Antivir detecte: TR/Crypt.XPACK.Gen !

Antivir me le signal a nouveau ce matin, j'ai vraiment besoin d'aide là  

Please ?

Merci,
Osoner

Bonjour,

Double-clique sur l'icône d'AntiVir (Parapluie) dans la barre des tâches.

Dans AntiVir, choisis Outils puis Configuration.

Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages puis valide.

Fais un scan complet, clique sur Tout réparer si AntiVir trouve quelque chose et poste le rapport.

Tutoriel : Scanner le(s) disque(s) dur(s)

Merci de t'occuper de moi Destrio5  

Je viens de finir le scan complet des disques, aucunes infections trouvées:



Avira AntiVir Personal
Report file date: vendredi 4 septembre 2009 12:36

Scanning for 1680175 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : Prenom
Computer name : SORA1-53810-P08

Version information:
BUILD.DAT : 9.0.0.407 17961 Bytes 29/07/2009 10:34:00
AVSCAN.EXE : 9.0.3.7 466689 Bytes 26/08/2009 06:49:40
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 08:58:26
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 09:35:50
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 08:58:54
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:30:38
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/06/2009 06:55:56
ANTIVIR2.VDF : 7.1.5.146 3087360 Bytes 21/08/2009 06:49:40
ANTIVIR3.VDF : 7.1.5.198 462848 Bytes 02/09/2009 07:01:18
Engineversion : 8.2.1.7
AEVDF.DLL : 8.1.1.1 106868 Bytes 21/07/2009 06:55:56
AESCRIPT.DLL : 8.1.2.26 463227 Bytes 27/08/2009 06:50:00
AESCN.DLL : 8.1.2.4 127348 Bytes 28/07/2009 07:01:38
AERDL.DLL : 8.1.2.4 430452 Bytes 21/07/2009 06:55:56
AEPACK.DLL : 8.1.3.18 401783 Bytes 21/07/2009 06:55:56
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 21/07/2009 06:55:56
AEHEUR.DLL : 8.1.0.155 1921400 Bytes 26/08/2009 06:49:40
AEHELP.DLL : 8.1.6.0 233846 Bytes 26/08/2009 06:49:40
AEGEN.DLL : 8.1.1.59 356725 Bytes 27/08/2009 06:49:58
AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 12:32:40
AECORE.DLL : 8.1.7.6 184694 Bytes 28/07/2009 07:01:34
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 12:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 06:48:00
AVPREF.DLL : 9.0.0.1 43777 Bytes 05/12/2008 08:32:16
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 12:34:30
AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 08:32:10
AVARKT.DLL : 9.0.0.3 292609 Bytes 21/07/2009 06:55:56
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 08:37:10
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 13:03:50
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 06:21:34
NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 08:32:12
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 21/07/2009 06:55:56
RCTEXT.DLL : 9.0.37.0 86785 Bytes 21/07/2009 06:55:56

Configuration settings for the scan:
Jobname.............................: Local Drives
Configuration file..................: c:\program files\avira\antivir desktop\alldrives.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: vendredi 4 septembre 2009 12:36

Starting search for hidden objects.
'41139' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'winword.exe' - '1' Module(s) have been scanned
Scan process 'OUTLOOK.EXE' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '1' Module(s) have been scanned
Scan process 'sqlmangr.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'Monitor.exe' - '1' Module(s) have been scanned
Scan process 'WButton.exe' - '1' Module(s) have been scanned
Scan process 'OSDCtrl.exe' - '1' Module(s) have been scanned
Scan process 'HotkeyApp.exe' - '1' Module(s) have been scanned
Scan process 'Powerkey.exe' - '1' Module(s) have been scanned
Scan process 'LaunchAp.exe' - '1' Module(s) have been scanned
Scan process 'EPM-DM.EXE' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'sqlservr.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'cvpnd.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'GUARD.EXE' - '0' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
51 processes with 51 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '79' files ).


Starting the file scan:

Begin scan in 'C:\' <SYSTÈME>
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\MSOCache\All Users\{90120000-0044-040C-0000-0000000FF1CE}-C\InfLR.cab
[0] Archive type: CAB (Microsoft)
--> FL_System_Data_Common_xml_103418_FRA____.3643236F_FC70_11D3_A536_0090278A1BB8
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\' <DONNÉES>
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.


End of the scan: vendredi 4 septembre 2009 13:22
Used time: 45:45 Minute(s)

The scan has been done completely.

5471 Scanned directories
396371 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
396369 Files not concerned
11005 Archives were scanned
4 Warnings
2 Notes
41139 Objects were scanned with rootkit scan
0 Hidden objects were found



Faut-il faire quelque chose d'autre?

AntiVir Personal est disponible en français.

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.

Double-clique sur le fichier téléchargé pour lancer le processus d'installation.

Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.

Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.

Sélectionne Exécuter un examen rapide.

Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

Ferme tes navigateurs.

Si des malwares ont été détectés, clique sur Afficher les résultats.

Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Voici =)

Merci encore pour ton aide.

Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2297
Windows 5.1.2600 Service Pack 2

04/09/2009 17:26:46
mbam-log-2009-09-04 (17-26-46).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 146912
Temps écoulé: 27 minute(s), 46 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

--> Il n'est pas à jour.

Oups sorry Daddy !

Voici le bon rapport: (j'ai supprimé la quarantaine)

Merci !

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2551
Windows 5.1.2600 Service Pack 2

07/09/2009 09:46:42
mbam-log-2009-09-07 (09-46-42).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 151006
Temps écoulé: 30 minute(s), 5 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Prenom\Menu Démarrer\Programmes\System Security (Rogue.SystemSecurity) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\Prenom\Menu Démarrer\Programmes\System Security\System Security (Rogue.SystemSecurity) -> Quarantined and deleted successfully.

--> C'est mieux mais il n'est pas encore à jour.

Je comprend pas j'ai fait la MAJ ce matin même   ... m'enfin

Voici le BON rapport cette fois ci lol:

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2750
Windows 5.1.2600 Service Pack 2

07/09/2009 15:47:30
mbam-log-2009-09-07 (15-47-30).txt

Type de recherche: Examen complet (C:\|D:\|F:\|)
Eléments examinés: 176501
Temps écoulé: 56 minute(s), 54 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Là, c'est OK pour la mise à jour.

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Voici le Log puis le info comme demandé.
Que dois-je faire ensuite?

Logfile of random's system information tool 1.06 (written by random/random)
Run by nevin.barnett at 2009-09-07 16:45:54
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 8 GB (31%) free of 27 GB
Total RAM: 502 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:46:05, on 07/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\nevin.barnett\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\nevin.barnett\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\nevin.barnett.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [Client Access PC5250 Sound] "C:\Program Files\IBM\Client Access\Emulator\pcssnd.exe"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\nevin.barnett\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Fonction Commande à distance d'iSeries Access for Windows (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 8442 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-710948232-3325263703-4118337961-1008Core.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"preload"=C:\Windows\RUNXMLPL.exe [2005-05-19 32768]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-01-23 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-01-23 126976]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-04-15 77824]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-02-04 102490]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-02-04 708698]
"EPM-DM"=c:\acer\epm\epm-dm.exe [2005-06-01 192512]
"ePowerManagement"=C:\Acer\ePM\ePM.exe [2005-03-15 2893824]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-07-25 32768]
"PowerKey"=C:\Program Files\Launch Manager\PowerKey.exe [2002-08-30 94208]
"LManager"=C:\Program Files\Launch Manager\HotkeyApp.exe [2005-06-06 69632]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480]
"LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2005-07-25 241664]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2005-07-25 81920]
"eRecoveryService"=C:\Program Files\Acer\eRecovery\Monitor.exe [2005-06-29 352256]
"Client Access Service"=C:\Program Files\IBM\Client Access\cwbsvstr.exe [2004-01-23 20530]
"Client Access Help Update"=C:\Program Files\IBM\Client Access\cwbinhlp.exe [2004-01-23 24626]
"Client Access Check Version"=C:\Program Files\IBM\Client Access\cwbckver.exe [2004-01-23 45106]
"Client Access Express Welcome"=C:\Program Files\IBM\Client Access\cwbwlwiz.exe [2004-01-23 20480]
"Client Access PC5250 Sound"=C:\Program Files\IBM\Client Access\Emulator\pcssnd.exe [2004-01-23 40960]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2004-08-05 144384]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-05-30 292136]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NoIE4StubProcessing"=C:\WINDOWS\system32\reg.exe [2004-08-05 53248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2004-11-22 307200]
"Google Update"=C:\Documents and Settings\nevin.barnett\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-08 133104]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Cisco Systems VPN Client.lnk - C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-01-23 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2009-09-07 16:45:54 ----D---- C:\rsit
2009-09-07 10:15:10 ----D---- C:\WINDOWS\ie8updates
2009-09-07 10:14:47 ----N---- C:\WINDOWS\system32\SET11D.tmp
2009-09-07 10:14:47 ----N---- C:\WINDOWS\system32\SET11C.tmp
2009-09-07 10:14:46 ----N---- C:\WINDOWS\system32\SET121.tmp
2009-09-07 10:14:46 ----N---- C:\WINDOWS\system32\SET11A.tmp
2009-09-07 10:14:46 ----N---- C:\WINDOWS\system32\SET119.tmp
2009-09-07 10:14:44 ----N---- C:\WINDOWS\system32\SET11E.tmp
2009-09-07 10:14:40 ----N---- C:\WINDOWS\system32\SET123.tmp
2009-09-07 10:13:36 ----D---- C:\WINDOWS\WBEM
2009-09-07 10:10:45 ----HD---- C:\WINDOWS\ie8
2009-09-07 10:10:21 ----D---- C:\WINDOWS\LastGood
2009-09-07 10:02:46 ----A---- C:\WINDOWS\system32\javaws.exe
2009-09-07 10:02:46 ----A---- C:\WINDOWS\system32\javaw.exe
2009-09-07 10:02:46 ----A---- C:\WINDOWS\system32\java.exe
2009-09-07 09:07:35 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-04 10:49:51 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-09-04 09:32:43 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-09-04 09:32:34 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2009-09-04 09:32:01 ----HD---- C:\WINDOWS\$NtUninstallKB959426$
2009-09-04 09:31:28 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2009-09-04 09:30:56 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2009-09-04 09:30:31 ----HD---- C:\WINDOWS\$NtUninstallKB960859$
2009-09-04 09:30:01 ----HD---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-09-04 09:29:36 ----HD---- C:\WINDOWS\$NtUninstallKB972260$
2009-09-04 09:28:43 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2009-09-04 09:27:00 ----HD---- C:\WINDOWS\$NtUninstallKB971657$
2009-09-04 09:25:13 ----HD---- C:\WINDOWS\$NtUninstallKB971557$
2009-09-04 09:22:29 ----HD---- C:\WINDOWS\$NtUninstallKB960225$
2009-09-04 09:20:25 ----HD---- C:\WINDOWS\$NtUninstallKB973346$
2009-09-04 09:16:04 ----HD---- C:\WINDOWS\$NtUninstallKB956572$
2009-09-04 09:15:15 ----HD---- C:\WINDOWS\$NtUninstallKB961501$
2009-09-04 09:14:38 ----HD---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-09-04 09:14:11 ----HD---- C:\WINDOWS\$NtUninstallKB971633$
2009-09-04 09:13:38 ----HD---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-09-04 09:13:11 ----HD---- C:\WINDOWS\$NtUninstallKB973869$
2009-09-04 09:12:57 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-09-04 09:12:40 ----HD---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-09-04 09:12:12 ----HD---- C:\WINDOWS\$NtUninstallKB952004$
2009-09-04 09:11:50 ----HD---- C:\WINDOWS\$NtUninstallKB973507$
2009-09-04 09:11:11 ----HD---- C:\WINDOWS\$NtUninstallKB963093$
2009-09-04 09:08:57 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2009-09-04 09:08:36 ----HD---- C:\WINDOWS\$NtUninstallKB957097$
2009-09-04 09:08:20 ----HD---- C:\WINDOWS\$NtUninstallKB958687$
2009-09-04 09:08:00 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2009-09-04 09:07:37 ----HD---- C:\WINDOWS\$NtUninstallKB973354$
2009-09-04 09:06:28 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
2009-09-04 09:05:07 ----HD---- C:\WINDOWS\$NtUninstallKB951066$
2009-09-04 09:03:53 ----HD---- C:\WINDOWS\$NtUninstallKB951748$
2009-09-04 09:03:00 ----HD---- C:\WINDOWS\$NtUninstallKB970238$
2009-09-04 09:02:03 ----D---- C:\WINDOWS\ServicePackFiles
2009-09-04 09:01:59 ----HD---- C:\WINDOWS\$NtUninstallKB958470$
2009-09-04 09:01:01 ----HD---- C:\WINDOWS\$NtUninstallKB901190$
2009-09-04 09:00:04 ----HD---- C:\WINDOWS\$NtUninstallKB960803$
2009-09-04 08:59:22 ----HD---- C:\WINDOWS\$NtUninstallKB973815$
2009-09-04 08:51:23 ----HD---- C:\WINDOWS\$NtUninstallKB968537$
2009-09-04 08:50:20 ----HD---- C:\WINDOWS\$NtUninstallKB971032$
2009-09-04 08:49:57 ----HD---- C:\WINDOWS\$NtUninstallKB954600$
2009-09-04 08:49:36 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2009-09-04 08:49:23 ----HD---- C:\WINDOWS\$NtUninstallKB955069$
2009-09-04 08:49:15 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2009-09-04 08:48:57 ----HD---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-09-04 08:47:35 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-09-04 08:47:30 ----HD---- C:\WINDOWS\$NtUninstallKB923561$
2009-09-04 08:46:45 ----HD---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-09-03 09:55:30 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-09-03 09:54:02 ----A---- C:\WINDOWS\imsins.BAK
2009-09-03 09:53:44 ----D---- C:\WINDOWS\system32\PreInstall
2009-09-03 09:53:39 ----HD---- C:\WINDOWS\$NtUninstallKB898461$
2009-09-03 08:57:29 ----D---- C:\WINDOWS\system32\SoftwareDistribution

======List of files/folders modified in the last 1 months======

2009-09-07 09:57:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-07 09:51:32 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Modem with SmartCP.txt
2009-09-07 09:50:40 ----N---- C:\WINDOWS\system32\eRLog.ini
2009-09-07 09:47:44 ----A---- C:\WINDOWS\SchedLgU.Txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-07-21 96104]
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
R1 SSHDRV86;SSHDRV86; \??\C:\WINDOWS\system32\drivers\SSHDRV86.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-21 28520]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-26 55656]
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15.sys;int15.sys; \??\C:\Program Files\Acer\eRecovery\int15.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-22 369024]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2003-07-24 139604]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-12-15 207232]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-01-23 804317]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-12-15 6144]
R3 POWERKEY;POWERKEY; \??\C:\Program Files\Launch Manager\POWERKEY.sys []
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-02-04 193216]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S2 MLPTDR_B;MLPTDR_B; \??\C:\WINDOWS\system32\MLPTDR_B.sys []
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
S3 catchme;catchme; \??\C:\DOCUME~1\NEVIN~1.BAR\LOCALS~1\Temp\catchme.sys []
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 dot4;Pilote MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;Filtre Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-23 24064]
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
S3 NSCIRDA;Pilote de périphérique infrarouge NSC; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-03 28672]
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
S3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\IDS-DI~1\20070124.002\symidsco.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-05-29 39424]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-21 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-26 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2004-08-04 1445912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MSSQL$MICROSOFTSMLBIZ;MSSQL$MICROSOFTSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe [2005-05-04 9150464]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-05-30 541992]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-05 268800]
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2009-01-07 26144]
S3 Cwbrxd;Fonction Commande à distance d'iSeries Access for Windows; C:\WINDOWS\CWBRXD.EXE [2003-10-07 57344]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SQLAgent$MICROSOFTSMLBIZ;SQLAgent$MICROSOFTSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE [2005-05-03 323584]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2009-09-07 16:46:09

======Uninstall list======

-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\AFPViewr\DeIsL1.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\Aoc\DeIsL1.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL10.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL11.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL12.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL13.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL14.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL15.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL16.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL17.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL18.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL19.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL2.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL20.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL21.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL22.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL23.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL24.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL25.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL26.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL27.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL28.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL29.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL3.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL30.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL31.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL32.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL33.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL34.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL35.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL36.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL37.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL38.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL4.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL5.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL6.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL7.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL70.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL8.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL9.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\Emulator\DeIsL1.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\Emulator\DeIsL2.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\EZSetup\DeIsL1.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\Toolkit\DeIsL1.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\Toolkit\DeIsL2.isu"
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu"
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\GSK6\gsk6BUI.isu"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ableton Live v7.0.2-->"C:\Program Files\Ableton\Live 7.0.2\Uninstall\unins000.exe"
Acer ePowerManagement-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
AltoMP3 Gold 5.04-->"C:\Program Files\AltoMP3 Gold\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{659B48CD-0608-4ED5-94C0-0B6C87114F10}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bibliothèques GTK+ 2.12.8 rev a (supprimer uniquement)-->C:\Program Files\Fichiers communs\GTK\2.0\uninst.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
dBpoweramp Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
foobar2000 v0.9.6.8-->"C:\Program Files\foobar2000\uninstall.exe" _?=C:\Program Files\foobar2000
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
IBM iSeries Access for Windows-->"C:\Program Files\IBM\Client Access\cwbinarp.exe"
Intel(R) Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
iTunes-->MsiExec.exe /I{CC5702D7-86E2-45A8-99D7-E8B976ADCC56}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
KONICA MINOLTA magicolor 2430DL-->MUINST_U.EXE /PRN:"KONICA MINOLTA magicolor 2430DL"
Launch Manager V1.0.8.8-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\SETUP.EXE" -l0x40c
magicolor 2300 DL-->MUINST_B.EXE /PRN:"magicolor 2300 DL"
Malwarebytes' Anti-Malware-->"C:\Program Files\Winlogon\unins000.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Office Outlook 2003 avec Gestionnaire de contacts professionnels (Mise à jour)-->MsiExec.exe /I{BA68600E-96D9-4E92-80F2-26B9681B5A67}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9111040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft VC80 Support DLLs-->MsiExec.exe /I{342F5437-C87D-4BB5-89B9-B23E16C6A395}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971032)-->"C:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB973874)-->"C:\WINDOWS\ie8updates\KB973874-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.0.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
NTI Backup NOW! 4-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{ED79C7E1-386E-4C12-81C7-8FEFB6D396B5} /l1036 BUN4
NTI CD & DVD-Maker Gold-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{65C39C99-F2C0-4286-A37A-23182E9A5E8E} /l1036 CDM7
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
ScanSoft PaperPort Viewer 7.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ScanSoft\PaperPort Viewer\Uninst.isu"
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
SoftV90 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_006A1025\HXFSETUP.EXE -U -IVEN_8086&DEV_266D&SUBSYS_006A1025
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VPN Client-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5624C000-B109-11D4-9DB4-00E0290FCAC5}\Setup.exe" -l0x9 VpnUninstall
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"

=====HijackThis Backups=====

O4 - HKLM\..\Run: [19762504] C:\Documents and Settings\All Users\Application Data\19762504\19762504.exe [2009-07-20]

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: SORA1-53810-P08
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service BITS avec les arguments ""
pour démarrer le serveur :
{4991D34B-80A1-4291-83B6-3328366B9097}

Record Number: 31789
Source Name: DCOM
Time Written: 20090525224421.000000+120
Event Type: erreur
User: SORA1-53810-P08\nevin.barnett

Computer Name: SORA1-53810-P08
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service BITS avec les arguments ""
pour démarrer le serveur :
{4991D34B-80A1-4291-83B6-3328366B9097}

Record Number: 31788
Source Name: DCOM
Time Written: 20090525224421.000000+120
Event Type: erreur
User: SORA1-53810-P08\nevin.barnett

Computer Name: SORA1-53810-P08
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service BITS avec les arguments ""
pour démarrer le serveur :
{4991D34B-80A1-4291-83B6-3328366B9097}

Record Number: 31787
Source Name: DCOM
Time Written: 20090525224421.000000+120
Event Type: erreur
User: SORA1-53810-P08\nevin.barnett

Computer Name: SORA1-53810-P08
Event Code: 7036
Message: Le service Acquisition d'image Windows (WIA) est entré dans l'état : en cours d'exécution.

Record Number: 31786
Source Name: Service Control Manager
Time Written: 20090525224420.000000+120
Event Type: Informations
User:

Computer Name: SORA1-53810-P08
Event Code: 7011
Message: Délai (30000 millisecondes) d'attente pour une réponse du service Netman à une transaction.

Record Number: 31785
Source Name: Service Control Manager
Time Written: 20090525224420.000000+120
Event Type: erreur
User:

=====Application event log=====

Computer Name: SORA1-53810-P08
Event Code: 45
Message:
Record Number: 15391
Source Name: Symantec AntiVirus
Time Written: 20090525094942.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: SORA1-53810-P08
Event Code: 45
Message:
Record Number: 15390
Source Name: Symantec AntiVirus
Time Written: 20090525094941.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: SORA1-53810-P08
Event Code: 45
Message:
Record Number: 15389
Source Name: Symantec AntiVirus
Time Written: 20090525094941.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: SORA1-53810-P08
Event Code: 45
Message:
Record Number: 15388
Source Name: Symantec AntiVirus
Time Written: 20090525094941.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: SORA1-53810-P08
Event Code: 45
Message:
Record Number: 15387
Source Name: Symantec AntiVirus
Time Written: 20090525094940.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn;C:\PROGRA~1\IBM\CLIENT~1;C:\PROGRA~1\IBM\CLIENT~1\Shared;C:\PROGRA~1\IBM\CLIENT~1\Emulator;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

AVG Anti-Spyware 7.5 n'est plus tenu à jour.

Désinstalle Java 6 Update 7 et Java 6 Update 15.

Mets à jour Java.

Mets à jour Adobe Reader.

Mets à jour Internet Explorer.

Tu n'as plus de souci ?

J'ai jamais eu AVG :s

J'ai recupéré ce PC donc la personne d'avant sans doute.

Je vais faire les MAJ, je te tiens au courant. Ça a l'air clean sinon?

--> Oui.