Mon PC est malade

Bonjour,

• Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
• Double-clique sur RSIT.exe afin de lancer le programme.

(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

• Clique sur Continue à l'écran Disclaimer.
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Tu ne coches aucune case pour l'instant.

Info

info.txt logfile of random's system information tool 1.06 2009-10-16 22:28:08

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{684CB795-C157-4E15-93D4-E26015FEF1EA}\Setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\32e9033392a51340b32fdc6ad893ab7\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{BF794769-8875-4E01-B7BE-E00104604F4A}
Adobe Photoshop Elements 7.0-->msiexec /i {CB6075D9-F912-40AE-BEA6-E590DA24F16B}
Adobe Reader 7.0.8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70800000002}
Adobe Setup-->MsiExec.exe /I{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x040c -removeonly
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archlord Episode 3-->"C:\Program Files\Codemasters\Archlord\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
AutoHotkey 1.0.47.06-->C:\Program Files\AutoHotkey\uninst.exe
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Barre d'outils MSN-->C:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
BooBoo DemoPlayer 0.5-->"C:\Program Files\BooBooDemoPlayer\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CIF USB CAMERA-->C:\WINDOWS\CleanDev.exe C:\WINDOWS\DC3110.txt
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
EA Download Manager-->C:\Program Files\Electronic Arts\EADM\Uninstall.exe
EA SPORTS™ Rugby 08-->MsiExec.exe /X{18D00C9F-B259-4838-871A-C61FCFF34C59}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EVEREST Ultimate Edition v4.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FIFA 09-->MsiExec.exe /X{2315B23D-3E21-4920-837D-AE6460934ECB}
Free Mp3 Wma Converter V 1.8.0-->"C:\Program Files\Free Audio Pack\unins000.exe"
Futuremark SystemInfo-->"C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
GameCenter-->C:\Program Files\Cyanide\GameCenter\uninstall.exe
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Nico\Bureau\HijackThis.exe" /uninstall
HLSW v1.3.2.1-->"C:\Program Files\HLSW\unins000.exe"
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x040c -removeonly
LimeWire 5.2.13-->"C:\Program Files\LimeWire\uninstall.exe"
Ma-Config.com-->MsiExec.exe /X{560BD6E0-0BA6-43AF-B423-E1DF4D2EB3C3}
Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Micromega Software System EasyScan-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\EasyScan\Uninst.isu"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
mIRC-->C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.0.14)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3 Player Utilities 4.15-->MsiExec.exe /I{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe
Nero Suite-->C:\Program Files\Fichiers communs\Ahead\Uninstall\Setup.exe /uninstall
NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
PC Wizard 2008.1.84-->"C:\Program Files\PC Wizard 2008\unins000.exe"
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
Pro Cycling Manager - Season 2009 1.0.3.3-->"C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\unins000.exe"
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
Return to Castle Wolfenstein-->C:\PROGRA~1\RETURN~1\Uninstall\Unwise.exe /u C:\PROGRA~1\RETURN~1\Uninstall\Install.log
SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe
Smart-X7 7.80-->C:\Program Files\Mouse\Uninst32.exe
Sony Ericsson Media Manager 1.1-->MsiExec.exe /X{4A27B6AA-D139-4B69-97E0-B65B225E0673}
Sony Ericsson PC Suite-->MsiExec.exe /I{FE6397C1-CECA-4EC3-B064-42AED7676898}
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
TeamSpeak Client-->"C:\Program Files\TeamSpeak3\unins000.exe"
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
VideoLAN VLC media player 0.8.6h-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Virtua Tennis 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9B63540D-D942-4C38-B42E-A48AE0145970}\setup.exe" -l0x40c -removeonly
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! antivirus 4.8.1351 [VPS 091015-0]

======System event log======

Computer Name: DOKHELAR-A30165
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

Record Number: 58731
Source Name: Service Control Manager
Time Written: 20090928170806.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: DOKHELAR-A30165
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant.

Record Number: 58730
Source Name: Service Control Manager
Time Written: 20090928170806.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: DOKHELAR-A30165
Event Code: 7036
Message: Le service Téléphonie est entré dans l'état : en cours d'exécution.

Record Number: 58729
Source Name: Service Control Manager
Time Written: 20090928170806.000000+120
Event Type: Informations
User:

Computer Name: DOKHELAR-A30165
Event Code: 7036
Message: Le service avast! Web Scanner est entré dans l'état : en cours d'exécution.

Record Number: 58728
Source Name: Service Control Manager
Time Written: 20090928170806.000000+120
Event Type: Informations
User:

Computer Name: DOKHELAR-A30165
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP.

Record Number: 58727
Source Name: Service Control Manager
Time Written: 20090928170806.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

=====Application event log=====

Computer Name: DOKHELAR-A30165
Event Code: 302
Message: MsnMsgr (3372) \\.\C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Messenger\mister_3@hotmail.fr\SharingMetadata\Working\database_1484_6593_8465_785E\dfsr.db: Le moteur de base de données a exécuté la procédure de récupération avec succès.

Record Number: 15988
Source Name: ESENT
Time Written: 20090824124301.000000+120
Event Type: Informations
User:

Computer Name: DOKHELAR-A30165
Event Code: 301
Message: MsnMsgr (3372) \\.\C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Messenger\mister_3@hotmail.fr\SharingMetadata\Working\database_1484_6593_8465_785E\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Messenger\mister_3@hotmail.fr\SharingMetadata\Working\database_1484_6593_8465_785E\fsr.log.

Record Number: 15987
Source Name: ESENT
Time Written: 20090824124300.000000+120
Event Type: Informations
User:

Computer Name: DOKHELAR-A30165
Event Code: 301
Message: MsnMsgr (3372) \\.\C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Messenger\mister_3@hotmail.fr\SharingMetadata\Working\database_1484_6593_8465_785E\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Messenger\mister_3@hotmail.fr\SharingMetadata\Working\database_1484_6593_8465_785E\fsr00264.log.

Record Number: 15986
Source Name: ESENT
Time Written: 20090824124300.000000+120
Event Type: Informations
User:

Computer Name: DOKHELAR-A30165
Event Code: 301
Message: MsnMsgr (3372) \\.\C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Messenger\mister_3@hotmail.fr\SharingMetadata\Working\database_1484_6593_8465_785E\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Messenger\mister_3@hotmail.fr\SharingMetadata\Working\database_1484_6593_8465_785E\fsr00263.log.

Record Number: 15985
Source Name: ESENT
Time Written: 20090824124300.000000+120
Event Type: Informations
User:

Computer Name: DOKHELAR-A30165
Event Code: 301
Message: MsnMsgr (3372) \\.\C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Messenger\mister_3@hotmail.fr\SharingMetadata\Working\database_1484_6593_8465_785E\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Messenger\mister_3@hotmail.fr\SharingMetadata\Working\database_1484_6593_8465_785E\fsr00262.log.

Record Number: 15984
Source Name: ESENT
Time Written: 20090824124257.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------


Merci

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2971
Windows 5.1.2600 Service Pack 3

16/10/2009 23:56:32
mbam-log-2009-10-16 (23-56-32).txt

Type de recherche: Examen rapide
Eléments examinés: 149205
Temps écoulé: 21 minute(s), 49 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\glaide32 (Rootkit.Rustock) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\Nico\Local Settings\Application Data\iqecc_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nico\Local Settings\Application Data\iqecc_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nico\Local Settings\Application Data\iqecc.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nico\Local Settings\Application Data\iqecc.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\UPD2327.tmp (Trojan.SpyAgent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nico\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Nico at 2009-10-17 00:02:19
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 122 GB (40%) free of 305 GB
Total RAM: 3071 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:02:32, on 17/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\Mumble\dbus-daemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Nico\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Nico\Bureau\Nico.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\msybqp32.exe,
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr [...] NPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 8321 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Norton Security Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2009-06-29 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-11-22 16858112]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-09-17 86016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iqecc]
c:\documents and settings\nico\local settings\application data\iqecc.exe iqecc []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^nico^menu démarrer^programmes^démarrage^rncsys32.exe]
C:\Documents and Settings\Nico\Menu Démarrer\Programmes\Démarrage\rncsys32.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\WINDOWS\system32\hitakire.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:EnabledNA"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"C:\Program Files\Wolfenstein - 2.6B\ET.exe"="C:\Program Files\Wolfenstein - 2.6B\ET.exe:*:Enabled:ET"
"C:\Program Files\Xfire\xfire.exe"="C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire"
"C:\Program Files\Wolfenstein - serveur\ET.exe"="C:\Program Files\Wolfenstein - serveur\ET.exe:*:Enabled:ET"
"C:\Program Files\Wolfenstein - 2.55\ET.exe"="C:\Program Files\Wolfenstein - 2.55\ET.exe:*:Enabled:ET"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"D:\Installation\Setupx.exe"="D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Wolfenstein - 2.6BB\ET.exe"="C:\Program Files\Wolfenstein - 2.6BB\ET.exe:*:Enabled:ET"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Wolfenstein - test config\ET.exe"="C:\Program Files\Wolfenstein - test config\ET.exe:*:Enabled:ET"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*isabledartage de l'application RTC"
"C:\Program Files\Wolfenstein - 2.6AB\ET.exe"="C:\Program Files\Wolfenstein - 2.6AB\ET.exe:*:Enabled:ET"
"C:\Documents and Settings\Nico\Local Settings\Temp\Rar$EX00.828\freezer v1.4 fr\freezer.exe"="C:\Documents and Settings\Nico\Local Settings\Temp\Rar$EX00.828\freezer v1.4 fr\freezer.exe:*:Enabled:freezer"
"C:\Documents and Settings\Nico\Bureau\freezer.exe"="C:\Documents and Settings\Nico\Bureau\freezer.exe:*:Enabled:freezer"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:EnablednkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:EnablednkBstrB"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1"
"C:\Documents and Settings\Nico\Local Settings\Temp\Rar$EX00.891\freezer v1.4 fr\freezer.exe"="C:\Documents and Settings\Nico\Local Settings\Temp\Rar$EX00.891\freezer v1.4 fr\freezer.exe:*:Enabled:freezer"
"C:\Documents and Settings\Nico\Local Settings\Application Data\F4\ClientUpdater\ClientUpdater.exe"="C:\Documents and Settings\Nico\Local Settings\Application Data\F4\ClientUpdater\ClientUpdater.exe:*:Enabled:F4 Game Client Updater"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\PCM.exe"="C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\PCM.exe:*:Enabledro Cycling Manager - Season 2009"
"C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\Autorun\Exe\Autorun.exe"="C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\Autorun\Exe\Autorun.exe:*:Enabledro Cycling Manager - Season 2009 - AutoRun"
"C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Program Files\Return to Castle Wolfenstein\WolfMP.exe"="C:\Program Files\Return to Castle Wolfenstein\WolfMP.exe:*:Enabled:WolfMP"
"C:\Documents and Settings\Nico\Local Settings\Temp\Rar$EX03.875\Wolf2MP.exe"="C:\Documents and Settings\Nico\Local Settings\Temp\Rar$EX03.875\Wolf2MP.exe:*:Enabled:Wolfenstein MP"
"C:\Documents and Settings\Nico\Mes documents\My Downloads\Wolf2MP.exe"="C:\Documents and Settings\Nico\Mes documents\My Downloads\Wolf2MP.exe:*:Enabled:Wolfenstein MP"
"C:\Documents and Settings\Nico\Mes documents\My Downloads\Wolf2MPLite.exe"="C:\Documents and Settings\Nico\Mes documents\My Downloads\Wolf2MPLite.exe:*:Enabled:Wolfenstein MP"
"C:\Documents and Settings\All Users\Application Data\WLInstaller\vmmonitor.exe"="C:\Documents and Settings\All Users\Application Data\WLInstaller\vmmonitor.exe:*:Enabled:SAM"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Documents and Settings\All Users\Application Data\WLInstaller\vmmonitor.exe"="C:\Documents and Settings\All Users\Application Data\WLInstaller\vmmonitor.exe:*:Enabled:SAM"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8cfad6e-a11a-11de-8f62-00196661ad15}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe


======List of files/folders created in the last 1 months======

2009-10-16 23:31:20 ----D---- C:\Documents and Settings\Nico\Application Data\Malwarebytes
2009-10-16 23:31:15 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-16 23:31:15 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-16 22:27:42 ----D---- C:\rsit
2009-10-16 20:41:19 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-09-26 00:20:28 ----A---- C:\WINDOWS\system32\xfcodec.dll
2009-09-20 16:30:58 ----D---- C:\WINDOWS\system32\Futuremark
2009-09-20 16:30:58 ----D---- C:\Program Files\Fichiers communs\Futuremark Shared

======List of files/folders modified in the last 1 months======

2009-10-17 00:01:06 ----D---- C:\WINDOWS\Temp
2009-10-17 00:01:04 ----D---- C:\Program Files\Mozilla Firefox
2009-10-17 00:00:10 ----D---- C:\WINDOWS\Prefetch
2009-10-16 23:58:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-16 23:56:32 ----D---- C:\WINDOWS\system32
2009-10-16 23:54:45 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-10-16 23:54:14 ----D---- C:\Documents and Settings\Nico\Application Data\Xfire
2009-10-16 23:53:33 ----D---- C:\Documents and Settings\Nico\Application Data\mIRC
2009-10-16 23:39:46 ----D---- C:\WINDOWS\ShellNew
2009-10-16 23:39:45 ----D---- C:\Program Files
2009-10-16 23:31:16 ----D---- C:\WINDOWS\system32\drivers
2009-10-16 22:10:42 ----D---- C:\Documents and Settings\Nico\Application Data\LimeWire
2009-10-16 20:41:19 ----D---- C:\Program Files\Fichiers communs
2009-10-16 20:41:06 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-16 20:40:01 ----D---- C:\Program Files\mIRC
2009-10-16 17:35:04 ----D---- C:\Program Files\LimeWire
2009-10-15 21:37:10 ----D---- C:\Program Files\Xfire
2009-10-14 18:47:29 ----A---- C:\WINDOWS\NeroDigital.ini
2009-10-14 16:13:39 ----A---- C:\WINDOWS\win.ini
2009-10-13 21:28:35 ----D---- C:\Documents and Settings\Nico\Application Data\BitTorrent
2009-10-11 19:43:00 ----SD---- C:\WINDOWS\Tasks
2009-10-11 11:02:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-11 00:05:40 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-10 14:17:22 ----D---- C:\Documents and Settings\Nico\Application Data\teamspeak2
2009-10-10 00:46:13 ----D---- C:\Documents and Settings\Nico\Application Data\Adobe
2009-10-08 19:37:03 ----D---- C:\Program Files\Wolfenstein - 2.6AB
2009-10-05 21:12:55 ----D---- C:\Documents and Settings\Nico\Application Data\Mumble
2009-10-02 23:02:22 ----D---- C:\Program Files\Wolfenstein - 2.6B
2009-09-26 18:18:44 ----D---- C:\WINDOWS
2009-09-22 17:45:56 ----D---- C:\Program Files\eMule
2009-09-20 21:40:04 ----D---- C:\Program Files\SystemRequirementsLab
2009-09-20 21:36:39 ----D---- C:\Documents and Settings\Nico\Application Data\SystemRequirementsLab
2009-09-20 16:30:57 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-20 00:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\TrackMania

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 Amfilter;Compatible Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-04-19 8704]
R1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [2009-07-13 3033712]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 Amusbprt;Compatible HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-04-19 14336]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-27 4630016]
R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-03-06 58752]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-03-06 19968]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2008-08-25 14208]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SoC PC-Camera Service;CIF USB CAMERA; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2004-02-10 127692]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys []
S3 Amps2prt;Compatible PS/2 Port Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2007-04-19 14336]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\Nico\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-06-30 75064]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2009-07-13 316816]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-08 651720]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe []
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iqecc\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^nico^menu démarrer^programmes^démarrage^rncsys32.exe\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\"Notification Packages"|hex(7):73,00,63,00,65,00,63,00,6c,00,69,00,00,00,00,00 /E : value set successfully!
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8cfad6e-a11a-11de-8f62-00196661ad15}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c8cfad6e-a11a-11de-8f62-00196661ad15}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Benjamin
->Temp folder emptied: 38738513 bytes
->Temporary Internet Files folder emptied: 47288207 bytes
->FireFox cache emptied: 102719970 bytes

User: Camille
->Temp folder emptied: 35110365 bytes
->Temporary Internet Files folder emptied: 219226494 bytes
->Java cache emptied: 15339008 bytes
->FireFox cache emptied: 60445405 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 2349772 bytes

User: Nico
File delete failed. C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\V5S8QL4H\24815;rid=31442691;rv=1;&timestamp=1242500254500;eid1=2;ecn1=1;etm1=1;eid2=12;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid4=3;ecn4=1;etm4=1;eid5=4;ecn5=1;etm5=0;&_dc_ck=try[1].gif scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\V5S8QL4H\=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242592536187;eid1=2;ecn1=1;etm1=0;eid2=12;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;&_dc_ck=try[1].gif scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\V5S8QL4H\=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242593680671;eid1=2;ecn1=1;etm1=1;eid2=12;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;&_dc_ck=try[1].gif scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\I7LPUFCC\24815;rid=31442691;rv=1;&timestamp=1242500202531;eid1=2;ecn1=1;etm1=8;eid2=12;ecn2=1;etm2=7;eid3=11;ecn3=1;etm3=0;eid4=3;ecn4=1;etm4=1;eid5=4;ecn5=1;etm5=0;&_dc_ck=try[1].gif scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\I7LPUFCC\activity;src=1794223;met=1;v=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242500204812;eid6=8;ecn6=1;etm6=0;&_dc_ck=try[1].gif scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\I7LPUFCC\activity;src=1794223;met=1;v=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242591995015;eid1=92352;ecn1=1;etm1=0;&_dc_ck=try[1].gif scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\3QI30SWA\activity;src=1794223;met=1;v=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242500198031;eid1=92352;ecn1=1;etm1=0;&_dc_ck=try[1].gif scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\3QI30SWA\activity;src=1794223;met=1;v=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242591924906;eid1=2;ecn1=1;etm1=1;&_dc_ck=try[1].gif scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\3QI30SWA\v=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242500258406;eid1=2;ecn1=0;etm1=4;eid2=12;ecn2=0;etm2=4;eid4=3;ecn4=0;etm4=4;&_dc_ck=try[1].gif scheduled to be deleted on reboot.
->Temp folder emptied: 348793998 bytes
->Temporary Internet Files folder emptied: 552817050 bytes
->Java cache emptied: 32655820 bytes
->FireFox cache emptied: 109684956 bytes
->Google Chrome cache emptied: 351761872 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134506 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_64c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 537027 bytes
RecycleBin emptied: 3895794395 bytes

Total Files Cleaned = 1450,19 mb


OTM by OldTimer - Version 3.0.0.6 log created on 10172009_001045

Files moved on Reboot...
File C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\V5S8QL4H\24815;rid=31442691;rv=1;&timestamp=1242500254500;eid1=2;ecn1=1;etm1=1;eid2=12;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid4=3;ecn4=1;etm4=1;eid5=4;ecn5=1;etm5=0;&_dc_ck=try[1].gif not found!
File C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\V5S8QL4H\=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242592536187;eid1=2;ecn1=1;etm1=0;eid2=12;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;&_dc_ck=try[1].gif not found!
File C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\V5S8QL4H\=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242593680671;eid1=2;ecn1=1;etm1=1;eid2=12;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;&_dc_ck=try[1].gif not found!
File C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\I7LPUFCC\24815;rid=31442691;rv=1;&timestamp=1242500202531;eid1=2;ecn1=1;etm1=8;eid2=12;ecn2=1;etm2=7;eid3=11;ecn3=1;etm3=0;eid4=3;ecn4=1;etm4=1;eid5=4;ecn5=1;etm5=0;&_dc_ck=try[1].gif not found!
File C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\I7LPUFCC\activity;src=1794223;met=1;v=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242500204812;eid6=8;ecn6=1;etm6=0;&_dc_ck=try[1].gif not found!
File C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\I7LPUFCC\activity;src=1794223;met=1;v=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242591995015;eid1=92352;ecn1=1;etm1=0;&_dc_ck=try[1].gif not found!
File C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\3QI30SWA\activity;src=1794223;met=1;v=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242500198031;eid1=92352;ecn1=1;etm1=0;&_dc_ck=try[1].gif not found!
File C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\3QI30SWA\activity;src=1794223;met=1;v=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242591924906;eid1=2;ecn1=1;etm1=1;&_dc_ck=try[1].gif not found!
File C:\Documents and Settings\Nico\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\3QI30SWA\v=1;pid=36753051;aid=214855092;ko=0;cid=31424815;rid=31442691;rv=1;&timestamp=1242500258406;eid1=2;ecn1=0;etm1=4;eid2=12;ecn2=0;etm2=4;eid4=3;ecn4=0;etm4=4;&_dc_ck=try[1].gif not found!
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\Perflib_Perfdata_64c.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Alors j'ai toujours des soucis :

- J'ai toujours le virus du double chapeur ( ^^ )
- Je peut toujours pas allé sur ma boite hotmail
- J'avais oublier de signaler , mais je ne peut pas activer mes mise a jour automatique alors qu'elles le sont dans Panneau de configurtion etc ....


Sinon mon PC est nettement plus rapide !

Merci , mais si tu peut encore m'aider ce serais simpa

D'abords le double chapeau , puis il s'est en allé , google chrome n'a plus voullu marcher , puis maintenant ma boite hotmail , et les chapeaux sont revenu !

A peu pres en meme temps oui ( 1/2 semaines )

Desole , j'avais perdu mes identifiants !

²ComboFix 09-10-18.06 - Nico 19/10/2009 22:30.1.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2486 [GMT 2:00]
Lancé depuis: c:\documents and settings\Nico\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 091019-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Un nouveau point de restauration a été créé
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-09-19 au 2009-10-19 ))))))))))))))))))))))))))))))))))))
.

2009-10-19 08:58 . 2009-10-19 08:58 -------- d-----w- c:\documents and settings\Camille\Application Data\Malwarebytes
2009-10-16 22:10 . 2009-10-16 22:10 -------- d-----w- C:\_OTM
2009-10-16 21:31 . 2009-10-16 21:31 -------- d-----w- c:\documents and settings\Nico\Application Data\Malwarebytes
2009-10-16 21:31 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-16 21:31 . 2009-10-16 21:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-16 21:31 . 2009-10-16 21:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-16 21:31 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-16 20:27 . 2009-10-16 20:28 -------- d-----w- C:\rsit
2009-10-16 18:41 . 2009-10-16 18:41 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-09-25 22:20 . 2009-09-25 22:20 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-09-20 14:38 . 2009-10-11 17:25 -------- d-----w- c:\documents and settings\Nico\Local Settings\Application Data\Temp
2009-09-20 14:38 . 2009-09-20 14:39 -------- d-----w- c:\documents and settings\Nico\Local Settings\Application Data\Google
2009-09-20 14:30 . 2008-09-17 13:14 27672 ----a-r- c:\windows\system32\drivers\Entech.sys
2009-09-20 14:30 . 2009-09-20 14:30 -------- d-----w- c:\windows\system32\Futuremark
2009-09-20 14:30 . 2009-09-20 14:30 -------- d-----w- c:\program files\Fichiers communs\Futuremark Shared

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-19 20:26 . 2004-08-05 12:00 71488 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-19 20:26 . 2004-08-05 12:00 458648 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-19 20:24 . 2008-06-24 19:15 -------- d-----w- c:\documents and settings\Nico\Application Data\Xfire
2009-10-19 19:40 . 2008-06-24 19:22 139904 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-10-19 19:40 . 2008-06-24 19:22 189744 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-19 18:22 . 2008-06-24 18:18 -------- d-----w- c:\documents and settings\Nico\Application Data\mIRC
2009-10-19 17:47 . 2008-06-24 18:18 -------- d-----w- c:\program files\mIRC
2009-10-18 14:22 . 2008-06-30 16:33 -------- d-----w- c:\documents and settings\Nico\Application Data\BitTorrent
2009-10-17 21:12 . 2008-06-30 14:40 -------- d-----w- c:\documents and settings\Nico\Application Data\LimeWire
2009-10-17 08:56 . 2008-06-18 14:27 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-10-17 08:39 . 2009-01-22 17:22 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-16 22:55 . 2008-06-25 14:09 -------- d-----w- c:\program files\Java
2009-10-16 15:35 . 2009-02-18 21:35 -------- d-----w- c:\program files\LimeWire
2009-10-15 19:37 . 2008-06-24 19:15 -------- d-----w- c:\program files\Xfire
2009-10-10 14:46 . 2008-07-31 13:04 -------- d-----w- c:\documents and settings\Camille\Application Data\Image Zone Express
2009-10-10 12:17 . 2008-06-24 18:17 -------- d-----w- c:\documents and settings\Nico\Application Data\teamspeak2
2009-10-08 17:37 . 2008-12-16 17:59 -------- d-----w- c:\program files\Wolfenstein - 2.6AB
2009-10-05 19:12 . 2008-11-08 17:32 -------- d-----w- c:\documents and settings\Nico\Application Data\Mumble
2009-10-02 21:02 . 2008-12-12 12:41 -------- d-----w- c:\program files\Wolfenstein - 2.6B
2009-09-22 15:45 . 2008-06-30 22:43 -------- d-----w- c:\program files\eMule
2009-09-20 19:40 . 2008-11-05 09:08 -------- d-----w- c:\program files\SystemRequirementsLab
2009-09-20 19:36 . 2008-11-05 09:08 -------- d-----w- c:\documents and settings\Nico\Application Data\SystemRequirementsLab
2009-09-20 14:30 . 2008-06-18 13:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-19 22:53 . 2008-08-01 21:23 -------- d-----w- c:\documents and settings\All Users\Application Data\TrackMania
2009-09-13 13:27 . 2009-07-17 16:41 -------- d-----w- c:\documents and settings\Nico\Application Data\HLSW
2009-09-13 09:38 . 2008-06-27 16:17 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-09 14:32 . 2008-06-23 16:40 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
2009-09-03 17:42 . 2009-09-03 17:42 -------- d-----w- c:\program files\BooBooDemoPlayer
2009-08-23 13:54 . 2008-08-01 21:21 -------- d-----w- c:\program files\TmNationsForever
2009-08-21 18:06 . 2008-12-31 16:52 -------- d-----w- c:\documents and settings\Nico\Application Data\dvdcss
2009-08-17 16:10 . 2008-06-30 23:02 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2008-06-30 23:02 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-08-17 16:06 . 2008-06-30 23:02 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-08-17 16:05 . 2008-06-30 23:02 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2008-06-30 23:02 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:04 . 2008-06-30 23:02 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2008-06-30 23:02 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:03 . 2008-06-30 23:02 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-08-17 16:02 . 2008-06-30 23:02 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-08-07 23:19 . 2009-03-14 00:34 22328 ----a-w- c:\documents and settings\Nico\Application Data\PnkBstrK.sys
2009-08-07 23:19 . 2009-03-14 00:34 682280 ----a-w- c:\windows\system32\pbsvc.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-17 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-09-17 1657376]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-11-22 16858112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe,c:\windows\system32\msybqp32.exe,"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Wolfenstein - 2.6B\\ET.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"c:\\Program Files\\Wolfenstein - 2.55\\ET.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\Wolfenstein - 2.6AB\\ET.exe"=
"c:\\Documents and Settings\\Nico\\Bureau\\freezer.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2009\\PCM.exe"=
"c:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2009\\Autorun\\Exe\\Autorun.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\Return to Castle Wolfenstein\\WolfMP.exe"=
"c:\\Documents and Settings\\Nico\\Mes documents\\My Downloads\\Wolf2MP.exe"=
"c:\\Documents and Settings\\Nico\\Mes documents\\My Downloads\\Wolf2MPLite.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\WLInstaller\\vmmonitor.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6881:UDP"= 6881:UDP:Bittorrent_udp
"6881:TCP"= 6881:TCP:bittorrent_tcp

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)

R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [13/07/2009 00:56 3033712]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [01/07/2008 01:02 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [01/07/2008 01:02 20560]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [16/09/2008 13:03 169312]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]
S3 Amps2prt;Compatible PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [19/04/2007 15:45 14336]
S3 cpuz130;cpuz130;\??\c:\docume~1\Nico\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Nico\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 216232]
.
Contenu du dossier 'Tâches planifiées'

2009-09-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.sfr.fr/kit/adsl/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
Trusted Zone: localhost
FF - ProfilePath - c:\documents and settings\Nico\Application Data\Mozilla\Firefox\Profiles\6gwspdjs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&SearchSource=3&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&SearchSource=2&q=
FF - plugin: c:\documents and settings\Nico\Application Data\Mozilla\Firefox\Profiles\6gwspdjs.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-19 22:36
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1801674531-2052111302-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:7b,0d,d0,2d,8d,cf,85,96,c1,2f,8b,5b,f8,a2,72,ea,8e,da,3e,3a,b5,
8c,4e,89,89,c5,07,4a,1a,d8,ed,07,83,31,cd,b2,74,ac,90,64,2a,59,14,1d,22,3c,\
"rkeysecu"=hex:ec,f5,ca,6e,4a,d0,9d,0d,68,c5,15,dd,91,bf,05,b6
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(4488)
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2009-10-19 22:39
ComboFix-quarantined-files.txt 2009-10-19 20:39

Avant-CF: 133 203 554 304 octets libres
Après-CF: 134 528 389 120 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - DAA31036D0E3E76578D80ED6078038B7

Non pas vraiment , j'avais changer pour antivir ( que je trouvé mieu ) mais ca buger pour les mises a jour , alors j'ai repris avast !

Tu me conseille quoi ?

Mais tu me conseille quel antivirus toi !?

C'est bon j'ai installer antivirus et mis a jour

Tu me conseille de tester quoi maintenant !?

J'ai fait un scan , j'ai pecho 6 virus !

j'ai fait reparer !


Voila le screen :

http://img33.imageshack.us/img33/8586/sanstitrebw.png


Dit moi ce que t'en pense !

(j'ai vu qu'il y avait un virus qui venait de photoshop ! )

Le PC va mieu !

je te fais signe si je vois quelque bug encore !

Plus aucun problemes !