Virus virus virus

Bonjour,

Désinstalle Search Settings.

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Enfin je te fai un copier colilier du fichier log tout d'abord:


Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Propriétaire at 2009-11-30 21:27:36
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 8 GB (6%) free of 146 GB
Total RAM: 510 MB (10% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:28:37, on 30/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\AOL 9.0 VR\waol.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL 9.0c\aoltray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\AOL 9.0 VR\shellmon.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\HP_Propriétaire.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://media.fastclick.net/w/safepop.cgi?cid=198591&mid...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0 VR\AOL.EXE" -b
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0c\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC183C74-FAE3-4314-9204-47FCB38FD287}: NameServer = 84.103.237.145 86.64.145.145
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Service Google Update (gupdate1ca6e2c5efbd28d) (gupdate1ca6e2c5efbd28d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

--
End of file - 11654 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\NSSstub.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-07-31 698880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2009-11-10 395216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2005-01-03 716800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\kb128\SearchSettings.dll [2009-07-29 1153024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2005-01-03 716800]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-07-31 698880]
{4982D40A-C53B-4615-B15B-B5B5E98D167C}
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2009-11-10 395216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-14 149280]
"hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-08-02 7110656]
"nwiz"=nwiz.exe /installquiet /keeploaded /nodetect []
"HPHUPD08"=c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [2005-06-02 49152]
"KBD"=C:\HP\KBD\KBD.EXE [2005-02-03 61440]
"Home Theater SchSvr"=C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe [2005-07-18 106496]
"WINREMOTE"=C:\Program Files\InterVideo\Common\Bin\WinRemote.exe [2005-07-18 262144]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 233472]
"AlcxMonitor"=C:\WINDOWS\ALCXMNTR.EXE [2004-09-07 57344]
"PS2"=C:\WINDOWS\system32\ps2.exe [2004-10-25 90112]
"LSBWatcher"=c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2005-05-11 253952]
"Reminder"=C:\Windows\Creator\Remind_XP.exe [2004-12-14 663552]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPwuSchd2.exe [2005-05-12 49152]
"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2009-07-29 1024512]
"LogitechCommunicationsManager"=C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2007-03-06 488984]
""= []
"LogitechQuickCamRibbon"=C:\Program Files\Labtec\WebCam10\WebCam10.exe [2007-03-06 1060376]
"AOLSAV"=C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe [2004-03-15 73728]
"AOLDialer"=C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe [2004-04-08 496752]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2009-03-19 778240]
"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2009-11-18 1243088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AOL Fast Start"=C:\Program Files\AOL 9.0 VR\AOL.EXE [2007-06-21 50480]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
AOL 9.0 Icône AOL.lnk - C:\Program Files\AOL 9.0c\aoltray.exe
AOL Compagnon.lnk - C:\Program Files\AOL Compagnon\companion.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL France"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\AOL 9.0c\waol.exe"="C:\Program Files\AOL 9.0c\waol.exe:*:Enabled:AOL"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%ProgramFiles%\iTunes\iTunes.exe"="%ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\AOL 9.0c\waol.exe"="C:\Program Files\AOL 9.0c\waol.exe:*:Enabled:AOL"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05dc4712-d117-11de-ad7a-0013d3b05a6f}]
shell\AutoRun\command - J:\AOL.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{67b1aaba-d86f-11de-ad8a-000e500425c4}]
shell\AutoRun\command - J:\RECYCLER\usbassist.exe
shell\opEN\command - J:\RECYCLER\usbassist.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{726eac10-d12e-11de-ad7b-000e500425c4}]
shell\AutoRun\command - J:\B.EXE


======List of files/folders created in the last 1 months======

2009-11-30 21:27:36 ----D---- C:\rsit
2009-11-30 20:11:15 ----D---- C:\Program Files\Trend Micro
2009-11-30 20:02:22 ----A---- C:\WINDOWS\SGDetectionTool.dll
2009-11-30 20:02:22 ----A---- C:\WINDOWS\BDTSupport.dll
2009-11-30 20:02:21 ----A---- C:\WINDOWS\PCTBDRes.dll
2009-11-30 20:02:21 ----A---- C:\WINDOWS\PCTBDCore.dll
2009-11-30 20:01:13 ----D---- C:\Program Files\Spyware Doctor
2009-11-30 20:01:13 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-11-30 20:01:13 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\PC Tools
2009-11-30 20:01:13 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2009-11-29 16:23:32 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\HPQ
2009-11-29 13:47:26 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\BitDefender
2009-11-29 13:46:43 ----D---- C:\Program Files\BitDefender
2009-11-29 13:46:43 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
2009-11-29 13:38:06 ----D---- C:\Program Files\Fichiers communs\BitDefender
2009-11-28 06:04:19 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\WinRAR
2009-11-26 01:16:54 ----D---- C:\Program Files\Full Pack Codecs
2009-11-26 01:16:11 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-11-25 21:01:03 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Sonic
2009-11-25 21:00:38 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Leadertech
2009-11-25 20:36:06 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2009-11-25 20:36:05 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-11-25 20:36:03 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-11-25 20:35:50 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\TuneUp Software
2009-11-25 20:34:47 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-11-25 20:34:08 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-11-25 19:17:47 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Mozilla
2009-11-25 19:17:28 ----D---- C:\Program Files\Mozilla Firefox
2009-11-24 00:59:38 ----D---- C:\Program Files\Lavasoft
2009-11-24 00:59:36 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-11-21 04:55:41 ----D---- C:\Program Files\Runes of Magic
2009-11-19 00:19:03 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\FOG Downloader
2009-11-18 10:28:23 ----D---- C:\WINDOWS\system32\Adobe
2009-11-16 22:50:10 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\You've Got Pictures Screensaver
2009-11-16 22:50:03 ----A---- C:\WINDOWS\system32\shdocvw.bak
2009-11-16 22:49:28 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-11-16 22:49:24 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-11-16 22:49:24 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-11-16 22:49:23 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-11-16 22:48:51 ----A---- C:\WINDOWS\system32\jgdwmie.dll
2009-11-16 22:48:50 ----A---- C:\WINDOWS\system32\roboex32.dll
2009-11-16 22:48:50 ----A---- C:\WINDOWS\system32\Inetwh32.dll
2009-11-16 22:48:28 ----A---- C:\WINDOWS\system32\AOLDial.dll
2009-11-16 22:48:05 ----D---- C:\Program Files\AOL 9.0c
2009-11-16 22:44:37 ----D---- C:\Program Files\TechCity Solutions
2009-11-14 23:54:03 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\DivX
2009-11-14 18:07:58 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\HP
2009-11-14 15:46:13 ----RSHD---- C:\cmdcons
2009-11-14 15:24:54 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Search Settings
2009-11-14 15:24:53 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Dealio
2009-11-14 15:19:09 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-14 15:19:09 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-14 15:19:09 ----A---- C:\WINDOWS\system32\java.exe
2009-11-14 14:58:49 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-11-14 14:45:35 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Sun
2009-11-14 14:45:08 ----D---- C:\Program Files\TubeMaster++
2009-11-14 14:40:23 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Adobe
2009-11-14 14:39:26 ----D---- C:\Program Files\Search Settings
2009-11-14 14:39:16 ----D---- C:\Program Files\Dealio Toolbar
2009-11-14 14:38:11 ----D---- C:\WINDOWS\system32\custom matrices
2009-11-14 14:38:02 ----D---- C:\WINDOWS\system32\C2MP
2009-11-14 14:27:32 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\GRETECH
2009-11-14 14:04:34 ----A---- C:\WINDOWS\system32\stci.dll
2009-11-14 13:14:28 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\AOL
2009-11-14 13:14:27 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Macromedia
2009-11-14 13:12:49 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-11-14 13:11:18 ----ASH---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\desktop.ini
2009-11-14 13:11:11 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Symantec
2009-11-14 13:11:11 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\SampleView
2009-11-14 13:11:11 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Microsoft
2009-11-14 13:11:11 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Intervideo
2009-11-14 13:11:11 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Identities
2009-11-14 13:11:11 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Apple Computer
2009-11-14 01:47:28 ----A---- C:\WINDOWS\system32\divx_xx16.dll
2009-11-14 01:47:28 ----A---- C:\WINDOWS\system32\divx_xx11.dll
2009-11-14 01:47:28 ----A---- C:\WINDOWS\system32\divx_xx0c.dll
2009-11-14 01:47:28 ----A---- C:\WINDOWS\system32\divx_xx0a.dll
2009-11-14 01:47:28 ----A---- C:\WINDOWS\system32\divx_xx07.dll
2009-11-14 01:47:28 ----A---- C:\WINDOWS\system32\DivX.dll
2009-11-13 03:43:44 ----A---- C:\hkst6r78oh108.bat
2009-11-13 00:12:18 ----A---- C:\WINDOWS\irc.txt
2009-11-11 12:23:58 ----A---- C:\jklry54c108.bat
2009-11-10 16:56:23 ----A---- C:\tf67tijhwex108.bat
2009-11-09 17:40:58 ----A---- C:\seg5ywfxwx108.bat
2009-11-08 05:38:58 ----A---- C:\dfuj4y54hscv108.bat
2009-11-07 19:57:07 ----D---- C:\Program Files\Windows Live SkyDrive

======List of files/folders modified in the last 1 months======

2009-11-30 21:28:11 ----D---- C:\WINDOWS\Prefetch
2009-11-30 21:27:57 ----D---- C:\WINDOWS\Temp
2009-11-30 21:17:05 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-11-30 21:10:06 ----A---- C:\WINDOWS\win.ini
2009-11-30 21:02:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-30 20:39:03 ----D---- C:\WINDOWS\system32\drivers
2009-11-30 20:11:15 ----D---- C:\Program Files
2009-11-30 20:02:23 ----D---- C:\WINDOWS
2009-11-30 20:02:04 ----SHD---- C:\WINDOWS\Installer
2009-11-30 20:02:04 ----SHD---- C:\Config.Msi
2009-11-30 20:01:59 ----D---- C:\WINDOWS\WinSxS
2009-11-30 20:01:13 ----D---- C:\Program Files\Fichiers communs
2009-11-30 16:29:56 ----D---- C:\WINDOWS\system32
2009-11-30 14:05:35 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-11-30 13:52:23 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-30 13:01:56 ----SHD---- C:\System Volume Information
2009-11-30 13:01:56 ----D---- C:\WINDOWS\system32\Restore
2009-11-30 12:30:36 ----D---- C:\Program Files\RelevantKnowledge
2009-11-29 17:11:14 ----D---- C:\WINDOWS\Minidump
2009-11-29 13:49:03 ----D---- C:\Program Files\Symantec
2009-11-29 13:44:37 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-11-29 13:41:57 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-11-29 13:39:15 ----D---- C:\WINDOWS\Tasks
2009-11-27 21:57:40 ----D---- C:\WINDOWS\Help
2009-11-26 01:16:24 ----D---- C:\Program Files\DivX
2009-11-26 01:15:28 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-11-26 01:08:32 ----D---- C:\Program Files\Google
2009-11-25 20:42:59 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-11-25 20:42:58 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-11-25 20:42:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$
2009-11-25 20:42:55 ----AHDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-11-25 20:42:52 ----AHDC---- C:\WINDOWS\$NtUninstallKB893066$
2009-11-25 20:42:49 ----AHDC---- C:\WINDOWS\$NtUninstallKB896422$
2009-11-25 20:42:19 ----HDC---- C:\WINDOWS\$NtUninstallKB917159$
2009-11-25 20:42:17 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP10$
2009-11-25 20:41:54 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-11-25 20:41:46 ----HDC---- C:\WINDOWS\$NtUninstallKB925486$
2009-11-25 20:41:24 ----HDC---- C:\WINDOWS\$NtUninstallKB929969$
2009-11-25 20:41:17 ----HDC---- C:\WINDOWS\$NtUninstallKB931836$
2009-11-25 20:41:15 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
2009-11-25 20:41:11 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-11-25 20:41:09 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-11-25 20:41:05 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-11-25 20:41:04 ----HDC---- C:\WINDOWS\$NtUninstallKB941644$
2009-11-25 20:41:04 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-11-25 20:41:00 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2009-11-25 20:40:49 ----HDC---- C:\WINDOWS\$NtUninstallKB946627$
2009-11-25 20:40:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-11-25 20:40:25 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-11-25 20:40:25 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-11-25 20:40:24 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-11-25 20:40:16 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-11-25 20:40:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-11-25 20:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-11-25 20:40:10 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-11-25 20:40:08 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-11-25 20:40:05 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-11-25 20:40:05 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-11-25 20:39:45 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-11-25 20:36:07 ----D---- C:\WINDOWS\system32\config
2009-11-25 20:16:27 ----D---- C:\Program Files\QuickTime
2009-11-25 20:12:50 ----D---- C:\Program Files\Fichiers communs\Apple
2009-11-25 12:30:32 ----D---- C:\Program Files\AOL Compagnon
2009-11-25 12:20:56 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-24 10:37:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-11-24 10:33:31 ----HD---- C:\WINDOWS\inf
2009-11-24 10:33:30 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-24 00:58:52 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-11-24 00:50:18 ----A---- C:\WINDOWS\WININIT.INI
2009-11-19 21:13:02 ----D---- C:\WINDOWS\Debug
2009-11-19 21:10:57 ----D---- C:\Program Files\CCleaner
2009-11-19 11:22:43 ----D---- C:\Program Files\Fichiers communs\Designer
2009-11-19 11:21:34 ----RSD---- C:\WINDOWS\Fonts
2009-11-18 21:53:14 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-11-18 11:41:01 ----D---- C:\Program Files\Microsoft Works
2009-11-16 22:50:16 ----AC---- C:\WINDOWS\aolback.exe.lnk
2009-11-16 22:50:09 ----SD---- C:\WINDOWS\occache
2009-11-16 22:49:58 ----D---- C:\Program Files\AOL Toolbar
2009-11-16 22:48:56 ----D---- C:\Program Files\Fichiers communs\aolshare
2009-11-16 22:48:52 ----D---- C:\Program Files\Fichiers communs\AOL
2009-11-16 22:48:05 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2009-11-16 22:02:29 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-14 21:00:08 ----D---- C:\WINDOWS\system
2009-11-14 20:59:46 ----D---- C:\WINDOWS\I386
2009-11-14 20:57:47 ----D---- C:\Program Files\Windows NT
2009-11-14 20:57:44 ----D---- C:\Program Files\Windows Media Player
2009-11-14 20:57:44 ----D---- C:\Program Files\Outlook Express
2009-11-14 20:57:44 ----D---- C:\Program Files\NetMeeting
2009-11-14 20:57:43 ----D---- C:\Program Files\Fichiers communs\Services
2009-11-14 20:57:41 ----D---- C:\WINDOWS\system32\wbem
2009-11-14 20:57:37 ----D---- C:\WINDOWS\system32\ras
2009-11-14 20:57:34 ----D---- C:\WINDOWS\system32\oobe
2009-11-14 20:57:26 ----D---- C:\WINDOWS\system32\icsxml
2009-11-14 20:57:26 ----D---- C:\WINDOWS\system32\ias
2009-11-14 20:56:53 ----D---- C:\WINDOWS\system32\Setup
2009-11-14 20:56:49 ----D---- C:\WINDOWS\system32\Com
2009-11-14 20:56:48 ----D---- C:\WINDOWS\srchasst
2009-11-14 20:56:47 ----RD---- C:\WINDOWS\Web
2009-11-14 20:56:47 ----D---- C:\WINDOWS\Media
2009-11-14 20:56:47 ----D---- C:\WINDOWS\addins
2009-11-14 20:56:35 ----D---- C:\WINDOWS\Cursors
2009-11-14 20:56:19 ----RSD---- C:\WINDOWS\assembly
2009-11-14 18:06:06 ----D---- C:\WINDOWS\system32\dllcache
2009-11-14 18:03:13 ----HD---- C:\hp
2009-11-14 15:46:40 ----SH---- C:\boot.ini
2009-11-14 15:46:13 ----AC---- C:\WINDOWS\UPGRADE.TXT
2009-11-14 15:46:11 ----D---- C:\WINDOWS\setup.pss
2009-11-14 15:42:58 ----D---- C:\WINDOWS\security
2009-11-14 15:41:16 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-11-14 15:28:37 ----D---- C:\Program Files\WinRAR
2009-11-14 15:18:46 ----D---- C:\Program Files\Java
2009-11-14 15:17:21 ----D---- C:\Program Files\WinPcap
2009-11-14 14:04:32 ----D---- C:\Program Files\Thomson
2009-11-14 14:03:16 ----D---- C:\WINDOWS\system32\FxsTmp
2009-11-14 13:24:51 ----SHD---- C:\RECYCLER
2009-11-14 13:21:10 ----D---- C:\Program Files\Easy Internet signup
2009-11-14 13:16:42 ----D---- C:\Program Files\AOL 9.0b
2009-11-14 13:14:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-14 13:11:08 ----D---- C:\Documents and Settings
2009-11-14 13:09:29 ----SH---- C:\BOOT.BAK
2009-11-14 13:09:11 ----D---- C:\WINDOWS\Registration
2009-11-14 13:07:17 ----A---- C:\WINDOWS\system.ini
2009-11-14 04:08:21 ----D---- C:\Program Files\YouTUBE (TM) movie downloader
2009-11-14 04:08:20 ----D---- C:\Program Files\Xvid
2009-11-14 04:07:53 ----D---- C:\Program Files\Warcraft IIIa
2009-11-14 04:07:43 ----D---- C:\Program Files\VirtualDJ
2009-11-14 04:07:40 ----D---- C:\Program Files\UltimateZip 2007
2009-11-14 04:06:35 ----D---- C:\Program Files\Shareaza
2009-11-14 04:05:46 ----D---- C:\Program Files\SecondLife
2009-11-14 04:03:41 ----D---- C:\Program Files\PC Connectivity Solution
2009-11-14 04:01:55 ----D---- C:\Program Files\Navirad_UserTool
2009-11-14 04:01:45 ----D---- C:\Program Files\MSN Reaper
2009-11-14 03:58:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-14 03:56:15 ----D---- C:\Program Files\IZArc
2009-11-14 03:48:58 ----D---- C:\Program Files\D-Tools
2009-11-14 03:48:58 ----D---- C:\Program Files\CamStudio
2009-11-14 03:48:36 ----D---- C:\Program Files\avinst
2009-11-14 03:46:59 ----D---- C:\Program Files\AC3Filter
2009-11-14 03:46:53 ----D---- C:\Program Files\a-squared Anti-Malware
2009-11-14 03:46:00 ----D---- C:\Garmin
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\VXBLOCK.dll
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\PxWave.dll
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\PxSFS.DLL
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\PxMas.dll
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\Px.dll
2009-11-13 03:24:30 ----A---- C:\WINDOWS\lvkosd.ini
2009-11-07 19:56:33 ----D---- C:\Program Files\Windows Live
2009-11-07 19:35:18 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2009-11-07 19:11:09 ----D---- C:\Program Files\Windows Live Toolbar

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-07-27 2786176]
R3 alcan5ln;SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS); C:\WINDOWS\system32\DRIVERS\alcan5ln.sys [2003-12-08 36256]
R3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-20 2317696]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 ATWPKT2;ATWPKT2; \??\C:\PROGRA~1\FICHIE~1\AOL\ACS\ATWPKT2.SYS []
R3 bdfm;BDFM; C:\WINDOWS\system32\drivers\bdfm.sys [2009-11-30 146312]
R3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys [2009-04-06 266376]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys []
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2005-03-07 14408]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2007-03-06 41376]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-08-02 3199328]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2007-03-06 491168]
R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-07-04 26624]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-04 607452]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-03-06 1669664]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-03-06 2261792]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-04 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-05 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 PsSdk31;PsSdk31; \??\C:\WINDOWS\system32\Drivers\pssdk31.drv []
S3 PsSdkLBF;PsSdkLBF; \??\C:\WINDOWS\system32\Drivers\pssdklbf.drv []
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe [2009-11-10 112592]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-14 153376]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2009-04-29 419096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-08-02 127043]
R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-10-30 359624]
R2 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-11-06 1141712]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-11-25 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2009-04-21 1631512]
S2 gupdate1ca6e2c5efbd28d;Service Google Update (gupdate1ca6e2c5efbd28d); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-26 133104]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-03-06 105248]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-05 268800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPodService;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2005-05-05 327680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 scan;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-11-25 360192]

-----------------EOF-----------------





Ensuite voila la copie de info:



info.txt logfile of random's system information tool 1.06 2009-11-30 21:28:49

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{1A91D1FA-B9B3-4556-9878-5C61059A19B2}\setup.exe" REMOVEALL
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{89AD2814-AFA2-46AF-AE53-C27196D9FBE6}\setup.exe" REMOVEALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAA4CCCE-78DB-47B0-A651-68270D838BD4}\setup.exe" REMOVEALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
AOL (France)-->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
AOL Auto-diagnostic-->C:\Program Files\TechCity Solutions\AOLSAV\uninstall.exe
AOL Coach Version 1.0(Build:20040229.1 fr)-->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
AOL Toolbar-->"C:\Program Files\AOL Toolbar\UNWISE.EXE" /u "C:\Program Files\AOL Toolbar\INSTALL.LOG"
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
BitDefender Free Edition 2009-->MsiExec.exe /X{44B436FA-FB33-4B24-8AD1-D8C9A50474E9}
Browser Defender 2.0.6.11-->"C:\Program Files\Spyware Doctor\BDT\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Dealio Toolbar v4.0.1-->MsiExec.exe /X{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Plus Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Ecran de veille AOL Photos-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
Full Pack Codecs-->C:\Program Files\Full Pack Codecs\uninst.exe
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.33\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Appareils photos Photosmart 5.0-->C:\Program Files\HP\Digital Imaging\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Image Zone 5.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Multimedia Keyboard Software-->C:\HP\KBD\KBD.EXE uninstalled
HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
InterVideo Home Theater-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7514465-E5F3-48E9-A952-327DAEF33DE6}\setup.exe" REMOVEALL
InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{523E6F2A-2D59-4D91-90E8-6C49931C9F50}
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014F0}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Labtec WebCam-->MsiExec.exe /X{995BF1A7-30E5-49E5-A0E4-AD3213D9E330}
LastChaosFRA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC431AE0-60DC-451B-A7A9-FBBC2BE5E86F}\setup.exe" -l0x9 -removeonly
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Logitech Audio Echo Cancellation Component-->MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech Video Enumerator-->MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Media Player Codec Pack 3.9.0-->C:\WINDOWS\system32\C2MP\Uninst.exe
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Module de connectivité AOL-->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
muvee autoProducer 4.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C3D719A-92C7-4323-89CC-C937D0267B84}\setup.exe" -l0x40c
MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PC-Doctor 5 for Windows-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{AB61A692-5543-4C48-979B-8CEA1C52FE9C} /l1036
Programme de gestion Camera de Labtec®-->"C:\Program Files\Fichiers communs\Labtec\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
RealPlayer Basic-->C:\Program Files\Fichiers communs\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Runes of Magic-->"C:\Program Files\Runes of Magic\unins000.exe"
Search Settings 1.2.2-->MsiExec.exe /X{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SpeedTouch USB Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\setup.exe" /l040c -Control_Panel
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Doctor 7.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe

======System event log======

Computer Name: NOM-EB85C523610
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Symantec Network Drivers Service.

Record Number: 197
Source Name: Service Control Manager
Time Written: 20091114184445.000000+060
Event Type: Informations
User: NOM-EB85C523610\HP_Propriétaire

Computer Name: NOM-EB85C523610
Event Code: 1007
Message: Votre ordinateur a automatiquement configuré l'adresse IP pour la
carte avec l'adresse réseau 000E500425C4. L'adresse IP utilisée est 169.254.57.92.

Record Number: 196
Source Name: Dhcp
Time Written: 20091114184424.000000+060
Event Type: Avertissement
User:

Computer Name: NOM-EB85C523610
Event Code: 7036
Message: Le service iPod Service est entré dans l'état : en cours d'exécution.

Record Number: 195
Source Name: Service Control Manager
Time Written: 20091114184359.000000+060
Event Type: Informations
User:

Computer Name: NOM-EB85C523610
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service iPod Service.

Record Number: 194
Source Name: Service Control Manager
Time Written: 20091114184359.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 7036
Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté.

Record Number: 193
Source Name: Service Control Manager
Time Written: 20091114184350.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: NOM-EB85C523610
Event Code: 1
Message:
Record Number: 5
Source Name: ccEvtMgr
Time Written: 20091114131129.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 26
Message:
Record Number: 4
Source Name: ccEvtMgr
Time Written: 20091114131126.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 1
Message:
Record Number: 3
Source Name: ccSetMgr
Time Written: 20091114131123.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 26
Message:
Record Number: 2
Source Name: ccSetMgr
Time Written: 20091114131111.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 26
Message:
Record Number: 1
Source Name: ccProxy
Time Written: 20091114131110.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

=====Security event log=====

Computer Name: NOM-EB85C523610
Event Code: 529
Message: Échec de l'ouverture de session :

Raison : Nom d'utilisateur inconnu ou mot de passe incorrect

Nom de l'utilisateur : ADMINISTRATOR

Domaine :

Type de session : 3

Processus d'ouv. de session : NtLmSsp

Package d'authentification : MICROSOFT_AUTHENTICATION_PACKAGE_V1_0

Nom de station de travail : \\87.21.251.83

Record Number: 2351
Source Name: Security
Time Written: 20091129013852.000000+060
Event Type: Échec de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 529
Message: Échec de l'ouverture de session :

Raison : Nom d'utilisateur inconnu ou mot de passe incorrect

Nom de l'utilisateur : ADMINISTRATOR

Domaine :

Type de session : 3

Processus d'ouv. de session : NtLmSsp

Package d'authentification : MICROSOFT_AUTHENTICATION_PACKAGE_V1_0

Nom de station de travail : \\87.21.251.83

Record Number: 2350
Source Name: Security
Time Written: 20091129013845.000000+060
Event Type: Échec de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 529
Message: Échec de l'ouverture de session :

Raison : Nom d'utilisateur inconnu ou mot de passe incorrect

Nom de l'utilisateur : ADMINISTRATOR

Domaine :

Type de session : 3

Processus d'ouv. de session : NtLmSsp

Package d'authentification : MICROSOFT_AUTHENTICATION_PACKAGE_V1_0

Nom de station de travail : \\87.21.251.83

Record Number: 2349
Source Name: Security
Time Written: 20091129013838.000000+060
Event Type: Échec de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 529
Message: Échec de l'ouverture de session :

Raison : Nom d'utilisateur inconnu ou mot de passe incorrect

Nom de l'utilisateur : ADMINISTRATOR

Domaine :

Type de session : 3

Processus d'ouv. de session : NtLmSsp

Package d'authentification : MICROSOFT_AUTHENTICATION_PACKAGE_V1_0

Nom de station de travail : \\87.21.251.83

Record Number: 2348
Source Name: Security
Time Written: 20091129013831.000000+060
Event Type: Échec de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 529
Message: Échec de l'ouverture de session :

Raison : Nom d'utilisateur inconnu ou mot de passe incorrect

Nom de l'utilisateur : ADMINISTRATOR

Domaine :

Type de session : 3

Processus d'ouv. de session : NtLmSsp

Package d'authentification : MICROSOFT_AUTHENTICATION_PACKAGE_V1_0

Nom de station de travail : \\87.21.251.83

Record Number: 2347
Source Name: Security
Time Written: 20091129013823.000000+060
Event Type: Échec de l'audit
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\DivX Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Désinstalle Dealio Toolbar.

Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

Double-clique sur UsbFix pour l'exécuter.

Choisis l'option 1 (Recherche).

Laisse travailler l'outil.

Poste le rapport UsbFix.txt.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

Voila le rapport Usbfix:





############################## | UsbFix V6.058 |

User : HP_Propriétaire (Administrateurs) # NOM-EB85C523610
Update on 26/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 22:10:54 | 30/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 Processor 3200+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Windows Firewall Status : Disabled

A:\ -> Lecteur de disquettes 3 ½ pouces # 1,39 Mo (0,85 Mo free) # FAT
C:\ -> Disque fixe local # 143,04 Go (8,12 Go free) # NTFS
D:\ -> Disque fixe local # 5,99 Go (1,77 Go free) [HP_RECOVERY] # FAT32
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible # 981,72 Mo (663,34 Mo free) [MEMUP] # FAT

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 596
C:\WINDOWS\system32\csrss.exe 960
C:\WINDOWS\system32\winlogon.exe 992
C:\WINDOWS\system32\services.exe 1052
C:\WINDOWS\system32\lsass.exe 1064
C:\WINDOWS\system32\svchost.exe 1228
C:\WINDOWS\system32\svchost.exe 1292
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe 1332
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe 1360
C:\WINDOWS\System32\svchost.exe 1492
C:\WINDOWS\system32\svchost.exe 1564
C:\WINDOWS\system32\svchost.exe 1660
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe 1824
C:\WINDOWS\Explorer.EXE 1884
C:\WINDOWS\system32\spoolsv.exe 512
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe 120
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe 640
C:\Program Files\Java\jre6\bin\jqs.exe 772
C:\WINDOWS\system32\nvsvc32.exe 1580
C:\Program Files\Spyware Doctor\pctsAuxs.exe 1732
C:\Program Files\Spyware Doctor\pctsSvc.exe 1876
C:\WINDOWS\system32\svchost.exe 920
C:\Program Files\Spyware Doctor\pctsTray.exe 940
C:\WINDOWS\System32\TUProgSt.exe 936
C:\WINDOWS\system32\wdfmgr.exe 1024
C:\WINDOWS\system32\wscntfy.exe 2964
C:\WINDOWS\system32\wbem\wmiapsrv.exe 2960
C:\WINDOWS\system32\wbem\wmiprvse.exe 3680
C:\Program Files\Java\jre6\bin\jusched.exe 2208
C:\windows\system\hpsysdrv.exe 3208
C:\HP\KBD\KBD.EXE 3224
C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe 1316
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe 3964
C:\WINDOWS\system32\rundll32.exe 4028
C:\WINDOWS\ALCXMNTR.EXE 208
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe 1704
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe 2104
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe 2152
C:\Program Files\Labtec\WebCam10\WebCam10.exe 2304
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe 2424
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe 644
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe 2688
C:\Program Files\AOL 9.0 VR\waol.exe 3196
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe 2320
C:\WINDOWS\system32\ctfmon.exe 3784
C:\Program Files\AOL 9.0c\aoltray.exe 388
C:\Program Files\AOL Compagnon\companion.exe 2064
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 1984
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe 2680
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe 3504
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe 3140
C:\Program Files\AOL 9.0 VR\shellmon.exe 3924
C:\Program Files\Mozilla Firefox\firefox.exe 4052
C:\WINDOWS\system32\msiexec.exe 1348
C:\WINDOWS\system32\wbem\wmiprvse.exe 2948

################## | Fichiers # Dossiers infectieux |

C:\WINDOWS\IDB.zip
C:\WINDOWS\UDB.zip
C:\jklry54c108.bat
D:\autorun.inf
J:\autorun.inf

################## | Registre # Clés infectieuses |


################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{05dc4712-d117-11de-ad7a-0013d3b05a6f}
Shell\AutoRun\command =J:\AOL.exe

HKCU\..\..\Explorer\MountPoints2\{60b2a0b2-d115-11de-ad79-806d6172696f}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

HKCU\..\..\Explorer\MountPoints2\{67b1aaba-d86f-11de-ad8a-000e500425c4}
Shell\AutoRun\command =J:\RECYCLER\usbassist.exe
Shell\opEN\CoMmanD =J:\RECYCLER\usbassist.exe

HKCU\..\..\Explorer\MountPoints2\{726eac10-d12e-11de-ad7b-000e500425c4}
Shell\AutoRun\command =J:\B.EXE

################## | Cracks / Keygens / Serials |

"C:\Documents and Settings\HP_Propri‚taire.NOM-EB85C523610\Mes documents\Downloads\Jeux\Microsoft Office 2007 Pro Plus\Keygen Office 2007.rar"
-> contain : Keygen Office 2007.exe


################## | ! Fin du rapport # UsbFix V6.058 ! |

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

Double-clique sur UsbFix présent sur ton Bureau pour le lancer.

Choisis l'option 2 (Suppression).

Ton Bureau disparaîtra et le PC redémarrera.

Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.

Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

je voi kun fichier zip là é ocune page c affiché pr ton rapport ou est il???

Regarde dans ton disque dur C.

c bon g trouvé

voila le rapport


############################## | UsbFix V6.058 |

User : HP_Propriétaire (Administrateurs) # NOM-EB85C523610
Update on 26/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 22:54:21 | 30/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 Processor 3200+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Windows Firewall Status : Enabled

A:\ -> Lecteur de disquettes 3 ½ pouces # 1,39 Mo (0,85 Mo free) # FAT
C:\ -> Disque fixe local # 143,04 Go (8,11 Go free) # NTFS
D:\ -> Disque fixe local # 5,99 Go (1,77 Go free) [HP_RECOVERY] # FAT32
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible # 981,72 Mo (663,34 Mo free) [MEMUP] # FAT

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 1000
C:\WINDOWS\system32\csrss.exe 1132
C:\WINDOWS\system32\winlogon.exe 1164
C:\WINDOWS\system32\services.exe 1232
C:\WINDOWS\system32\lsass.exe 1244
C:\WINDOWS\system32\svchost.exe 1420
C:\WINDOWS\system32\svchost.exe 1488
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe 1632
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe 1668
C:\WINDOWS\System32\svchost.exe 1808
C:\WINDOWS\system32\svchost.exe 1884
C:\WINDOWS\system32\svchost.exe 2020
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe 288
C:\WINDOWS\Explorer.EXE 416
C:\WINDOWS\system32\spoolsv.exe 1108
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe 1204
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe 1316
C:\Program Files\Java\jre6\bin\jqs.exe 1792
C:\WINDOWS\system32\nvsvc32.exe 792
C:\Program Files\Spyware Doctor\pctsAuxs.exe 876
C:\Program Files\Spyware Doctor\pctsSvc.exe 964
C:\WINDOWS\system32\svchost.exe 1996
C:\Program Files\Spyware Doctor\pctsTray.exe 2044
C:\WINDOWS\System32\TUProgSt.exe 2040
C:\WINDOWS\system32\wdfmgr.exe 200
C:\WINDOWS\system32\wbem\wmiprvse.exe 2384
C:\WINDOWS\system32\wscntfy.exe 3464
C:\WINDOWS\system32\wbem\wmiapsrv.exe 3468
C:\WINDOWS\System32\alg.exe 220

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\WINDOWS\IDB.zip
Supprimé ! C:\WINDOWS\UDB.zip
Supprimé ! C:\jklry54c108.bat
Supprimé ! D:\autorun.inf
Supprimé ! J:\autorun.inf

################## | Registre # Clés infectieuses |


################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{05dc4712-d117-11de-ad7a-0013d3b05a6f}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{60b2a0b2-d115-11de-ad79-806d6172696f}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{67b1aaba-d86f-11de-ad8a-000e500425c4}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{726eac10-d12e-11de-ad7b-000e500425c4}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[06/10/2008 20:30|--a------|881092] C:\0000005739.exe
[06/10/2008 18:51|--a------|2] C:\1481186053
[03/01/2005 04:51|--a------|50] C:\AUTOEXEC.BAT
[14/11/2009 13:09|---hs----|218] C:\BOOT.BAK
[14/11/2009 15:46|---hs----|298] C:\boot.ini
[05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin
[08/10/2008 20:43|--a------|0] C:\cleanup.txt
[05/08/2004 13:00|-r-hs----|263488] C:\cmldr
[07/11/2008 12:08|--a------|74] C:\CMLoader.log
[23/11/2004 22:21|--a------|0] C:\CONFIG.SYS
[08/10/2008 20:17|--a------|39] C:\CTJINI.INI
[08/11/2009 05:38|--a------|102] C:\dfuj4y54hscv108.bat
[09/09/2008 19:39|--a------|93] C:\gputest.txt
[?|?|?] C:\hiberfil.sys
[13/11/2009 03:43|--a------|102] C:\hkst6r78oh108.bat
[23/11/2004 22:21|-rahs----|0] C:\IO.SYS
[23/11/2004 22:21|--ahs----|864] C:\jdwjaw3o.sys
[30/12/2008 21:31|--a------|65535] C:\kdiue732.txt
[23/11/2004 22:21|-rahs----|0] C:\MSDOS.SYS
[05/08/2004 13:00|-rahs----|47564] C:\NTDETECT.COM
[05/08/2004 13:00|-rahs----|251712] C:\ntldr
[?|?|?] C:\pagefile.sys
[09/10/2008 03:33|--a------|1463] C:\rapport.txt
[09/11/2009 17:40|--a------|102] C:\seg5ywfxwx108.bat
[10/11/2009 16:56|--a------|102] C:\tf67tijhwex108.bat
[30/11/2009 23:06|--a------|4200] C:\UsbFix.txt
[08/10/2008 20:24|--a------|40] C:\WFCNAME.INI
[14/01/2008 19:08|--a------|2846] C:\xscan.txt
[28/07/2001 07:07|---hs----|0] D:\AUTOEXEC.BAT
[23/11/2004 17:48|---hs----|6] D:\BLOCK.RIN
[09/01/2002 20:52|---hs----|244] D:\BOOT.INI
[17/08/2001 10:26|---hs----|237728] D:\CMLDR
[28/07/2001 07:07|---hs----|0] D:\CONFIG.SYS
[10/09/2002 00:14|---hs----|100] D:\Desktop.ini
[10/09/2002 17:21|---hs----|7850] D:\Folder.htt
[30/04/2001 21:16|---hs----|14] D:\Graph
[30/11/2004 12:01|---hs----|73728] D:\Info.exe
[28/07/2001 07:07|---hs----|0] D:\IO.SYS
[11/10/2008 22:15|---hs----|946] D:\MASTER.LOG
[28/07/2001 07:07|---hs----|0] D:\MSDOS.SYS
[25/07/2001 23:00|---hs----|45124] D:\NTDETECT.COM
[11/10/2008 22:15|-r-hs----|26] D:\RCBoot.sys
[25/07/2001 23:00|---hs----|222880] D:\NTLDR
[10/09/2002 14:58|---hs----|181616] D:\protect.ed
[23/11/2004 17:39|---hs----|36] D:\SaveFile.Dir
[30/04/2001 21:16|---hs----|14] D:\SVGA
[02/01/2005 21:49|--ahs----|900] D:\USER
[08/02/2002 16:44|---hs----|88038] D:\Warning.bmp
[18/08/2001 16:00|---hs----|10] D:\WIN51
[22/01/2001 16:00|---hs----|11] D:\WIN51.B2
[25/07/2001 16:00|---hs----|11] D:\WIN51.RC1
[25/07/2001 21:47|---hs----|11] D:\WIN51.RC2
[18/08/2001 16:00|---hs----|10] D:\WIN51IC
[20/03/2001 16:00|---hs----|11] D:\WIN51IC.B2
[25/07/2001 16:00|---hs----|11] D:\WIN51IC.RC1
[25/07/2001 16:00|---hs----|11] D:\WIN51IC.RC2
[17/08/2001 16:00|---hs----|10] D:\WIN51IP
[22/01/2001 16:00|---hs----|11] D:\WIN51IP.B2
[25/07/2001 21:47|---hs----|11] D:\WIN51IP.RC2
[17/08/2001 14:17|---hs----|184] D:\WINBOM.INI
[01/02/2005 00:56|--ahs----|1552] D:\BATCH.LOG
[21/01/2004 10:27|--a------|450560] J:\AOL.exe
[13/04/2004 14:24|--a------|1003145] J:\Guide9.0.pdf

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# J:\autorun.inf -> Dossier créé par UsbFix.

################## | Suspect | http://www.virustotal.com |


################## | Cracks / Keygens / Serials |

"C:\Documents and Settings\HP_Propri‚taire.NOM-EB85C523610\Mes documents\Downloads\Jeux\Microsoft Office 2007 Pro Plus\Keygen Office 2007.rar"
-> contain : Keygen Office 2007.exe


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\HP_PRO~1.NOM\Bureau\UsbFix_Upload_Me_NOM-EB85C523610.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.058 ! |

Relance UsbFix et choisis l'option 5 pour le désinstaller.

Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)

Choisis la langue F pour français.

Au menu principal, choisis l'option L.

/!\ Laisse travailler l'outil /!\

Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

VOILA LE RAPPORT

.
======= RAPPORT D'AD-REMOVER 1.1.4.6_D | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 30.11.2009 à 22:59
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 0:03:46, 01/12/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: NOM-EB85C523610 | Utilisateur actuel: HP_Propri‚taire
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
C:\Program Files\RelevantKnowledge
C:\Program Files\Viewpoint ... ERREUR SUPPRESSION !!
C:\WINDOWS\tmlpcert2007
C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30EFBC20.pf

(!) -- Fichiers temporaires supprimés.

.
HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
HKLM\Software\Classes\TypeLib\{7D3F5DE4-E980-4407-A10F-9AC771ABAAE6}
HKLM\software\MetaStream
HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
HKLM\software\microsoft\windows\currentversion\uninstall\ViewpointMediaPlayer
HKLM\software\Viewpoint
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.5 [fr] *
.
Nom du profil: brc743fw.default (HP_Propri‚taire)
.
(HP_PRO~1.NOM, prefs.js) Browser.download.dir, C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau
(HP_PRO~1.NOM, prefs.js) Browser.download.lastDir, C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau
.
.
.
* Internet Explorer Version 6.0.2900.2180 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\HP_Propri‚taire\Application Data\Shareaza\Torrents\FM2009.9-2-0.Patch.and.Crack.rar.torrent
C:\Documents and Settings\HP_Propri‚taire\Application Data\Shareaza\Torrents\Football Manager 2009 CRACK FIXED.torrent
C:\Documents and Settings\HP_Propri‚taire\Application Data\Shareaza\Torrents\Football.Manager.2009.PROPER.CRACK.ONLY-KATOESJA.rar.torrent
C:\Documents and Settings\HP_Propri‚taire\Application Data\Shareaza\Torrents\Need.For.Speed.Undercover.Crack.and.Keygen.Only-RELOADED.torrent
C:\Documents and Settings\HP_Propri‚taire.NOM-EB85C523610\Mes documents\Downloads\Jeux\Microsoft Office 2007 Pro Plus\Keygen Office 2007.rar
.
===================================
.
3285 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
3 Fichier(s) - C:\DOCUME~1\HP_PRO~1.NOM\LOCALS~1\Temp
3 Fichier(s) - C:\WINDOWS\Temp
.
19 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
59 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 0:28:09 | 01/12/2009 - CLEAN[1]
.
============== E.O.F ==============
.

Désinstalle Ad-Remover.

Refais un scan RSIT et poste le rapport log.

AD remover ne desinstalle pas

Je peu le mettre directement ds la corbeille ou non???

voila le rapport mais j'ai pas pu desinstaller Ad Remover



Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Propriétaire at 2009-12-01 00:49:18
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 8 GB (6%) free of 146 GB
Total RAM: 510 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:49:49, on 01/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL 9.0c\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\AOL 9.0 VR\waol.exe
C:\Program Files\AOL 9.0 VR\shellmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\HP_Propriétaire.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://media.fastclick.net/w/safepop.cgi?cid=198591&mid...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0 VR\AOL.EXE" -b
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0c\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC183C74-FAE3-4314-9204-47FCB38FD287}: NameServer = 84.103.237.141 86.64.145.141
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Service Google Update (gupdate1ca6e2c5efbd28d) (gupdate1ca6e2c5efbd28d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

--
End of file - 11308 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\NSSstub.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2009-11-10 395216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2005-01-03 716800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2005-01-03 716800]
{4982D40A-C53B-4615-B15B-B5B5E98D167C}
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2009-11-10 395216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-14 149280]
"hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-08-02 7110656]
"nwiz"=nwiz.exe /installquiet /keeploaded /nodetect []
"HPHUPD08"=c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [2005-06-02 49152]
"KBD"=C:\HP\KBD\KBD.EXE [2005-02-03 61440]
"Home Theater SchSvr"=C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe [2005-07-18 106496]
"WINREMOTE"=C:\Program Files\InterVideo\Common\Bin\WinRemote.exe [2005-07-18 262144]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 233472]
"AlcxMonitor"=C:\WINDOWS\ALCXMNTR.EXE [2004-09-07 57344]
"PS2"=C:\WINDOWS\system32\ps2.exe [2004-10-25 90112]
"LSBWatcher"=c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2005-05-11 253952]
"Reminder"=C:\Windows\Creator\Remind_XP.exe [2004-12-14 663552]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPwuSchd2.exe [2005-05-12 49152]
"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]
"LogitechCommunicationsManager"=C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2007-03-06 488984]
""= []
"LogitechQuickCamRibbon"=C:\Program Files\Labtec\WebCam10\WebCam10.exe [2007-03-06 1060376]
"AOLSAV"=C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe [2004-03-15 73728]
"AOLDialer"=C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe [2004-04-08 496752]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2009-03-19 778240]
"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2009-11-18 1243088]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AOL Fast Start"=C:\Program Files\AOL 9.0 VR\AOL.EXE [2007-06-21 50480]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
AOL 9.0 Icône AOL.lnk - C:\Program Files\AOL 9.0c\aoltray.exe
AOL Compagnon.lnk - C:\Program Files\AOL Compagnon\companion.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=145
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL France"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\AOL 9.0c\waol.exe"="C:\Program Files\AOL 9.0c\waol.exe:*:Enabled:AOL"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%ProgramFiles%\iTunes\iTunes.exe"="%ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\AOL 9.0c\waol.exe"="C:\Program Files\AOL 9.0c\waol.exe:*:Enabled:AOL"

======List of files/folders created in the last 1 months======

2009-12-01 00:03:13 ----D---- C:\Program Files\Ad-Remover
2009-11-30 23:59:36 ----D---- C:\WINDOWS\LastGood
2009-11-30 23:33:45 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-11-30 23:06:58 ----RASHD---- C:\autorun.inf
2009-11-30 22:10:06 ----D---- C:\UsbFix
2009-11-30 21:27:36 ----D---- C:\rsit
2009-11-30 20:11:15 ----D---- C:\Program Files\Trend Micro
2009-11-30 20:02:22 ----A---- C:\WINDOWS\SGDetectionTool.dll
2009-11-30 20:02:22 ----A---- C:\WINDOWS\BDTSupport.dll
2009-11-30 20:02:21 ----A---- C:\WINDOWS\PCTBDRes.dll
2009-11-30 20:02:21 ----A---- C:\WINDOWS\PCTBDCore.dll
2009-11-30 20:01:13 ----D---- C:\Program Files\Spyware Doctor
2009-11-30 20:01:13 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-11-30 20:01:13 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\PC Tools
2009-11-30 20:01:13 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2009-11-29 16:23:32 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\HPQ
2009-11-29 13:47:26 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\BitDefender
2009-11-29 13:46:43 ----D---- C:\Program Files\BitDefender
2009-11-29 13:46:43 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
2009-11-29 13:38:06 ----D---- C:\Program Files\Fichiers communs\BitDefender
2009-11-28 06:04:19 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\WinRAR
2009-11-26 01:16:54 ----D---- C:\Program Files\Full Pack Codecs
2009-11-26 01:16:11 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-11-25 21:01:03 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Sonic
2009-11-25 21:00:38 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Leadertech
2009-11-25 20:36:06 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2009-11-25 20:36:05 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-11-25 20:36:03 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-11-25 20:35:50 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\TuneUp Software
2009-11-25 20:34:47 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-11-25 20:34:08 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-11-25 19:17:47 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Mozilla
2009-11-25 19:17:28 ----D---- C:\Program Files\Mozilla Firefox
2009-11-24 00:59:38 ----D---- C:\Program Files\Lavasoft
2009-11-24 00:59:36 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-11-21 04:55:41 ----D---- C:\Program Files\Runes of Magic
2009-11-19 00:19:03 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\FOG Downloader
2009-11-18 10:28:23 ----D---- C:\WINDOWS\system32\Adobe
2009-11-16 22:50:10 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\You've Got Pictures Screensaver
2009-11-16 22:50:03 ----A---- C:\WINDOWS\system32\shdocvw.bak
2009-11-16 22:49:28 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-11-16 22:49:24 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-11-16 22:49:24 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-11-16 22:49:23 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-11-16 22:48:51 ----A---- C:\WINDOWS\system32\jgdwmie.dll
2009-11-16 22:48:50 ----A---- C:\WINDOWS\system32\roboex32.dll
2009-11-16 22:48:50 ----A---- C:\WINDOWS\system32\Inetwh32.dll
2009-11-16 22:48:28 ----A---- C:\WINDOWS\system32\AOLDial.dll
2009-11-16 22:48:05 ----D---- C:\Program Files\AOL 9.0c
2009-11-16 22:44:37 ----D---- C:\Program Files\TechCity Solutions
2009-11-14 23:54:03 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\DivX
2009-11-14 18:07:58 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\HP
2009-11-14 15:46:13 ----RSHD---- C:\cmdcons
2009-11-14 15:19:09 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-14 15:19:09 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-14 15:19:09 ----A---- C:\WINDOWS\system32\java.exe
2009-11-14 14:58:49 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-11-14 14:45:35 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Sun
2009-11-14 14:45:08 ----D---- C:\Program Files\TubeMaster++
2009-11-14 14:40:23 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Adobe
2009-11-14 14:38:11 ----D---- C:\WINDOWS\system32\custom matrices
2009-11-14 14:38:02 ----D---- C:\WINDOWS\system32\C2MP
2009-11-14 14:27:32 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\GRETECH
2009-11-14 14:04:34 ----A---- C:\WINDOWS\system32\stci.dll
2009-11-14 13:14:28 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\AOL
2009-11-14 13:14:27 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Macromedia
2009-11-14 13:12:49 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-11-14 13:11:18 ----ASH---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\desktop.ini
2009-11-14 13:11:11 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Symantec
2009-11-14 13:11:11 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\SampleView
2009-11-14 13:11:11 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Microsoft
2009-11-14 13:11:11 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Intervideo
2009-11-14 13:11:11 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Identities
2009-11-14 13:11:11 ----D---- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610\Application Data\Apple Computer
2009-11-14 01:47:28 ----A---- C:\WINDOWS\system32\divx_xx16.dll
2009-11-14 01:47:28 ----A---- C:\WINDOWS\system32\divx_xx11.dll
2009-11-14 01:47:28 ----A---- C:\WINDOWS\system32\divx_xx0c.dll
2009-11-14 01:47:28 ----A---- C:\WINDOWS\system32\divx_xx0a.dll
2009-11-14 01:47:28 ----A---- C:\WINDOWS\system32\divx_xx07.dll
2009-11-14 01:47:28 ----A---- C:\WINDOWS\system32\DivX.dll
2009-11-13 03:43:44 ----A---- C:\hkst6r78oh108.bat
2009-11-13 00:12:18 ----A---- C:\WINDOWS\irc.txt
2009-11-10 16:56:23 ----A---- C:\tf67tijhwex108.bat
2009-11-09 17:40:58 ----A---- C:\seg5ywfxwx108.bat
2009-11-08 05:38:58 ----A---- C:\dfuj4y54hscv108.bat
2009-11-07 19:57:07 ----D---- C:\Program Files\Windows Live SkyDrive

======List of files/folders modified in the last 1 months======

2009-12-01 00:49:23 ----D---- C:\WINDOWS\Temp
2009-12-01 00:25:13 ----D---- C:\WINDOWS\Prefetch
2009-12-01 00:22:38 ----D---- C:\WINDOWS
2009-12-01 00:21:27 ----D---- C:\Program Files
2009-12-01 00:13:30 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-12-01 00:02:32 ----A---- C:\WINDOWS\win.ini
2009-12-01 00:02:13 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-01 00:02:12 ----HD---- C:\WINDOWS\inf
2009-11-30 23:50:28 ----D---- C:\WINDOWS\system32\dllcache
2009-11-30 23:49:42 ----D---- C:\WINDOWS\system32
2009-11-30 23:48:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-30 23:35:30 ----D---- C:\WINDOWS\SoftwareDistribution
2009-11-30 23:34:57 ----D---- C:\WINDOWS\Help
2009-11-30 23:06:54 ----SHD---- C:\RECYCLER
2009-11-30 22:07:48 ----SHD---- C:\WINDOWS\Installer
2009-11-30 22:07:44 ----D---- C:\WINDOWS\WinSxS
2009-11-30 22:06:46 ----SHD---- C:\Config.Msi
2009-11-30 20:39:03 ----D---- C:\WINDOWS\system32\drivers
2009-11-30 20:01:13 ----D---- C:\Program Files\Fichiers communs
2009-11-30 14:05:35 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-11-30 13:52:23 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-30 13:01:56 ----SHD---- C:\System Volume Information
2009-11-30 13:01:56 ----D---- C:\WINDOWS\system32\Restore
2009-11-29 17:11:14 ----D---- C:\WINDOWS\Minidump
2009-11-29 13:49:03 ----D---- C:\Program Files\Symantec
2009-11-29 13:44:37 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-11-29 13:41:57 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-11-29 13:39:15 ----D---- C:\WINDOWS\Tasks
2009-11-26 01:16:24 ----D---- C:\Program Files\DivX
2009-11-26 01:15:28 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-11-26 01:08:32 ----D---- C:\Program Files\Google
2009-11-25 20:42:59 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-11-25 20:42:58 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-11-25 20:42:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$
2009-11-25 20:42:55 ----AHDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-11-25 20:42:52 ----AHDC---- C:\WINDOWS\$NtUninstallKB893066$
2009-11-25 20:42:49 ----AHDC---- C:\WINDOWS\$NtUninstallKB896422$
2009-11-25 20:42:19 ----HDC---- C:\WINDOWS\$NtUninstallKB917159$
2009-11-25 20:42:17 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP10$
2009-11-25 20:41:54 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-11-25 20:41:46 ----HDC---- C:\WINDOWS\$NtUninstallKB925486$
2009-11-25 20:41:24 ----HDC---- C:\WINDOWS\$NtUninstallKB929969$
2009-11-25 20:41:17 ----HDC---- C:\WINDOWS\$NtUninstallKB931836$
2009-11-25 20:41:15 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
2009-11-25 20:41:11 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-11-25 20:41:09 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-11-25 20:41:05 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-11-25 20:41:04 ----HDC---- C:\WINDOWS\$NtUninstallKB941644$
2009-11-25 20:41:04 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-11-25 20:41:00 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2009-11-25 20:40:49 ----HDC---- C:\WINDOWS\$NtUninstallKB946627$
2009-11-25 20:40:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-11-25 20:40:25 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-11-25 20:40:25 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-11-25 20:40:24 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-11-25 20:40:16 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-11-25 20:40:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-11-25 20:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-11-25 20:40:10 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-11-25 20:40:08 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-11-25 20:40:05 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-11-25 20:40:05 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-11-25 20:39:45 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-11-25 20:36:07 ----D---- C:\WINDOWS\system32\config
2009-11-25 20:16:27 ----D---- C:\Program Files\QuickTime
2009-11-25 20:12:50 ----D---- C:\Program Files\Fichiers communs\Apple
2009-11-25 12:30:32 ----D---- C:\Program Files\AOL Compagnon
2009-11-25 12:20:56 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-24 10:37:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-11-24 00:58:52 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-11-24 00:50:18 ----A---- C:\WINDOWS\WININIT.INI
2009-11-19 21:13:02 ----D---- C:\WINDOWS\Debug
2009-11-19 21:10:57 ----D---- C:\Program Files\CCleaner
2009-11-19 11:22:43 ----D---- C:\Program Files\Fichiers communs\Designer
2009-11-19 11:21:34 ----RSD---- C:\WINDOWS\Fonts
2009-11-18 21:53:14 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-11-18 11:41:01 ----D---- C:\Program Files\Microsoft Works
2009-11-16 22:50:16 ----AC---- C:\WINDOWS\aolback.exe.lnk
2009-11-16 22:50:09 ----SD---- C:\WINDOWS\occache
2009-11-16 22:49:58 ----D---- C:\Program Files\AOL Toolbar
2009-11-16 22:48:56 ----D---- C:\Program Files\Fichiers communs\aolshare
2009-11-16 22:48:52 ----D---- C:\Program Files\Fichiers communs\AOL
2009-11-16 22:48:05 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2009-11-16 22:02:29 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-14 21:00:08 ----D---- C:\WINDOWS\system
2009-11-14 20:59:46 ----D---- C:\WINDOWS\I386
2009-11-14 20:57:47 ----D---- C:\Program Files\Windows NT
2009-11-14 20:57:44 ----D---- C:\Program Files\Windows Media Player
2009-11-14 20:57:44 ----D---- C:\Program Files\Outlook Express
2009-11-14 20:57:44 ----D---- C:\Program Files\NetMeeting
2009-11-14 20:57:43 ----D---- C:\Program Files\Fichiers communs\Services
2009-11-14 20:57:41 ----D---- C:\WINDOWS\system32\wbem
2009-11-14 20:57:37 ----D---- C:\WINDOWS\system32\ras
2009-11-14 20:57:34 ----D---- C:\WINDOWS\system32\oobe
2009-11-14 20:57:26 ----D---- C:\WINDOWS\system32\icsxml
2009-11-14 20:57:26 ----D---- C:\WINDOWS\system32\ias
2009-11-14 20:56:53 ----D---- C:\WINDOWS\system32\Setup
2009-11-14 20:56:49 ----D---- C:\WINDOWS\system32\Com
2009-11-14 20:56:48 ----D---- C:\WINDOWS\srchasst
2009-11-14 20:56:47 ----RD---- C:\WINDOWS\Web
2009-11-14 20:56:47 ----D---- C:\WINDOWS\Media
2009-11-14 20:56:47 ----D---- C:\WINDOWS\addins
2009-11-14 20:56:35 ----D---- C:\WINDOWS\Cursors
2009-11-14 20:56:19 ----RSD---- C:\WINDOWS\assembly
2009-11-14 18:03:13 ----HD---- C:\hp
2009-11-14 15:46:40 ----SH---- C:\boot.ini
2009-11-14 15:46:13 ----AC---- C:\WINDOWS\UPGRADE.TXT
2009-11-14 15:46:11 ----D---- C:\WINDOWS\setup.pss
2009-11-14 15:42:58 ----D---- C:\WINDOWS\security
2009-11-14 15:41:16 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-11-14 15:28:37 ----D---- C:\Program Files\WinRAR
2009-11-14 15:18:46 ----D---- C:\Program Files\Java
2009-11-14 15:17:21 ----D---- C:\Program Files\WinPcap
2009-11-14 14:04:32 ----D---- C:\Program Files\Thomson
2009-11-14 14:03:16 ----D---- C:\WINDOWS\system32\FxsTmp
2009-11-14 13:21:10 ----D---- C:\Program Files\Easy Internet signup
2009-11-14 13:16:42 ----D---- C:\Program Files\AOL 9.0b
2009-11-14 13:14:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-14 13:11:08 ----D---- C:\Documents and Settings
2009-11-14 13:09:29 ----SH---- C:\BOOT.BAK
2009-11-14 13:09:11 ----D---- C:\WINDOWS\Registration
2009-11-14 13:07:17 ----A---- C:\WINDOWS\system.ini
2009-11-14 04:08:21 ----D---- C:\Program Files\YouTUBE (TM) movie downloader
2009-11-14 04:08:20 ----D---- C:\Program Files\Xvid
2009-11-14 04:07:53 ----D---- C:\Program Files\Warcraft IIIa
2009-11-14 04:07:43 ----D---- C:\Program Files\VirtualDJ
2009-11-14 04:07:40 ----D---- C:\Program Files\UltimateZip 2007
2009-11-14 04:06:35 ----D---- C:\Program Files\Shareaza
2009-11-14 04:05:46 ----D---- C:\Program Files\SecondLife
2009-11-14 04:03:41 ----D---- C:\Program Files\PC Connectivity Solution
2009-11-14 04:01:55 ----D---- C:\Program Files\Navirad_UserTool
2009-11-14 04:01:45 ----D---- C:\Program Files\MSN Reaper
2009-11-14 03:58:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-14 03:56:15 ----D---- C:\Program Files\IZArc
2009-11-14 03:48:58 ----D---- C:\Program Files\D-Tools
2009-11-14 03:48:58 ----D---- C:\Program Files\CamStudio
2009-11-14 03:48:36 ----D---- C:\Program Files\avinst
2009-11-14 03:46:59 ----D---- C:\Program Files\AC3Filter
2009-11-14 03:46:53 ----D---- C:\Program Files\a-squared Anti-Malware
2009-11-14 03:46:00 ----D---- C:\Garmin
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\VXBLOCK.dll
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\PxWave.dll
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\PxSFS.DLL
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\PxMas.dll
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-11-14 01:49:00 ----N---- C:\WINDOWS\system32\Px.dll
2009-11-13 03:24:30 ----A---- C:\WINDOWS\lvkosd.ini
2009-11-07 19:56:33 ----D---- C:\Program Files\Windows Live
2009-11-07 19:35:18 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2009-11-07 19:11:09 ----D---- C:\Program Files\Windows Live Toolbar

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-07-27 2786176]
R3 alcan5ln;SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS); C:\WINDOWS\system32\DRIVERS\alcan5ln.sys [2003-12-08 36256]
R3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-20 2317696]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 ATWPKT2;ATWPKT2; \??\C:\PROGRA~1\FICHIE~1\AOL\ACS\ATWPKT2.SYS []
R3 bdfm;BDFM; C:\WINDOWS\system32\drivers\bdfm.sys [2009-11-30 146312]
R3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys [2009-04-06 266376]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys []
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2005-03-07 14408]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2007-03-06 41376]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-08-02 3199328]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2007-03-06 491168]
R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-07-04 26624]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-04 607452]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-03-06 1669664]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-03-06 2261792]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-04 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-05 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 PsSdk31;PsSdk31; \??\C:\WINDOWS\system32\Drivers\pssdk31.drv []
S3 PsSdkLBF;PsSdkLBF; \??\C:\WINDOWS\system32\Drivers\pssdklbf.drv []
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe [2009-11-10 112592]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-14 153376]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2009-04-29 419096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-08-02 127043]
R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-10-30 359624]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-11-25 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2009-04-21 1631512]
S2 gupdate1ca6e2c5efbd28d;Service Google Update (gupdate1ca6e2c5efbd28d); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-26 133104]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-03-06 105248]
S2 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-11-06 1141712]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-05 268800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPodService;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2005-05-05 327680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 scan;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-11-25 360192]

-----------------EOF-----------------

Télécharge OTM (OldTimer) sur ton Bureau.

Double-clique sur OTM.exe afin de le lancer.

Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:files
C:\hkst6r78oh108.bat
C:\WINDOWS\irc.txt
C:\tf67tijhwex108.bat
C:\seg5ywfxwx108.bat
C:\dfuj4y54hscv108.bat

:commands
[purity]
[emptytemp]
[reboot]

Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

Clique maintenant sur le bouton MoveIt! puis ferme OTM.

---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log

Rapport:


All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\hkst6r78oh108.bat moved successfully.
C:\WINDOWS\irc.txt moved successfully.
C:\tf67tijhwex108.bat moved successfully.
C:\seg5ywfxwx108.bat moved successfully.
C:\dfuj4y54hscv108.bat moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur

User: Administrateur.UNDERTAKER
->Temp folder emptied: 18150 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: All Users

User: Default User
->Temp folder emptied: 18150 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: HP_Propriétaire
->Temp folder emptied: 1112646701 bytes
->Temporary Internet Files folder emptied: 988260945 bytes
->Java cache emptied: 33363082 bytes
->FireFox cache emptied: 130401578 bytes

User: HP_Propriétaire.NOM-EB85C523610
->Temp folder emptied: 198904 bytes
->Temporary Internet Files folder emptied: 277403 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 62413169 bytes
->Google Chrome cache emptied: 5986091 bytes

User: LocalService
->Temp folder emptied: 115348 bytes
->Temporary Internet Files folder emptied: 68606 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 104452007 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 22016 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 18150 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1371238 bytes

Total Files Cleaned = -1769,29 mb


OTM by OldTimer - Version 3.1.2.0 log created on 12012009_005704

Files moved on Reboot...
File C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\TubeMaster Sessions\Kaysha not found!
C:\WINDOWS\temp\tmp00006751\tmp00000000 moved successfully.

Registry entries deleted on Reboot...

Ensuite???

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.

Double-clique sur le fichier téléchargé pour lancer le processus d'installation.

Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.

Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.

Sélectionne Exécuter un examen rapide.

Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

Ferme tes navigateurs.

Si des malwares ont été détectés, clique sur Afficher les résultats.

Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Rapport d'analyse



Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3264
Windows 5.1.2600 Service Pack 2

01/12/2009 02:35:52
mbam-log-2009-12-01 (02-35-52).txt

Type de recherche: Examen rapide
Eléments examinés: 123907
Temps écoulé: 20 minute(s), 19 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 7

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire\Application Data\WinButler (Adware.WinButler) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RelevantKnowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire\Application Data\WinButler\config.cfg (Adware.WinButler) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RelevantKnowledge\About RelevantKnowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Favoris\Malware Defender.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Favoris\Protect Your Privacy.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Favoris\System Error Fixer.url (Rogue.Link) -> Quarantined and deleted successfully.

Ensuite???

Bonne nuit  

C'est fini?? ça n'as rien changer a ma connexion perso, elle se coupe toutes les 10 mn...

Enfin bref merci quand meme

Ces problèmes sont arrivés d'un coup ?

Oui malheureusement et je sais pas quoi faire perso J'ai une connexion AOL ADSL

C'est fini AOL, ça a été racheté par Neuf puis SFR.

Je sais bien mais que faire de ma connexion qui s'arrete constament??? Surtout qu'à chaque fois je suis obligé de redemarrer l'ordinateur...

Tu as un autre PC ?

nan pas du tout j'ai que celui là pourquoi??

C'était juste pour voir si ça venait du PC ou de la connexion ADSL.

moi je pensait que ça venait d'un virus car du jour au lendemain mon pc bugge enormement surtout quand je suis sur le net