\Acer TV-FM\PowerCinema.exe"="C:\Program Files\Acer TV-FM\PowerCinema.exe:*:Enabled:CyberLink PowerCinema"
"C:\Program Files\Acer TV-FM\PCMService.exe"="C:\Program Files\Acer TV-FM\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*isabled:LEXPPS.EXE"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*isabled:Firefox"
"C:\WINDOWS\temp\~os3.tmp\ossproxy.exe"="C:\WINDOWS\temp\~os3.tmp\ossproxy.exe:*:Enabledssproxy.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\RomuSoft\romustrike\romustrike.exe"="C:\Program Files\RomuSoft\romustrike\romustrike.exe:*:Enabled:romustrike"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Documents and Settings\gregory\Local Settings\Temp\7zS6B.tmp\SymNRT.exe"="C:\Documents and Settings\gregory\Local Settings\Temp\7zS6B.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\gregory\Local Settings\Temp\usmt\migwiz.exe"="C:\Documents and Settings\gregory\Local Settings\Temp\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
"C:\Games\Paintball2\paintball2.exe"="C:\Games\Paintball2\paintball2.exe:*:Enabledaintball2"
"C:\Program Files\Valve\hlds.exe"="C:\Program Files\Valve\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\gregory\vpjcpch.exe"="C:\Documents and Settings\gregory\vpjcpch.exe:*:Enabled:ENABLE"
"C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe"="C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe:*:Enabled:ENABLE"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:ENABLE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======File associations======

.scr - open - "%1" %*

======List of files/folders created in the last 1 months======

2009-06-17 11:50:06 ----D---- C:\rsit
2009-06-17 11:43:51 ----A---- C:\WINDOWS\ntbtlog.txt
2009-06-16 12:17:38 ----D---- C:\TORRENT
2009-06-16 11:49:36 ----D---- C:\WINDOWS\LastGood.Tmp
2009-06-16 11:49:31 ----D---- C:\Program Files\Avira
2009-06-16 11:49:31 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-06-16 10:05:25 ----A---- C:\WINDOWS\regedit.exe
2009-06-16 10:02:23 ----D---- C:\WINDOWS\ERUNT
2009-06-16 09:42:15 ----HDC---- C:\Documents and Settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-06-16 09:24:55 ----D---- C:\Program Files\CleanUp!
2009-06-15 15:59:08 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-06-15 13:36:11 ----D---- C:\SDFix
2009-06-15 10:56:04 ----RSH---- C:\WINDOWS\system32\1616031.dll
2009-06-15 10:56:00 ----A---- C:\WINDOWS\system32\sgcp3cj0er1q.dll
2009-06-15 10:39:26 ----D---- C:\Program Files\WinZip
2009-06-12 14:38:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 14:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 14:36:21 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 14:35:32 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-08 14:17:41 ----D---- C:\Program Files\Valve
2009-06-08 12:46:59 ----D---- C:\Program Files\Steam
2009-06-03 14:21:07 ----D---- C:\Games
2009-06-03 12:13:11 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-06-02 19:07:42 ----D---- C:\Documents and Settings\All Users\Application Data\ashampoo
2009-06-02 19:07:24 ----D---- C:\Program Files\Ashampoo
2009-06-02 13:56:48 ----D---- C:\Documents and Settings\gregory\Application Data\DivX
2009-06-02 13:56:17 ----D---- C:\Documents and Settings\gregory\Application Data\AVS4YOU
2009-06-02 13:56:15 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2009-06-02 13:55:14 ----D---- C:\Program Files\Fichiers communs\AVSMedia
2009-06-02 13:55:13 ----D---- C:\Program Files\AVS4YOU
2009-06-02 13:24:47 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-06-02 13:24:47 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-06-02 13:24:47 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-06-02 13:24:04 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-06-02 13:15:23 ----D---- C:\Documents and Settings\gregory\Application Data\Dr. DivX 2.0 OSS
2009-06-02 13:10:24 ----D---- C:\Program Files\AviSynth 2.5
2009-06-01 16:09:34 ----A---- C:\WINDOWS\UPGRADE.TXT
2009-06-01 13:21:02 ----D---- C:\Program Files\Trend Micro
2009-05-30 11:54:17 ----A---- C:\WINDOWS\system32\nsn70.tmp
2009-05-30 11:53:08 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-05-30 11:48:08 ----RA---- C:\WINDOWS\system32\nsa1C3.tmp
2009-05-30 08:31:29 ----D---- C:\Program Files\uTorrent
2009-05-30 08:31:24 ----D---- C:\Documents and Settings\gregory\Application Data\uTorrent
2009-05-29 16:07:39 ----D---- C:\Program Files\VS Revo Group
2009-05-29 15:36:26 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-05-29 15:01:18 ----D---- C:\Documents and Settings\gregory\Application Data\TeamViewer
2009-05-21 14:43:51 ----D---- C:\Program Files\eMule
2009-05-21 14:05:38 ----A---- C:\WINDOWS\FakeInlogPass.txt
2009-05-21 13:40:55 ----D---- C:\WINDOWS\system32\Windows Core Component
2009-05-21 12:15:56 ----A---- C:\WINDOWS\uninst.exe

======List of files/folders modified in the last 1 months======

2009-06-17 11:43:51 ----AD---- C:\WINDOWS
2009-06-17 11:43:18 ----D---- C:\Documents and Settings\gregory\Application Data\LimeWire
2009-06-17 11:40:37 ----AD---- C:\WINDOWS\system32
2009-06-17 11:40:32 ----D---- C:\Program Files\LimeWire
2009-06-17 11:37:52 ----D---- C:\WINDOWS\temp
2009-06-17 10:42:03 ----D---- C:\Program Files\Mozilla Firefox
2009-06-16 14:49:17 ----HD---- C:\WINDOWS\inf
2009-06-16 11:49:38 ----AD---- C:\WINDOWS\system32\drivers
2009-06-16 11:49:31 ----D---- C:\Program Files
2009-06-16 11:34:03 ----D---- C:\Program Files\WinRAR
2009-06-16 11:23:38 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-16 11:07:07 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-16 10:04:09 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-06-16 09:26:07 ----D---- C:\temp
2009-06-15 16:29:27 ----SD---- C:\WINDOWS\Tasks
2009-06-15 14:44:14 ----D---- C:\WINDOWS\Prefetch
2009-06-15 12:35:18 ----ASH---- C:\boot.ini
2009-06-15 12:34:26 ----A---- C:\WINDOWS\system32\winlogon.exe
2009-06-15 12:34:11 ----A---- C:\WINDOWS\system32\svchost.exe
2009-06-15 12:33:37 ----A---- C:\WINDOWS\system32\services.exe
2009-06-15 12:32:42 ----A---- C:\WINDOWS\system32\lsass.exe
2009-06-15 11:47:31 ----D---- C:\WINDOWS\Debug
2009-06-15 10:43:16 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-06-15 10:39:44 ----SHD---- C:\Config.Msi
2009-06-14 19:45:00 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-06-12 14:38:38 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-12 14:36:04 ----D---- C:\WINDOWS\system32\fr-fr
2009-06-12 14:36:04 ----D---- C:\Program Files\Internet Explorer
2009-06-10 12:56:40 ----RSD---- C:\WINDOWS\Fonts
2009-06-10 12:56:28 ----D---- C:\Program Files\Microsoft Office
2009-06-10 12:56:24 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-06-10 12:55:53 ----D---- C:\Program Files\MSECache
2009-06-08 14:17:41 ----HD---- C:\Program Files\InstallShield Installation Information
2009-06-03 12:13:03 ----A---- C:\WINDOWS\system32\javaws.exe
2009-06-03 12:13:02 ----A---- C:\WINDOWS\system32\javaw.exe
2009-06-03 12:13:02 ----A---- C:\WINDOWS\system32\java.exe
2009-06-03 12:13:00 ----D---- C:\Program Files\Java
2009-06-02 21:26:45 ----D---- C:\WINDOWS\WinSxS
2009-06-02 13:55:14 ----D---- C:\Program Files\Fichiers communs
2009-06-02 13:33:49 ----D---- C:\Program Files\a-squared Anti-Malware
2009-06-02 13:27:47 ----D---- C:\Program Files\Google
2009-06-02 11:12:47 ----AD---- C:\WINDOWS\system
2009-06-01 18:51:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-06-01 16:13:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-06-01 13:39:05 ----A---- C:\WINDOWS\wininit.ini
2009-05-30 11:57:55 ----D---- C:\WINDOWS\Cursors
2009-05-30 11:57:54 ----D---- C:\WINDOWS\system32\usmt
2009-05-30 11:57:54 ----D---- C:\WINDOWS\Media
2009-05-30 11:57:54 ----D---- C:\Program Files\Outlook Express
2009-05-30 11:57:54 ----D---- C:\Program Files\Movie Maker
2009-05-30 11:56:55 ----A---- C:\WINDOWS\BricoPackUninst.txt
2009-05-30 11:56:55 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2009-05-30 11:51:53 ----D---- C:\WINDOWS\BricoPacks
2009-05-29 19:55:04 ----D---- C:\WINDOWS\SxsCaPendDel
2009-05-29 19:35:11 ----A---- C:\WINDOWS\win.ini
2009-05-29 18:48:36 ----D---- C:\Program Files\Yahoo!
2009-05-29 18:40:49 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-05-29 18:40:33 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-05-29 18:38:33 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-05-29 17:44:32 ----D---- C:\Program Files\Team17
2009-05-29 17:39:50 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-05-29 16:45:00 ----D---- C:\Program Files\Lavasoft
2009-05-29 16:45:00 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-05-29 16:42:29 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-05-29 16:23:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-29 16:04:38 ----D---- C:\WINDOWS\system32\Restore
2009-05-29 15:39:23 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-05-26 11:57:38 ----D---- C:\Documents and Settings\gregory\Application Data\FileZilla
2009-05-26 11:14:35 ----D---- C:\Program Files\XaviWare Windows Live Messenger Password Recovery

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-18 13952]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 usbhub;DSC Composite USB Device; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-11-03 6144]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2005-03-18 32256]
R3 SSKBFD;Webroot Spy Sweeper Keylogger Shield Keyboard Filter; C:\WINDOWS\System32\Drivers\sskbfd.sys [2007-03-01 21056]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2005-07-13 11904]
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
S1 wceusbsh;Pilote d'hôte USB série pour Windows CE; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 32128]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
S2 ati64si;ati64si; \??\C:\WINDOWS\system32\drivers\ati64si.sys []
S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
S2 Ca533av;JDC 3.0S Webcam; C:\WINDOWS\System32\Drivers\Ca533av.sys [2002-10-21 515803]
S2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
S2 ksi32sk;ksi32sk; \??\C:\WINDOWS\system32\drivers\ksi32sk.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-18 3644800]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
S3 catchme;catchme; \??\C:\DOCUME~1\gregory\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CoachUsb;Digital Camera on USB; C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-01-22 46944]
S3 DMSKSSRh;DMSKSSRh; \??\C:\DOCUME~1\GREGOR~1\LOCALS~1\Temp\DMSKSSRh.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\WNt500x86\Sandra.sys []
S3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2005-07-13 257024]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 USBCamera;JDC 3.0S Camera; C:\WINDOWS\System32\Drivers\Bulk533.sys [2003-05-14 11048]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2005-10-04 280064]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 a2AntiMalware;a-squared Anti-Malware Service; C:\Program Files\a-squared Anti-Malware\a2service.exe [2009-06-02 717320]
S2 Acer Media Server;Acer Media Server; C:\Program Files\Acer\Acer eConsole\MediaServerService.exe [2006-05-04 438272]
S2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-03-29 28672]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]
S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
S2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe [2006-03-29 266338]
S2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe []
S2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe [2006-03-29 1073152]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gupdate1c9e374a88d47b4;Service Google Update (gupdate1c9e374a88d47b4); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-02 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S2 ioloFileInfoList;iolo FileInfoList Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe []
S2 ioloSystemService;iolo System Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe []
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-03 152984]
S2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2006-04-17 311296]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-05-26 194832]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-11-06 29744]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe [2008-12-11 98488]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-06-15 14336]
S4 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2006-12-15 69120]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

et voici l'info.txt

info.txt logfile of random's system information tool 1.06 2009-06-17 11:50:54

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3BB529C7-855D-11D7-8444-0050BA1D384D}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
Acer eConsole-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC028E6B-F3F1-4192-B63E-A7C97302ED5A}\setup.exe" -l0x40c
Acer eMode Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65CDEC30-4BF4-48FB-8059-9FC480E4E94F}\setup.exe" -l0x40c
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer ePerformance Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F30-8000-9E72BC771887}\setup.exe" -l0x40c -removeonly
Acer WLAN 11g USB Dongle-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{0CB98AC0-D691-4B21-AD3D-95982517021D} /l1036
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ashampoo Movie Shrink & Burn 3.02-->"C:\Program Files\Ashampoo\Ashampoo Movie Shrink & Burn 3\unins000.exe"
a-squared Anti-Malware 4.0-->"C:\Program Files\a-squared Anti-Malware\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bibliothèques GTK+ 2.6.10 rev a (supprimer uniquement)-->C:\Program Files\Fichiers communs\GTK\2.0\uninst.exe
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
CleanUp!-->C:\Program Files\CleanUp!\uninstall.exe
Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{17E57E89-DDB3-4f76-9AF1-A8E01CC633E4}
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19
Destinator Console-->C:\NAVIGA~1\INSTAL~1\UNWISE.EXE C:\NAVIGA~1\INSTAL~1\INSTALL.LOG
Digimax Master-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}\Setup.exe" -l0x40c -removeonly
Dual Mode Digital Camera Z-->C:\Program Files\InstallShield Installation Information\{3C516E56-0B4B-4BDE-88A2-035B4D170A26}\setup.exe -runfromtemp -l0x040c -removeonly
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\2.0.172.31\Installer\setup.exe" --uninstall --system-level
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
JDC 3.0S Camera-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1205500-2179-11D7-B0B9-0000E24D4B29}\setup.exe" -l0x9 -removeonly
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lexmark 1200 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXCZUN5C.EXE -dLexmark 1200 Series
LimeWire 5.1.3-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
NTI Backup NOW! 4-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1036 BUN4
NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
OpenOffice.org 2.0-->MsiExec.exe /I{752783F5-0CFC-44C3-9E1F-CAF17C4508E7}
OpenOffice.org 2.4-->MsiExec.exe /I{2CD2C0DB-81C3-416B-9FA6-589B9235359B}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
PDFCreator Toolbar-->"C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_1812.exe" _?=C:\Program Files\PDFCreator Toolbar
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Presto! Mr. Photo 4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAF7A270-55D5-455F-B0D1-6C51EADC1C3A}\SETUP.EXE" -l0x40c -uninst -removeonly
Presto! VideoWorks 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B0C0F5E6-10B1-11D6-9296-0050BA073EEC}\SETUP.EXE" -l0x40c anything -removeonly
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
ResEdit (remove only)-->"C:\Program Files\TGTSoft\ResEdit\ResEdit-uninstall.exe"
Revo Uninstaller 1.83-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
romustrike-->MsiExec.exe /I{F70315E0-D82D-4D09-9EE0-28BB6EAC76FE}
Samsung USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{86D6A20D-3910-4441-A3E5-EB6977251C86}\Setup.exe" anything
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sélecteur d'installation de Microsoft Works 2005-->C:\Program Files\Microsoft Works Suite 2005\Setup\Launcher.exe /ARP E:\
SiS 900 PCI Fast Ethernet Adapter Driver-->C:\Progra~1\SiSLan\Uninst.exe
SiSAGP driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe" -l0x40c
SiSoftware Sandra Lite 2009.SP2-->"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VirginMega.Fr Premium-->MsiExec.exe /I{EE467474-04A8-48D5-8DDF-0F8D3A3CCBE5}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}
WordFree PDF-->"C:\Program Files\WordFree PDF\unins000.exe"

=====HijackThis Backups=====

F2 - REG:system.ini: Shell=Explorer.exe "" [2009-06-01]
O2 - BHO: (no name) - {AD82DB5A-9F78-4564-8E55-5B1C54BD0DEB} - (no file) [2009-06-01]
O2 - BHO: (no name) - {4CA90A92-0377-4CA4-A509-E15E3C5B49FD} - (no file) [2009-06-01]
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - (no file) [2009-06-01]
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) [2009-06-01]
O2 - BHO: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} - (no file) [2009-06-01]
O2 - BHO: (no name) - {5057631b-a1b2-419e-89f5-07099aab3e35} - (no file) [2009-06-01]
O2 - BHO: (no name) - {1075F3B0-6985-4114-9140-E45A61274AA8} - (no file) [2009-06-01]
O2 - BHO: (no name) - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - (no file) [2009-06-01]
O2 - BHO: (no name) - {62E19730-2DCE-4FDA-8F93-6ED9870B3E1F} - (no file) [2009-06-01]
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file) [2009-06-01]
O2 - BHO: (no name) - {884155BE-31B0-4018-AA48-D52277CCBA9B} - (no file) [2009-06-01]
O2 - BHO: (no name) - {D189AF79-8865-433D-9BE9-4BE091A4E385} - (no file) [2009-06-01]
O2 - BHO: (no name) - {F90C9F3A-9667-4396-AAAC-CB9EA819C046} - (no file) [2009-06-01]
O2 - BHO: (no name) - {B0BBFC90-24BE-4CF1-A824-F84E8B84AD05} - (no file) [2009-06-01]
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-06-01]
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) [2009-06-01]
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) [2009-06-01]
O2 - BHO: (no name) - {B5227437-6012-4586-BA15-63B8E250F34D} - (no file) [2009-06-01]
O2 - BHO: (no name) - {E4D0A9BB-08E1-4BD4-8323-69E99853295A} - (no file) [2009-06-01]
O2 - BHO: (no name) - {15BB50CA-45A5-42E4-A5B5-C99047244409} - (no file) [2009-06-01]
O2 - BHO: (no name) - {7F18BE40-4F49-40ED-B7C2-5A6948C9BFB9} - (no file) [2009-06-01]
O2 - BHO: (no name) - {D848E40C-B098-494B-9E6C-22BCEE9279CD} - (no file) [2009-06-01]
O20 - Winlogon Notify: efcDUliH - efcDUliH.dll (file missing) [2009-06-01]
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2009-06-01]
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing) [2009-06-01]
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-06-01]
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file) [2009-06-01]
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing) [2009-06-01]

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: AntiVir Desktop (disabled) (outdated)
AV: avast! antivirus 4.8.1335 [VPS 090614-0]
AV: a-squared Anti-Malware (disabled)

======System event log======

Computer Name: ACER-FE8B363750
Event Code: 32
Message: L'assemblage dépendant Microsoft.VC80.MFCLOC ne peut pas être trouvé. La dernière erreur était L'assemblage référencé n'est pas installé sur votre système.

Record Number: 14199
Source Name: SideBySide
Time Written: 20090531184434.000000+120
Event Type: erreur
User:

Computer Name: ACER-FE8B363750
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.

Record Number: 14198
Source Name: Service Control Manager
Time Written: 20090531184002.000000+120
Event Type: Informations
User:

Computer Name: ACER-FE8B363750
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.

Record Number: 14197
Source Name: Service Control Manager
Time Written: 20090531183937.000000+120
Event Type: Informations
User:

Computer Name: ACER-FE8B363750
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

Record Number: 14196
Source Name: Service Control Manager
Time Written: 20090531183937.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ACER-FE8B363750
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.

Record Number: 14195
Source Name: Service Control Manager
Time Written: 20090531183929.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: ACER-FE8B363750
Event Code: 0
Message: La commande du service a été traitée avec succès.

Record Number: 24382
Source Name: AcerMemUsageCheckService
Time Written: 20090423150802.000000+120
Event Type: Informations
User:

Computer Name: ACER-FE8B363750
Event Code: 0
Message: La commande du service a été traitée avec succès.

Record Number: 24381
Source Name: AcerMemUsageCheckService
Time Written: 20090423150802.000000+120
Event Type: Informations
User:

Computer Name: ACER-FE8B363750
Event Code: 32068
Message: La règle de routage de trafic sortant n'est pas valide car elle ne peut pas trouver de périphérique valide. Les télécopies sortantes qui utilisent cette règle ne peuvent pas être acheminées. Vérifiez que le ou les périphériques concernés (en cas de routage vers un groupe de périphériques) sont connectés et installés correctement et allumés. En cas de routage vers un groupe, vérifiez que le groupe est configuré correctement.
Code de pays/région : '*'
Indicatif régional : '*'

Record Number: 24380
Source Name: Microsoft Fax
Time Written: 20090423150759.000000+120
Event Type: Avertissement
User:

Computer Name: ACER-FE8B363750
Event Code: 32026
Message: Le service de télécopie n'a pas pu initialiser de périphériques de télécopies attribués (virtuel ou TAPI).
Aucune télécopie ne peut être envoyée ou reçue tant qu'un périphérique de télécopies n'a pas été installé.

Record Number: 24379
Source Name: Microsoft Fax
Time Written: 20090423150759.000000+120
Event Type: Avertissement
User:

Computer Name: ACER-FE8B363750
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 24378
Source Name: SecurityCenter
Time Written: 20090423150759.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Ulead Systems\DVD;C:\Program Files\Fichiers communs\DivX Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0409
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%Sy

Répondre à greg201

On s'en fout de ma question ?

Télécharge MalwareByte's Anti-Malware sur ton Bureau.

Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!

Aide :

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
Répondre à Angeldark

Créer un nouveau sujet Répondre

Tom's Guide > Forum > Sécurité - Virus > Infecté par un cheval de troie

Aller à :

Aide |
Règles du forum

Il y a 720 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Contenu relatif

Voir tous les contenus correspondants à "infecte cheval troie"

Page générée en 0,303 secondes

Liens