Problème de spam

Bonjour,

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Log :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Simon at 2009-12-04 19:59:28
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 3 GB (5%) free of 68 GB
Total RAM: 1014 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:36, on 4/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Simon\Mes documents\Téléchargements\RSIT.exe
C:\Documents and Settings\Simon\Mes documents\Downloads\Simon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\befr_ver.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBBEFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - C:\WINDOWS\system32\pbbefrv2.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PBBEFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - C:\WINDOWS\system32\pbbefrv2.dll (file missing)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr_ver.htm
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 9741 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Extension de garantie.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3587632848-4188249037-3701203085-1006Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3587632848-4188249037-3701203085-1006UA.job
C:\WINDOWS\tasks\Master CD_DVD Creator.job
C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
C:\WINDOWS\tasks\Rappel d'enregistrement 3.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D}]
PBBEFRV2 - C:\WINDOWS\system32\pbbefrv2.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - PBBEFRV2 - C:\WINDOWS\system32\pbbefrv2.dll []
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-11-03 98304]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-11-03 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-03 118784]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-05-25 14477312]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-06-20 729178]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
""= []
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-15 385024]
"EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2004-10-15 356352]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"=C:\APPS\SMP\SmpSys.exe [2005-11-17 975360]
"Google Update"=C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-10 133104]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-03 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2004-10-15 110592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Simon\Local Settings\Temp\7zS94.tmp\SymNRT.exe"="C:\Documents and Settings\Simon\Local Settings\Temp\7zS94.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Jeux\World of Warcraft\WoW-3.0.1-to-3.0.2-frFR-Win-Update-downloader.exe"="C:\Program Files\Jeux\World of Warcraft\WoW-3.0.1-to-3.0.2-frFR-Win-Update-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Jeux\World of Warcraft\Launcher.exe"="C:\Program Files\Jeux\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe"="C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\APPS\skype\Phone\Skype.exe"="C:\APPS\skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a1f4ccec-85e4-11de-b636-0016365acc60}]
shell\AutoRun\command - G:\ime/moje.exe
shell\explore\command - G:\ime/moje.exe
shell\open\command - G:\ime/moje.exe


======List of files/folders created in the last 1 months======

2009-12-04 19:59:28 ----D---- C:\rsit
2009-12-04 19:23:55 ----D---- C:\Program Files\BitTorrent
2009-12-04 17:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\2DBoy
2009-12-04 11:15:43 ----D---- C:\Program Files\Dossier photos
2009-12-04 11:14:00 ----D---- C:\Mes Images
2009-12-04 11:12:18 ----A---- C:\WINDOWS\rtfctl32.dll
2009-12-04 11:11:45 ----D---- C:\Program Files\FotoStation 4.0
2009-11-30 16:15:07 ----D---- C:\Documents and Settings\Simon\Application Data\VanDale
2009-11-30 13:34:30 ----D---- C:\VanDale
2009-11-25 22:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 22:56:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-14 14:51:49 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-11-14 14:51:48 ----D---- C:\Program Files\DivX
2009-11-14 00:21:06 ----D---- C:\Documents and Settings\Simon\Application Data\Media Player Classic
2009-11-14 00:17:51 ----D---- C:\Program Files\Combined Community Codec Pack
2009-11-13 21:36:47 ----D---- C:\Program Files\Microsoft Silverlight
2009-11-13 21:32:39 ----D---- C:\Program Files\Microsoft
2009-11-13 20:35:07 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-05 18:28:46 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$

======List of files/folders modified in the last 1 months======

2009-12-04 19:59:37 ----D---- C:\Documents and Settings\Simon\Application Data\BitTorrent
2009-12-04 19:59:33 ----D---- C:\WINDOWS\PREFETCH
2009-12-04 19:35:48 ----D---- C:\WINDOWS\Temp
2009-12-04 19:23:55 ----RD---- C:\Program Files
2009-12-04 19:10:57 ----D---- C:\Program Files\Mozilla Firefox
2009-12-04 11:12:24 ----D---- C:\WINDOWS
2009-12-04 11:12:23 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-12-04 11:10:24 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-03 23:37:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-01 23:10:59 ----D---- C:\Documents and Settings\Simon\Application Data\Skype
2009-12-01 23:10:28 ----D---- C:\Documents and Settings\Simon\Application Data\skypePM
2009-12-01 22:50:12 ----D---- C:\WINDOWS\system32\Lang
2009-11-30 22:13:54 ----RSHD---- C:\RECYCLER
2009-11-26 08:34:50 ----D---- C:\WINDOWS\security
2009-11-26 08:34:35 ----HD---- C:\WINDOWS\inf
2009-11-26 08:32:24 ----AD---- C:\WINDOWS\system32
2009-11-25 22:56:25 ----SHD---- C:\WINDOWS\Installer
2009-11-25 22:56:12 ----A---- C:\WINDOWS\imsins.BAK
2009-11-25 22:55:45 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-25 22:55:37 ----D---- C:\WINDOWS\WinSxS
2009-11-25 08:26:03 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-11-25 08:25:59 ----RSD---- C:\WINDOWS\assembly
2009-11-25 08:23:41 ----RSD---- C:\WINDOWS\Fonts
2009-11-25 08:23:31 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-11-25 08:21:13 ----D---- C:\Program Files\Microsoft Works
2009-11-25 08:21:10 ----D---- C:\WINDOWS\pchealth
2009-11-23 20:48:31 ----D---- C:\Documents and Settings\Simon\Application Data\U3
2009-11-21 02:15:48 ----A---- C:\WINDOWS\win.ini
2009-11-21 02:15:47 ----D---- C:\Program Files\Fichiers communs\System
2009-11-14 14:51:49 ----D---- C:\Program Files\Fichiers communs
2009-11-13 22:37:08 ----D---- C:\WINDOWS\Microsoft.NET
2009-11-13 21:35:07 ----D---- C:\Program Files\Windows Live
2009-11-13 20:37:55 ----D---- C:\WINDOWS\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.6.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-28 17119]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-10-15 11354]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-03 1353820]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-05-25 3134976]
R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-06-20 190400]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-04-19 30080]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-04-19 20608]
R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 a6d5fm57;a6d5fm57; C:\WINDOWS\system32\drivers\a6d5fm57.sys []
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-04-19 17152]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-10 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-09-23 1852488]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-10-15 86016]
R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2004-10-15 98304]
R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-10-15 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-10-15 360521]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R2 WLANKEEPER;WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2004-10-15 225353]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

___________________________________________________________________________________

Info :

info.txt logfile of random's system information tool 1.06 2009-12-04 19:59:39

======Uninstall list======

-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
a-squared Free 4.5-->"C:\Program Files\a-squared Free\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
BitTorrent-->C:\Program Files\BitTorrent\uninst.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Combined Community Codec Pack 2009-09-09-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
Commandos 2: Men of Courage-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}\setup.exe"
Correctif pour Windows XP (KB896256)-->"C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB918005)-->"C:\WINDOWS\$NtUninstallKB918005$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
FotoStation 4.0-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\FotoStation 4.0\Uninst.isu"
GUILD WARS-->"C:\Program Files\GUILD WARS\Gw.exe" -uninstall
Guitar Pro 5.0-->"C:\Program Files\Guitar Pro 5\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Simon\Mes documents\Downloads\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
iTunes-->MsiExec.exe /I{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}
IZArc 4.0 beta 1-->"C:\Program Files\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
mCore-->MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
mDriver-->MsiExec.exe /I{28DA872A-0848-48CF-B749-19A198157A2A}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mEoU.msi-->MsiExec.exe /I{B502B428-3386-40A9-98DB-079AAB72E64F}
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mIWCA-->MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSSO-->MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
mToolkit-->MsiExec.exe /I{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Packard Bell Toolbar 1.0-->"C:\Program Files\Dynamic Toolbar\unins000.exe"
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Robin Hood: The Legend Of Sherwood-->C:\Documents and Settings\Simon\Mes documents\Downloads\Robin Hood The Legend Of Sherwood\Robin Hood The Legend Of Sherwood
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sonic MyDVD-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Outlook 2007 Junk Email Filter (kb975960)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F1AB1BED-7477-4D5A-BD0C-04C2109459A5}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: 106254330136
Event Code: 240
Message: Une requête de suspension de pouvoir a été refusée par winlogon.exe.

Record Number: 6793
Source Name: Win32k
Time Written: 20091119231404.000000+060
Event Type: warning
User:

Computer Name: 106254330136
Event Code: 18
Message: TIMEOUT<ZCfgSvc.exe> C:\...Settings\Settings.ini

Record Number: 6792
Source Name: avgntflt
Time Written: 20091119231342.000000+060
Event Type: warning
User:

Computer Name: 106254330136
Event Code: 10010
Message: Le serveur {4BEE36D7-DF28-49C1-8B85-1F3AED830E66} ne s'est pas enregistré sur DCOM avant la fin du temps imparti.

Record Number: 6770
Source Name: DCOM
Time Written: 20091119173340.000000+060
Event Type: error
User: AUTORITE NT\SYSTEM

Computer Name: 106254330136
Event Code: 1003
Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00166FAAA569. Il s'est
produit l'erreur suivante :
L'opération a été annulée par l'utilisateur.
.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).

Record Number: 6679
Source Name: Dhcp
Time Written: 20091119153953.000000+060
Event Type: warning
User:

Computer Name: 106254330136
Event Code: 1003
Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00166FAAA569. Il s'est
produit l'erreur suivante :
L'opération a été annulée par l'utilisateur.
.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).

Record Number: 6670
Source Name: Dhcp
Time Written: 20091119150935.000000+060
Event Type: warning
User:

=====Application event log=====

Computer Name: 106254330136
Event Code: 1015
Message: La connexion au serveur est impossible. Erreur : 0x800401F0

Record Number: 429
Source Name: MsiInstaller
Time Written: 20090924165825.000000+120
Event Type: warning
User: 106254330136\Simon

Computer Name: 106254330136
Event Code: 1015
Message: La connexion au serveur est impossible. Erreur : 0x800401F0

Record Number: 427
Source Name: MsiInstaller
Time Written: 20090924165825.000000+120
Event Type: warning
User: 106254330136\Simon

Computer Name: 106254330136
Event Code: 1015
Message: La connexion au serveur est impossible. Erreur : 0x800401F0

Record Number: 425
Source Name: MsiInstaller
Time Written: 20090924165825.000000+120
Event Type: warning
User: 106254330136\Simon

Computer Name: 106254330136
Event Code: 1015
Message: La connexion au serveur est impossible. Erreur : 0x800401F0

Record Number: 423
Source Name: MsiInstaller
Time Written: 20090924165825.000000+120
Event Type: warning
User: 106254330136\Simon

Computer Name: 106254330136
Event Code: 1015
Message: La connexion au serveur est impossible. Erreur : 0x800401F0

Record Number: 421
Source Name: MsiInstaller
Time Written: 20090924165825.000000+120
Event Type: warning
User: 106254330136\Simon

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\FICHIE~1\SONICS~1\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip

-----------------EOF-----------------


Voila  

Désinstalle Ask Toolbar.

Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

Double-clique sur UsbFix pour l'exécuter.

Choisis l'option 1 (Recherche).

Laisse travailler l'outil.

Poste le rapport UsbFix.txt.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

Voila le rapport


############################## | UsbFix V6.059 |

User : Simon (Administrateurs) # 106254330136
Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 12:23:16 | 6/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) M processor 1.80GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

C:\ -> Disque fixe local # 66,71 Go (1,3 Go free) [HDD] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
G:\ -> Disque amovible # 1,87 Go (200,38 Mo free) [UDISK] # FAT

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 764
C:\WINDOWS\system32\csrss.exe 816
C:\WINDOWS\system32\winlogon.exe 840
C:\WINDOWS\system32\services.exe 884
C:\WINDOWS\system32\lsass.exe 896
C:\WINDOWS\system32\svchost.exe 1056
C:\WINDOWS\system32\svchost.exe 1116
C:\WINDOWS\System32\svchost.exe 1232
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 1308
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 1372
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe 1412
C:\WINDOWS\system32\svchost.exe 1524
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe 1536
C:\WINDOWS\system32\svchost.exe 1668
C:\WINDOWS\Explorer.EXE 1780
C:\WINDOWS\system32\spoolsv.exe 200
C:\Program Files\Avira\AntiVir Desktop\sched.exe 252
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe 360
C:\WINDOWS\system32\svchost.exe 804
C:\WINDOWS\system32\igfxtray.exe 1324
C:\WINDOWS\system32\igfxpers.exe 1432
C:\WINDOWS\RTHDCPL.EXE 1472
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 1548
C:\Program Files\Java\jre6\bin\jusched.exe 1652
C:\Apps\Powercinema\PCMService.exe 1656
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 1704
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe 1728
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe 1744
C:\Program Files\iTunes\iTunesHelper.exe 1768
C:\APPS\SMP\SmpSys.exe 1808
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 1876
C:\WINDOWS\system32\ctfmon.exe 1920
C:\Program Files\RocketDock\RocketDock.exe 556
C:\Program Files\DAEMON Tools Lite\daemon.exe 368
C:\Program Files\a-squared Free\a2service.exe 1984
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1616
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1864
C:\Program Files\Bonjour\mDNSResponder.exe 1840
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe 2056
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe 2468
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe 2500
c:\APPS\HIDSERVICE\HIDSERVICE.exe 2504
C:\Program Files\Java\jre6\bin\jqs.exe 2624
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe 3224
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 3276
C:\WINDOWS\system32\wdfmgr.exe 3348
c:\APPS\Powercinema\Kernel\TV\CLSched.exe 3680
C:\Program Files\iPod\bin\iPodService.exe 3796
C:\WINDOWS\system32\wbem\wmiapsrv.exe 3896
C:\WINDOWS\System32\alg.exe 1464
C:\WINDOWS\system32\wuauclt.exe 3856
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe 3788
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe 640
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe 876
C:\WINDOWS\system32\wbem\wmiprvse.exe 3632

################## | Fichiers # Dossiers infectieux |

C:\Recycler\S-1-5-21-1622337330-7226149548-304615326-2014\nissan.exe
C:\Recycler\S-1-5-21-1622337330-7226149548-304615326-2014\Desktop.ini
C:\Recycler\S-1-5-21-1622337330-7226149548-304615326-2014
G:\autorun.inf
G:\DOBRERIBE
G:\ime\moje.exe
G:\ime

################## | Spyware.OnlineGames |


################## | Registre # Clés infectieuses |

[HKLM\software\microsoft\windows nt\currentversion\winlogon] "Taskman"

################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{a1f4ccec-85e4-11de-b636-0016365acc60}
Shell\AutoRun\command =G:\ime/moje.exe
Shell\explore\command =G:\ime/moje.exe
Shell\open\command =G:\ime/moje.exe

################## | Cracks / Keygens / Serials |

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony Vegas Pro 9 + Crack and KeyGen\vegaspro90_32bit.exe"
20/08/2009 22:00 |Size 168857432 |Crc32 e382a830 |Md5 0f51969f67a66e0b212bd31a9e236301

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony Vegas Pro 9 + Crack and KeyGen\crack vegas 9\Sony_VegasPro8_DVDArchitect45_SoundForge9_CRACK.exe"
20/08/2009 21:41 |Size 96256 |Crc32 88452780 |Md5 fc9fc6fe89061acc405df329c2192895

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\50comupd.exe"
25/10/2005 20:02 |Size 509984 |Crc32 2187dc5a |Md5 1fe5054c22c17f349e96b977365da427

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\hhupd.exe"
25/10/2005 20:02 |Size 471840 |Crc32 3b4fb565 |Md5 cbab5757c973d4366352043d27e0860f

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\InstMsi-x86a.exe"
25/10/2005 20:03 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\InstMsi-x86w.exe"
25/10/2005 20:03 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\Setup.exe"
03/04/2006 20:02 |Size 562688 |Crc32 fe7f3160 |Md5 b5b96e200b30ed9430ce70e4dd9b686e

"C:\Documents and Settings\Simon\Bureau\Football.Manager.2010.Update.10.1.0.Cracked-BAT\b-fm1010.rar"
-> contain : Crack\fm.exe


################## | ! Fin du rapport # UsbFix V6.059 ! |



Désolé pour le retard hein mais j'étais pas chez moi hier ^^.

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

Double-clique sur UsbFix présent sur ton Bureau pour le lancer.

Choisis l'option 2 (Suppression).

Ton Bureau disparaîtra et le PC redémarrera.

Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.

Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

Voila le rapport

############################## | UsbFix V6.059 |

User : Simon (Administrateurs) # 106254330136
Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 20:07:10 | 7/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) M processor 1.80GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

C:\ -> Disque fixe local # 66,71 Go (1,18 Go free) [HDD] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
G:\ -> Disque amovible # 1,87 Go (200,38 Mo free) [UDISK] # FAT

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 764
C:\WINDOWS\system32\csrss.exe 824
C:\WINDOWS\system32\winlogon.exe 848
C:\WINDOWS\system32\services.exe 892
C:\WINDOWS\system32\lsass.exe 904
C:\WINDOWS\system32\svchost.exe 1064
C:\WINDOWS\system32\svchost.exe 1136
C:\WINDOWS\System32\svchost.exe 1236
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 1324
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 1376
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe 1416
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe 1472
C:\WINDOWS\system32\svchost.exe 1584
C:\WINDOWS\system32\svchost.exe 1736
C:\WINDOWS\Explorer.EXE 1784
C:\WINDOWS\system32\spoolsv.exe 292
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe 300
C:\Program Files\Avira\AntiVir Desktop\sched.exe 380
C:\WINDOWS\system32\svchost.exe 1200
C:\Program Files\a-squared Free\a2service.exe 1480
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1544
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1556
C:\Program Files\Bonjour\mDNSResponder.exe 1572
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe 1596
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe 1728
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe 1816
c:\APPS\HIDSERVICE\HIDSERVICE.exe 1824
C:\Program Files\Java\jre6\bin\jqs.exe 1908
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe 2024
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 224
C:\WINDOWS\system32\wdfmgr.exe 464
c:\APPS\Powercinema\Kernel\TV\CLSched.exe 608
C:\WINDOWS\system32\wuauclt.exe 796
C:\WINDOWS\system32\wbem\wmiapsrv.exe 2080
C:\WINDOWS\system32\wbem\wmiprvse.exe 2140
C:\WINDOWS\System32\alg.exe 2160
C:\WINDOWS\system32\wbem\wmiprvse.exe 2224

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\Recycler\S-1-5-21-1622337330-7226149548-304615326-2014\nissan.exe
Supprimé ! C:\Recycler\S-1-5-21-1622337330-7226149548-304615326-2014\Desktop.ini
Supprimé ! C:\Recycler\S-1-5-21-1622337330-7226149548-304615326-2014
G:\autorun.inf -> fichier appelé : "G:\ime/moje.exe" ( Présent ! )
Non supprimé ! G:\ime/moje.exe
G:\autorun.inf -> fichier appelé : "G:\ime/moje.exe" ( Présent ! )
Non supprimé ! G:\ime/moje.exe
Supprimé ! G:\autorun.inf
Supprimé ! G:\DOBRERIBE
Supprimé ! G:\ime\moje.exe
Supprimé ! G:\ime

################## | Spyware.OnlineGames |

Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP45\A0014321.cmd
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP45\A0014321.cmd
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP45\A0014321.cmd
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP45\A0014321.cmd

################## | Registre # Clés infectieuses |


################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{5c94c700-bced-11de-b65c-0016365acc60}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{a1f4ccec-85e4-11de-b636-0016365acc60}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[01/08/2006 16:20|-rahs----|215] C:\BOOT.BAK
[10/08/2009 18:37|-rahs----|296] C:\BOOT.INI
[05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin
[05/08/2004 13:00|-rahs----|263488] C:\cmldr
[01/08/2006 15:50|--a------|6539] C:\DWNLOG.TXT
[?|?|?] C:\hiberfil.sys
[25/11/2009 20:31|--a------|1417] C:\INSTALL.LOG
[01/08/2006 16:22|-rahs----|0] C:\IO.SYS
[01/08/2006 16:22|-rahs----|0] C:\MSDOS.SYS
[05/08/2004 13:00|--a------|47564] C:\NTDETECT.COM
[05/08/2004 13:00|--a------|251712] C:\NTLDR
[?|?|?] C:\pagefile.sys
[11/08/2005 08:31|--a------|97] C:\SAUDIT.TXT
[07/12/2009 20:10|--a------|4535] C:\UsbFix.txt
[08/10/2009 11:17|--a------|215552] G:\Journalis[1][1]...doc
[17/09/2009 20:23|--a------|26338] G:\Carte-d'invit'.png
[17/09/2009 20:07|--a------|2480] G:\Carte-d'invit'verso.png
[04/10/2009 20:54|--a------|29665] G:\Invasie van spinnen, article 1 ndls.docx
[08/10/2009 10:00|--a------|75264] G:\DOCHY Economie 24.09.09.doc
[13/10/2009 08:57|--a------|67072] G:\Article 1 anglais Saturne rings.doc
[19/10/2009 20:53|--a------|24576] G:\Expression ‚crite.doc
[28/10/2009 14:44|---h-----|23552] G:\~WRL0001.tmp
[28/10/2009 15:54|--a------|23552] G:\As.doc
[11/01/2004 00:55|--a------|653748004] G:\Goodbye lenin VOST.avi
[16/11/2009 08:52|--a------|11206] G:\cours Droit.docx
[26/11/2009 15:48|--a------|117386] G:\BIBLIO Al, Za, Del.docx
[23/06/2009 09:29|--a------|2054089] G:\SomeoneSpecial-MickGordon.zip
[03/12/2009 23:12|--a------|208896] G:\Buxin SimonAnimation Socioculturelle.doc

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# G:\autorun.inf -> Dossier créé par UsbFix.

################## | Cracks / Keygens / Serials |

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony Vegas Pro 9 + Crack and KeyGen\vegaspro90_32bit.exe"
20/08/2009 22:00 |Size 168857432 |Crc32 e382a830 |Md5 0f51969f67a66e0b212bd31a9e236301

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony Vegas Pro 9 + Crack and KeyGen\crack vegas 9\Sony_VegasPro8_DVDArchitect45_SoundForge9_CRACK.exe"
20/08/2009 21:41 |Size 96256 |Crc32 88452780 |Md5 fc9fc6fe89061acc405df329c2192895

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\50comupd.exe"
25/10/2005 20:02 |Size 509984 |Crc32 2187dc5a |Md5 1fe5054c22c17f349e96b977365da427

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\hhupd.exe"
25/10/2005 20:02 |Size 471840 |Crc32 3b4fb565 |Md5 cbab5757c973d4366352043d27e0860f

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\InstMsi-x86a.exe"
25/10/2005 20:03 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\InstMsi-x86w.exe"
25/10/2005 20:03 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

"C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\Setup.exe"
03/04/2006 20:02 |Size 562688 |Crc32 fe7f3160 |Md5 b5b96e200b30ed9430ce70e4dd9b686e

"C:\Documents and Settings\Simon\Bureau\Football.Manager.2010.Update.10.1.0.Cracked-BAT\b-fm1010.rar"
-> contain : Crack\fm.exe


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\Simon\Bureau\UsbFix_Upload_Me_106254330136.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .

Merci  

Relance UsbFix et choisis l'option 5 pour le désinstaller.

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.

Double-clique sur le fichier téléchargé pour lancer le processus d'installation.

Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.

Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.

Sélectionne Exécuter un examen rapide.

Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

Ferme tes navigateurs.

Si des malwares ont été détectés, clique sur Afficher les résultats.

Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Voilà le rapport MBAM

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3331
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

9/12/2009 16:41:45
mbam-log-2009-12-09 (16-41-45).txt

Type de recherche: Examen rapide
Eléments examinés: 103567
Temps écoulé: 8 minute(s), 56 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e7bd74f-2b8d-469e-a0e8-ed6ab197b82d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-a0e8-ed6ab197b82d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Relance MBAM, va dans Quarantaine et supprime tout.

Refais un scan RSIT et poste le rapport log.

Voila le log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Simon at 2009-12-10 22:25:04
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 2 GB (3%) free of 68 GB
Total RAM: 1014 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:25:21, on 10/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\VanDale\Grote woordenboeken\Frans\VDNF.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Simon\Mes documents\Downloads\RSIT.exe
C:\Documents and Settings\Simon\Mes documents\Downloads\Simon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\befr_ver.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr_ver.htm
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 9616 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Extension de garantie.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3587632848-4188249037-3701203085-1006Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3587632848-4188249037-3701203085-1006UA.job
C:\WINDOWS\tasks\Master CD_DVD Creator.job
C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
C:\WINDOWS\tasks\Rappel d'enregistrement 3.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D}
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-11-03 98304]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-11-03 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-03 118784]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-05-25 14477312]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-06-20 729178]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
""= []
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-15 385024]
"EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2004-10-15 356352]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"=C:\APPS\SMP\SmpSys.exe [2005-11-17 975360]
"Google Update"=C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-10 133104]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-03 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2004-10-15 110592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=145
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Simon\Local Settings\Temp\7zS94.tmp\SymNRT.exe"="C:\Documents and Settings\Simon\Local Settings\Temp\7zS94.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Jeux\World of Warcraft\WoW-3.0.1-to-3.0.2-frFR-Win-Update-downloader.exe"="C:\Program Files\Jeux\World of Warcraft\WoW-3.0.1-to-3.0.2-frFR-Win-Update-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Jeux\World of Warcraft\Launcher.exe"="C:\Program Files\Jeux\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe"="C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\APPS\skype\Phone\Skype.exe"="C:\APPS\skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c94c700-bced-11de-b65c-0016365acc60}]
shell\AutoRun\command - E:\autorun.exe


======List of files/folders created in the last 1 months======

2009-12-10 22:21:10 ----D---- C:\WINDOWS\LastGood
2009-12-09 16:29:58 ----D---- C:\Documents and Settings\Simon\Application Data\Malwarebytes
2009-12-09 16:29:50 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-12-09 16:29:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-07 20:11:00 ----RASHD---- C:\autorun.inf
2009-12-06 12:48:53 ----D---- C:\Documents and Settings\Simon\Application Data\AdobeUM
2009-12-06 12:27:07 ----D---- C:\Documents and Settings\Simon\Application Data\WinRAR
2009-12-06 12:21:37 ----D---- C:\UsbFix
2009-12-05 20:41:00 ----D---- C:\WINDOWS\Minidump
2009-12-05 13:10:51 ----D---- C:\Documents and Settings\All Users\Application Data\Sports Interactive
2009-12-05 13:08:54 ----D---- C:\Documents and Settings\Simon\Application Data\Sports Interactive
2009-12-05 13:07:55 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-12-05 13:07:55 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-12-05 13:07:55 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-12-05 13:07:54 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-12-05 13:07:54 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-12-05 13:07:53 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-12-05 13:07:52 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-12-05 13:07:51 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-12-05 13:07:51 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-12-05 13:07:51 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-12-05 13:07:50 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-12-05 13:07:50 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-12-05 13:07:49 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-12-05 13:07:48 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-12-05 13:07:48 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-12-05 13:07:48 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-12-05 13:07:47 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-12-05 13:07:46 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-12-05 13:07:46 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-12-05 13:07:45 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-12-05 13:07:45 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-12-05 13:07:45 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-12-05 13:07:44 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-12-05 13:07:43 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-12-05 13:07:41 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-12-05 13:07:41 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-12-05 13:07:40 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-12-05 13:07:39 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-12-05 13:07:38 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-12-05 13:07:38 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-12-05 13:07:37 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-12-05 13:07:37 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-12-05 13:07:37 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-12-05 13:07:36 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-12-05 13:07:35 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-12-05 13:07:34 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-12-05 13:07:34 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-12-05 13:07:33 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-12-05 13:07:32 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-12-05 13:07:32 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-12-05 13:07:32 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-12-05 13:07:31 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-12-05 13:07:31 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-12-05 13:07:30 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-12-05 13:07:30 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-12-05 13:07:29 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-12-05 13:07:28 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-12-05 13:07:24 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-12-05 13:07:21 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-12-05 13:07:21 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-12-05 13:07:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-12-05 13:07:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-12-05 13:07:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-12-05 13:07:16 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-12-05 13:07:15 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-12-05 13:07:15 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-12-05 13:07:15 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-12-05 13:07:14 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-12-05 13:07:14 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-12-05 13:07:13 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-12-05 13:07:12 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-12-05 13:07:11 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-12-05 13:06:55 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-12-05 13:06:54 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-12-05 13:06:54 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-12-05 13:06:53 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-12-05 13:06:52 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-12-05 13:06:52 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-12-05 13:06:51 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-12-05 13:06:51 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-12-05 13:06:50 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-12-05 13:06:46 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-12-05 13:06:21 ----D---- C:\WINDOWS\Logs
2009-12-05 12:59:15 ----HD---- C:\Program Files\Zero G Registry
2009-12-05 12:59:15 ----D---- C:\Program Files\Sports Interactive
2009-12-04 19:59:28 ----D---- C:\rsit
2009-12-04 19:23:55 ----D---- C:\Program Files\BitTorrent
2009-12-04 17:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\2DBoy
2009-12-04 11:15:43 ----D---- C:\Program Files\Dossier photos
2009-12-04 11:14:00 ----D---- C:\Mes Images
2009-12-04 11:12:18 ----A---- C:\WINDOWS\rtfctl32.dll
2009-12-04 11:11:45 ----D---- C:\Program Files\FotoStation 4.0
2009-11-30 16:15:07 ----D---- C:\Documents and Settings\Simon\Application Data\VanDale
2009-11-30 13:34:30 ----D---- C:\VanDale
2009-11-25 22:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 22:56:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-14 14:51:49 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-11-14 14:51:48 ----D---- C:\Program Files\DivX
2009-11-14 00:21:06 ----D---- C:\Documents and Settings\Simon\Application Data\Media Player Classic
2009-11-14 00:17:51 ----D---- C:\Program Files\Combined Community Codec Pack
2009-11-13 21:36:47 ----D---- C:\Program Files\Microsoft Silverlight
2009-11-13 21:32:39 ----D---- C:\Program Files\Microsoft
2009-11-13 20:35:07 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$

======List of files/folders modified in the last 1 months======

2009-12-10 22:25:09 ----D---- C:\WINDOWS\PREFETCH
2009-12-10 22:22:57 ----HD---- C:\WINDOWS\inf
2009-12-10 22:22:09 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-10 22:22:09 ----D---- C:\WINDOWS
2009-12-10 10:15:30 ----D---- C:\WINDOWS\Temp
2009-12-10 08:35:08 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-10 08:34:21 ----D---- C:\WINDOWS\system32\Lang
2009-12-09 22:50:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-09 16:29:53 ----D---- C:\WINDOWS\system32\drivers
2009-12-09 16:29:49 ----RD---- C:\Program Files
2009-12-07 20:10:58 ----SHD---- C:\System Volume Information
2009-12-07 20:10:56 ----SHD---- C:\RECYCLER
2009-12-06 12:32:41 ----D---- C:\Program Files\Mozilla Firefox
2009-12-05 20:30:22 ----D---- C:\Documents and Settings\Simon\Application Data\BitTorrent
2009-12-05 13:07:58 ----D---- C:\WINDOWS\system32\DirectX
2009-12-05 13:07:56 ----AD---- C:\WINDOWS\system32
2009-12-05 13:07:11 ----RSD---- C:\WINDOWS\assembly
2009-12-05 13:06:58 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-04 11:12:23 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-12-01 23:10:59 ----D---- C:\Documents and Settings\Simon\Application Data\Skype
2009-12-01 23:10:28 ----D---- C:\Documents and Settings\Simon\Application Data\skypePM
2009-11-26 08:34:50 ----D---- C:\WINDOWS\security
2009-11-25 22:56:25 ----SHD---- C:\WINDOWS\Installer
2009-11-25 22:56:12 ----A---- C:\WINDOWS\imsins.BAK
2009-11-25 22:55:37 ----D---- C:\WINDOWS\WinSxS
2009-11-25 08:26:03 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-11-25 08:23:41 ----RSD---- C:\WINDOWS\Fonts
2009-11-25 08:23:31 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-11-25 08:21:13 ----D---- C:\Program Files\Microsoft Works
2009-11-25 08:21:10 ----D---- C:\WINDOWS\pchealth
2009-11-23 20:48:31 ----D---- C:\Documents and Settings\Simon\Application Data\U3
2009-11-21 02:15:48 ----A---- C:\WINDOWS\win.ini
2009-11-21 02:15:47 ----D---- C:\Program Files\Fichiers communs\System
2009-11-14 14:51:49 ----D---- C:\Program Files\Fichiers communs
2009-11-13 21:35:07 ----D---- C:\Program Files\Windows Live
2009-11-13 20:37:55 ----D---- C:\WINDOWS\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.6.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-28 17119]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-09 56816]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-10-15 11354]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-03 1353820]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-05-25 3134976]
R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-06-20 190400]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-04-19 30080]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-04-19 20608]
R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 a02pcor7;a02pcor7; C:\WINDOWS\system32\drivers\a02pcor7.sys []
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-04-19 17152]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-10 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-09-23 1852488]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-10-15 86016]
R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2004-10-15 98304]
R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-10-15 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-10-15 360521]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R2 WLANKEEPER;WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2004-10-15 225353]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)

Choisis la langue F pour français.

Au menu principal, choisis l'option L.

/!\ Laisse travailler l'outil /!\

Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

Voila le log  

.
======= LOGFILE OF AD-REMOVER 1.1.4.6_E | ONLY XP/VISTA/7 =======
.
Updated by C_XX on 10.12.2009 at 21:08
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Launch at: 16:05:06, ven. 11/12/2009 | Normal Boot | Option: CLEAN
Executed from: C:\Program Files\Ad-Remover\
Operating system: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Computer Name: 106254330136 | Current user: Simon
.
============== NEUTRALIZED ELEMENT(S) ==============
.

C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
C:\Program Files\Ask.com
C:\DOCUME~1\Simon\LOCALS~1\Temp\AskSearch
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

(!) -- Temp files deleted.

.
HKCU\software\appdatalow\AskToolbarInfo
HKCU\software\Ask.com
HKCU\software\AskToolbar
HKCU\software\Dynamic Toolbar
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\software\classes\appid\GenericAskToolbar.DLL
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\software\classes\GenericAskToolbar.ToolbarWnd
HKLM\software\classes\GenericAskToolbar.ToolbarWnd.1
HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\software\microsoft\windows\currentversion\uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
.
============== Added scan ==============
.
.
* Mozilla FireFox Version 3.5.5 [fr] *
.
ProfilePath: qnqk5n1q.default (Simon)
.
.
.
* Internet Explorer Version 6.0.2900.2180 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Use Custom Search URL: 1 (0x1)
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\Simon\Bureau\Football.Manager.2010.Update.10.1.0.Cracked-BAT\battery.nfo
C:\Documents and Settings\Simon\Bureau\Football.Manager.2010.Update.10.1.0.Cracked-BAT\b-fm1010.rar
C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony Vegas Pro 9 + Crack and KeyGen\vegaspro90_32bit.exe
C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony Vegas Pro 9 + Crack and KeyGen\crack vegas 9\Sony_VegasPro8_DVDArchitect45_SoundForge9_CRACK.exe
C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\50comupd.exe
C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\hhupd.exe
C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\InstMsi-x86a.exe
C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\InstMsi-x86w.exe
C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\Setup.exe
C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\ssg.nfo
C:\Documents and Settings\Simon\Mes documents\Downloads\Football.Manager.2010.Update.10.1_Crack-BAT.5141818.TPB.torrent
C:\Documents and Settings\Simon\Mes documents\Downloads\commandos 2 men of courage\patch\InternationalPatch.exe
.
===================================
.
4791 Byte(s) - C:\Ad-Report-CLEAN[1].log
.
0 File(s) - C:\DOCUME~1\Simon\LOCALS~1\Temp
1 File(s) - C:\WINDOWS\Temp
9 File(s) - C:\WINDOWS\Prefetch
.
17 File(s) - C:\Program Files\Ad-Remover\BACKUP
11 File(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
End at: 16:10:03 | ven. 11/12/2009 - CLEAN[1]
.
============== E.O.F ==============
.

1/

Désinstalle les programmes suivants :
- Ad-Remover
- J2SE Runtime Environment 5.0 Update 4
- Java 6 Update 16

Mets à jour Java.

Mets à jour Adobe Reader.

Mets à jour Internet Explorer.


2/

Double-clique sur l'icône d'AntiVir (Parapluie) dans la barre des tâches.

Dans AntiVir, choisis Outils puis Configuration.

Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages puis valide.

Fais un scan complet, clique sur Tout réparer si AntiVir trouve quelque chose et poste le rapport.

Tutoriel : Scanner le(s) disque(s) dur(s)

Voila le log désolé pour le retard.

Avira AntiVir Personal
Report file date: mardi 15 décembre 2009 19:49

Scanning for 1448949 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : 106254330136

Version information:
BUILD.DAT : 9.0.0.418 21723 Bytes 2/12/2009 16:28:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 20/11/2009 09:30:45
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6/11/2009 09:30:45
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 09:30:45
VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 09:30:45
VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 09:30:45
VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 09:30:45
VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 09:30:45
VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 09:30:45
VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 09:30:45
VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 09:30:45
VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 09:30:45
VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 09:30:45
VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 09:30:45
VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 09:30:45
VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 10:21:37
VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 07:43:33
VBASE015.VDF : 7.10.1.178 195584 Bytes 7/12/2009 08:38:20
VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 18:37:32
VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 18:37:52
VBASE018.VDF : 7.10.1.248 2048 Bytes 15/12/2009 18:37:53
VBASE019.VDF : 7.10.1.249 2048 Bytes 15/12/2009 18:37:54
VBASE020.VDF : 7.10.1.250 2048 Bytes 15/12/2009 18:37:55
VBASE021.VDF : 7.10.1.251 2048 Bytes 15/12/2009 18:37:56
VBASE022.VDF : 7.10.1.252 2048 Bytes 15/12/2009 18:37:56
VBASE023.VDF : 7.10.1.253 2048 Bytes 15/12/2009 18:37:57
VBASE024.VDF : 7.10.1.254 2048 Bytes 15/12/2009 18:37:57
VBASE025.VDF : 7.10.1.255 2048 Bytes 15/12/2009 18:37:58
VBASE026.VDF : 7.10.2.0 2048 Bytes 15/12/2009 18:37:58
VBASE027.VDF : 7.10.2.1 2048 Bytes 15/12/2009 18:37:59
VBASE028.VDF : 7.10.2.2 2048 Bytes 15/12/2009 18:38:00
VBASE029.VDF : 7.10.2.3 2048 Bytes 15/12/2009 18:38:00
VBASE030.VDF : 7.10.2.4 2048 Bytes 15/12/2009 18:38:01
VBASE031.VDF : 7.10.2.5 45568 Bytes 15/12/2009 18:38:05
Engineversion : 8.2.1.108
AEVDF.DLL : 8.1.1.2 106867 Bytes 23/09/2009 20:08:51
AESCRIPT.DLL : 8.1.3.2 582010 Bytes 11/12/2009 15:00:58
AESCN.DLL : 8.1.3.0 127348 Bytes 11/12/2009 15:00:57
AESBX.DLL : 8.1.1.1 246132 Bytes 20/11/2009 09:30:45
AERDL.DLL : 8.1.3.4 479605 Bytes 3/12/2009 07:43:38
AEPACK.DLL : 8.2.0.3 422261 Bytes 18/11/2009 07:45:21
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 23/07/2009 08:59:39
AEHEUR.DLL : 8.1.0.186 2183544 Bytes 9/12/2009 08:38:36
AEHELP.DLL : 8.1.8.0 237942 Bytes 9/12/2009 08:38:32
AEGEN.DLL : 8.1.1.80 364917 Bytes 9/12/2009 08:38:31
AEEMU.DLL : 8.1.1.0 393587 Bytes 4/10/2009 19:00:48
AECORE.DLL : 8.1.9.1 180598 Bytes 11/12/2009 15:00:57
AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 23/09/2009 20:08:51
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 5/12/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 5/12/2008 09:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 14:39:58
RCTEXT.DLL : 9.0.73.0 86785 Bytes 20/11/2009 09:30:44

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: mardi 15 décembre 2009 19:49

Starting search for hidden objects.
'48869' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'WINWORD.EXE' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'OfficeLiveSignIn.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'CLSched.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'OProtSvc.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'HidService.exe' - '1' Module(s) have been scanned
Scan process 'CLMLService.exe' - '1' Module(s) have been scanned
Scan process 'CLMLServer.exe' - '1' Module(s) have been scanned
Scan process 'CLCapSvc.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'SMPSYS.EXE' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'EOUWiz.exe' - '1' Module(s) have been scanned
Scan process 'iFrmewrk.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'PCMService.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process '1XConfig.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ZCfgSvc.exe' - '1' Module(s) have been scanned
Scan process 'WLKEEPER.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
61 processes with 61 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '60' files ).


Starting the file scan:

Begin scan in 'C:\' <HDD>
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00062f
[0] Archive type: NSIS
--> ProgramFilesDir/List.dat
[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
C:\Documents and Settings\Simon\Mes documents\Downloads\AD-R.exe
[0] Archive type: NSIS
--> ProgramFilesDir/List.dat
[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!

Beginning disinfection:
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00062f
[NOTE] The file was moved to '4b57ec10.qua'!
C:\Documents and Settings\Simon\Mes documents\Downloads\AD-R.exe
[NOTE] The file was moved to '4b54ebf7.qua'!


End of the scan: mardi 15 décembre 2009 21:04
Used time: 1:14:31 Hour(s)

The scan has been done completely.

12518 Scanned directories
310490 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
2 Files were moved to quarantine
0 Files were renamed
3 Files cannot be scanned
310485 Files not concerned
7752 Archives were scanned
3 Warnings
4 Notes
48869 Objects were scanned with rootkit scan
0 Hidden objects were found



Avira AntiVir Personal
Report file date: mardi 15 décembre 2009 19:49

Scanning for 1448949 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : 106254330136

Version information:
BUILD.DAT : 9.0.0.418 21723 Bytes 2/12/2009 16:28:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 20/11/2009 09:30:45
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6/11/2009 09:30:45
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 09:30:45
VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 09:30:45
VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 09:30:45
VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 09:30:45
VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 09:30:45
VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 09:30:45
VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 09:30:45
VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 09:30:45
VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 09:30:45
VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 09:30:45
VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 09:30:45
VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 09:30:45
VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 10:21:37
VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 07:43:33
VBASE015.VDF : 7.10.1.178 195584 Bytes 7/12/2009 08:38:20
VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 18:37:32
VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 18:37:52
VBASE018.VDF : 7.10.1.248 2048 Bytes 15/12/2009 18:37:53
VBASE019.VDF : 7.10.1.249 2048 Bytes 15/12/2009 18:37:54
VBASE020.VDF : 7.10.1.250 2048 Bytes 15/12/2009 18:37:55
VBASE021.VDF : 7.10.1.251 2048 Bytes 15/12/2009 18:37:56
VBASE022.VDF : 7.10.1.252 2048 Bytes 15/12/2009 18:37:56
VBASE023.VDF : 7.10.1.253 2048 Bytes 15/12/2009 18:37:57
VBASE024.VDF : 7.10.1.254 2048 Bytes 15/12/2009 18:37:57
VBASE025.VDF : 7.10.1.255 2048 Bytes 15/12/2009 18:37:58
VBASE026.VDF : 7.10.2.0 2048 Bytes 15/12/2009 18:37:58
VBASE027.VDF : 7.10.2.1 2048 Bytes 15/12/2009 18:37:59
VBASE028.VDF : 7.10.2.2 2048 Bytes 15/12/2009 18:38:00
VBASE029.VDF : 7.10.2.3 2048 Bytes 15/12/2009 18:38:00
VBASE030.VDF : 7.10.2.4 2048 Bytes 15/12/2009 18:38:01
VBASE031.VDF : 7.10.2.5 45568 Bytes 15/12/2009 18:38:05
Engineversion : 8.2.1.108
AEVDF.DLL : 8.1.1.2 106867 Bytes 23/09/2009 20:08:51
AESCRIPT.DLL : 8.1.3.2 582010 Bytes 11/12/2009 15:00:58
AESCN.DLL : 8.1.3.0 127348 Bytes 11/12/2009 15:00:57
AESBX.DLL : 8.1.1.1 246132 Bytes 20/11/2009 09:30:45
AERDL.DLL : 8.1.3.4 479605 Bytes 3/12/2009 07:43:38
AEPACK.DLL : 8.2.0.3 422261 Bytes 18/11/2009 07:45:21
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 23/07/2009 08:59:39
AEHEUR.DLL : 8.1.0.186 2183544 Bytes 9/12/2009 08:38:36
AEHELP.DLL : 8.1.8.0 237942 Bytes 9/12/2009 08:38:32
AEGEN.DLL : 8.1.1.80 364917 Bytes 9/12/2009 08:38:31
AEEMU.DLL : 8.1.1.0 393587 Bytes 4/10/2009 19:00:48
AECORE.DLL : 8.1.9.1 180598 Bytes 11/12/2009 15:00:57
AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 23/09/2009 20:08:51
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 5/12/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 5/12/2008 09:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 14:39:58
RCTEXT.DLL : 9.0.73.0 86785 Bytes 20/11/2009 09:30:44

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: mardi 15 décembre 2009 19:49

Starting search for hidden objects.
'48869' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'WINWORD.EXE' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'OfficeLiveSignIn.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'CLSched.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'OProtSvc.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'HidService.exe' - '1' Module(s) have been scanned
Scan process 'CLMLService.exe' - '1' Module(s) have been scanned
Scan process 'CLMLServer.exe' - '1' Module(s) have been scanned
Scan process 'CLCapSvc.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'SMPSYS.EXE' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'EOUWiz.exe' - '1' Module(s) have been scanned
Scan process 'iFrmewrk.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'PCMService.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process '1XConfig.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ZCfgSvc.exe' - '1' Module(s) have been scanned
Scan process 'WLKEEPER.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
61 processes with 61 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '60' files ).


Starting the file scan:

Begin scan in 'C:\' <HDD>
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00062f
[0] Archive type: NSIS
--> ProgramFilesDir/List.dat
[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
C:\Documents and Settings\Simon\Mes documents\Downloads\AD-R.exe
[0] Archive type: NSIS
--> ProgramFilesDir/List.dat
[DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!

Beginning disinfection:
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00062f
[NOTE] The file was moved to '4b57ec10.qua'!
C:\Documents and Settings\Simon\Mes documents\Downloads\AD-R.exe
[NOTE] The file was moved to '4b54ebf7.qua'!


End of the scan: mardi 15 décembre 2009 21:04
Used time: 1:14:31 Hour(s)

The scan has been done completely.

12518 Scanned directories
310490 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
2 Files were moved to quarantine
0 Files were renamed
3 Files cannot be scanned
310485 Files not concerned
7752 Archives were scanned
3 Warnings
4 Notes
48869 Objects were scanned with rootkit scan
0 Hidden objects were found

Le PC va mieux ?

AntiVir Personal est disponible en français :
http://www.commentcamarche.net/telecharger/telecharger-...

Oui voilà j'ai plus de spam   . Merci beaucoup noble sage d'info du net   .