Adyieldmanager et erreur de script

Please, aidez-moi !!!

En plus j'ai un nouveau problème maintenant :

Je ne peux plus ouvrir mes fichiers .txt, à part avec Internet Explorer.

Merci de m'aider car j'ai besoin de toutes ces fonctionnalités de mon PC, surtout en ce moment.

Bonjour,

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Merci de m'aider, c'est vraiment sympa :-)

Alors, voici le contenu de log.txt :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Pierre at 2009-12-14 11:11:42
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 27 GB (51%) free of 52 GB
Total RAM: 1014 MB (5% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:12:30, on 14/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Pierre\Bureau\RSIT.exe
C:\Documents and Settings\Pierre\Bureau\Pierre.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par IE 8 FOURNI PAR 01NET.COM
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ziptionary BHO - {F9FF8423-50F2-4f80-A31D-D1A03DBE9D86} - C:\Program Files\Ziptionary\ziptionary.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1...
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie....
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: AVGRSSTX.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Pierre/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 13122 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\HPpromotions journeysoftware.job
C:\WINDOWS\tasks\Recherche de problèmes automatique.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{9B04CE97-4E1D-4E63-A277-C336E0AEE745}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-11 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-19 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\BAE\BAE.dll [2006-08-30 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9FF8423-50F2-4f80-A31D-D1A03DBE9D86}]
Ziptionary BHO - C:\Program Files\Ziptionary\ziptionary.dll [2007-08-09 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-11 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [2005-06-10 249856]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
""= []
"IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2009-05-21 1372160]
"IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2009-05-21 1202448]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-11-11 122880]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-02-08 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2009-11-02 155648]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"eMuleAutoStart"=C:\Program Files\eMule\emule.exe [2009-02-22 5668864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ORAHSSSessionManager]
C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystrayORAHSS]
C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Widget LEquipe.fr]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-11-04 258048]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="AVGRSSTX.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-12-13 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
WRLogonNTF.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoRun"=0
"NoFind"=0
"NoLogOff"=0
"NoFolderOptions"=0
"NoSetFolders"=0
"DisallowRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2009\english\setup.exe"="C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2009\english\setup.exe:*:Enabled:Kaspersky Anti-Virus 2009 Setup"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1cb89506-bf00-11dd-ad4f-0015c5aa91a4}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL coPIe caNEbIere.eXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{65fa07c4-4292-11dc-bfdf-0015c5aa91a4}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95a671f2-a44e-11de-af8f-0015c5aa91a4}]
shell\AutoRun\command - "F:\WD SmartWare.exe" autoplay=true

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab192ad0-2aa4-11de-ae73-0015c5aa91a4}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe


======File associations======

.bat - edit -
.cmd - edit -
.inf - open -
.ini - open -
.js - edit -
.reg - edit -
.reg - open -
.txt - open -
.vbs - edit -

======List of files/folders created in the last 1 months======

2009-12-14 11:11:42 ----D---- C:\rsit
2009-12-13 21:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2009-12-13 20:55:16 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-12-13 20:43:14 ----HDC---- C:\WINDOWS\ie8
2009-12-13 19:27:47 ----A---- C:\WINDOWS\system32\shimgvw.dll
2009-12-12 22:18:00 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-12 20:12:33 ----A---- C:\WINDOWS\wininit.ini
2009-12-12 13:35:20 ----HD---- C:\WINDOWS\system32\GroupPolicy
2009-12-10 11:28:37 ----D---- C:\Documents and Settings\Pierre\Application Data\AVG8
2009-12-10 11:17:41 ----D---- C:\Program Files\Panda Security
2009-12-08 17:47:42 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-12-04 17:43:08 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2009-12-04 17:43:06 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-12-04 17:41:35 ----D---- C:\Program Files\TuneUp Utilities 2010
2009-12-04 17:40:41 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-11-25 21:52:30 ----D---- C:\Program Files\MSXML 4.0
2009-11-24 00:37:00 ----HD---- C:\WINDOWS\PIF
2009-11-20 02:06:16 ----D---- C:\bcc2819756e10707dbce52932f

======List of files/folders modified in the last 1 months======

2009-12-14 10:21:31 ----D---- C:\Documents and Settings\Pierre\Application Data\Skype
2009-12-14 10:20:41 ----D---- C:\WINDOWS\Temp
2009-12-14 10:18:10 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-12-14 10:17:32 ----D---- C:\WINDOWS\Registration
2009-12-14 10:17:23 ----D---- C:\WINDOWS
2009-12-13 23:18:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-13 22:15:29 ----D---- C:\WINDOWS\system32
2009-12-13 22:15:29 ----D---- C:\WINDOWS\AppPatch
2009-12-13 22:15:29 ----D---- C:\Program Files\Internet Explorer
2009-12-13 22:14:31 ----AC---- C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt
2009-12-13 21:33:20 ----D---- C:\Documents and Settings\Pierre\Application Data\dvdcss
2009-12-13 21:00:38 ----HD---- C:\WINDOWS\inf
2009-12-13 21:00:38 ----D---- C:\WINDOWS\system32\dllcache
2009-12-13 21:00:25 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-13 21:00:10 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-13 20:59:28 ----D---- C:\WINDOWS\ie8updates
2009-12-13 20:58:56 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-13 20:55:30 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-13 20:48:13 ----D---- C:\WINDOWS\system32\fr-fr
2009-12-13 20:48:12 ----D---- C:\WINDOWS\Media
2009-12-13 20:48:11 ----D---- C:\WINDOWS\Help
2009-12-13 20:46:07 ----RD---- C:\Program Files
2009-12-13 20:46:07 ----HD---- C:\WINDOWS\msdownld.tmp
2009-12-13 20:42:58 ----D---- C:\WINDOWS\Prefetch
2009-12-13 20:41:18 ----D---- C:\WINDOWS\Debug
2009-12-13 20:28:41 ----SHD---- C:\WINDOWS\Installer
2009-12-13 20:28:40 ----HD---- C:\Config.Msi
2009-12-13 20:23:04 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-13 20:18:58 ----D---- C:\WINDOWS\network diagnostic
2009-12-13 20:17:00 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-12-13 20:16:59 ----D---- C:\i386
2009-12-13 13:01:16 ----SHD---- C:\WINDOWS\CSC
2009-12-12 22:18:05 ----D---- C:\WINDOWS\system32\drivers
2009-12-12 21:41:01 ----AD---- C:\Program Files\Fichiers communs
2009-12-12 21:37:12 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-12-12 21:01:59 ----D---- C:\WINDOWS\WinSxS
2009-12-12 19:52:30 ----D---- C:\WINDOWS\system
2009-12-12 13:51:09 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-12-11 22:27:08 ----RSD---- C:\WINDOWS\Fonts
2009-12-11 22:27:08 ----D---- C:\Program Files\Outlook Express
2009-12-11 22:27:08 ----D---- C:\Program Files\Movie Maker
2009-12-11 22:27:03 ----D---- C:\WINDOWS\system32\usmt
2009-12-11 18:42:37 ----SD---- C:\WINDOWS\Tasks
2009-12-10 22:10:25 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-10 16:19:03 ----D---- C:\Program Files\Grisoft
2009-12-10 16:19:02 ----D---- C:\WINDOWS\SxsCaPendDel
2009-12-10 12:51:43 ----D---- C:\Program Files\AVG
2009-12-10 12:37:32 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8
2009-12-10 11:13:54 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-08 19:25:27 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-12-08 13:04:58 ----D---- C:\Documents and Settings\Pierre\Application Data\HpUpdate
2009-12-05 10:37:35 ----D---- C:\WINDOWS\system32\config
2009-12-04 18:23:24 ----D---- C:\Program Files\CyberLink
2009-12-04 18:23:23 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-04 17:41:04 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-12-02 16:16:28 ----D---- C:\Program Files\QuickTime
2009-12-02 16:05:48 ----RSD---- C:\WINDOWS\assembly
2009-12-02 16:04:44 ----D---- C:\Program Files\Paint.NET
2009-12-01 21:06:19 ----AC---- C:\WINDOWS\system32\MRT.exe
2009-11-30 17:28:51 ----D---- C:\Program Files\Mozilla Firefox
2009-11-30 17:27:52 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-11-25 00:54:29 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-11-20 00:55:01 ----D---- C:\Documents and Settings\Pierre\Application Data\WinRAR
2009-11-20 00:46:23 ----AC---- C:\WINDOWS\avisplitter.INI
2009-11-19 20:41:50 ----D---- C:\Program Files\WinRAR

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-11-23 40480]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-08-13 11904]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-12-06 25883]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-12-06 34843]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-12-06 4123]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-12-06 2271]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-12-06 86586]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-12-06 15227]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-12-06 6363]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-12-06 98714]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-12-06 100603]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-08-05 45312]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-22 1035008]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-07-22 201600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-12-14 1364574]
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2009-05-28 4203392]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-10-14 28544]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-10-14 51328]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-10-14 307968]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-03-24 1156648]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-08 191872]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-22 717952]
S1 SDManager;SDManager; \??\C:\Program Files\SpywareDetector\SDManager.sys []
S2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 DSproct;DSproct; \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys []
S3 E100B;Pilote de carte Intel (R) PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744]
S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys []
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-12-06 39424]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-12-06 7136]
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-12-06 916096]
S3 PID_0928;Labtec WebCam(PID_0928); C:\WINDOWS\system32\drivers\PID_0928.sys []
S3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2004-03-30 374816]
S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-26 1429632]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-05-21 874768]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2005-12-09 81920]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe [2006-04-06 380928]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [2009-05-21 473360]
R2 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2009-05-21 909312]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-11-13 1021256]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-09-18 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 183280]
S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-12-04 435016]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


Et clui de info.txt :

info.txt logfile of random's system information tool 1.06 2009-12-14 11:12:36

======Uninstall list======

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7E9BE6D1-680B-49B2-A2B0-CBC32D20DF04}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA2CA846-C6DB-4468-B291-18D4BA359656}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
AusLogics Disk Defrag 1.1-->"C:\Program Files\AusLogics Disk Defrag\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Broadcom Management Programs-->MsiExec.exe /I{26E1BFB0-E87E-4696-9F89-B467F01F81E5}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Conexant HDA D110 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028k.inf
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Dell Support 3.2-->MsiExec.exe /X{3846E811-639D-4DE1-844B-30491C0A6C0C}
Digital Line Detect-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x40c ControlPanel
eMule-->"C:\Program Files\eMule\Uninstall.exe"
FileHippo.com Update Checker-->"C:\Program Files\FileHippo.com\uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"
Google Toolbar for Firefox-->C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\Firefox_Toolbar_Uninstaller.exe
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Documents and Settings\Pierre\Bureau\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Image Zone 4.7-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Express-->MsiExec.exe /X{8F7A4D82-B168-4F89-99C2-B9873EC877AF}
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP PSC & OfficeJet 4.7-->"C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe" -datfile hposcr05.dat
HP Update-->MsiExec.exe /X{74DC0593-6BC6-4001-AD5F-D810AFB68D86}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel PROSet Wireless-->Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
K-Lite Codec Pack 3.8.0 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Ma-Config.com-->MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MCU-->MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Speech Recognition Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mscsrgph.inf, Uninstall.NT
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Mixeur-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7E9BE6D1-680B-49B2-A2B0-CBC32D20DF04}\setup.exe" -l0x40c /remove
Modem Helper-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x40c ControlPanel
Mozilla Firefox (3.5.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
NetWaiting-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x40c ControlPanel
Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
Orange - Logiciels Internet-->C:\Program Files\Orange\installation\core\Installgui.exe -u
Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe"
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Paint.NET v3.5.1-->MsiExec.exe /X{5BFB956C-3AB9-492A-9E91-5D8C87DCC598}
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickSet-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x40c APPDRVNT4
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
SearchAssist-->C:\DELL\SearchAssist\UninstSA.bat
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sound Blaster Audigy ADVANCED MB Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA2CA846-C6DB-4468-B291-18D4BA359656}\setup.exe" -l0x40c /remove
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
URL Assistant-->regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WD SmartWare-->MsiExec.exe /X{58CCB73A-017C-4E56-B0BA-34AEE484057E}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======Hosts File======

127.0.0.1 localhost
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com

======Security center information======

AV: avast! antivirus 4.8.1368 [VPS 091213-0]

======System event log======

Computer Name: PIT
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{74585082-7813-4358-A8AA-295639826443} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 116888
Source Name: Tcpip
Time Written: 20091202220937.000000+060
Event Type: Informations
User:

Computer Name: PIT
Event Code: 10016
Message: Les paramètres d'autorisation par défaut de l'ordinateur n'accordent pas d'autorisation Locale Activation pour l'application serveur COM avec le CLSID
{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}
au SID AUTORITE NT\SERVICE RÉSEAU de l'utilisateur (S-1-5-20). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil d'administration Services de composants.

Record Number: 116887
Source Name: DCOM
Time Written: 20091202220910.000000+060
Event Type: erreur
User: AUTORITE NT\SERVICE RÉSEAU

Computer Name: PIT
Event Code: 10016
Message: Les paramètres d'autorisation par défaut de l'ordinateur n'accordent pas d'autorisation Locale Activation pour l'application serveur COM avec le CLSID
{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}
au SID AUTORITE NT\SERVICE RÉSEAU de l'utilisateur (S-1-5-20). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil d'administration Services de composants.

Record Number: 116886
Source Name: DCOM
Time Written: 20091202220910.000000+060
Event Type: erreur
User: AUTORITE NT\SERVICE RÉSEAU

Computer Name: PIT
Event Code: 10016
Message: Les paramètres d'autorisation par défaut de l'ordinateur n'accordent pas d'autorisation Locale Activation pour l'application serveur COM avec le CLSID
{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}
au SID AUTORITE NT\SERVICE RÉSEAU de l'utilisateur (S-1-5-20). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil d'administration Services de composants.

Record Number: 116885
Source Name: DCOM
Time Written: 20091202220909.000000+060
Event Type: erreur
User: AUTORITE NT\SERVICE RÉSEAU

Computer Name: PIT
Event Code: 7036
Message: Le service Configuration automatique sans fil est entré dans l'état : arrêté.

Record Number: 116884
Source Name: Service Control Manager
Time Written: 20091202220907.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: PIT
Event Code: 0
Message: Service stopped successfully.

Record Number: 39463
Source Name: idsvc
Time Written: 20091105150932.000000+060
Event Type: Informations
User:

Computer Name: PIT
Event Code: 518
Message: The Windows CardSpace service has been idle for some time. It has been shut down to make resources available for other programs.

Record Number: 39462
Source Name: CardSpace 3.0.0.0
Time Written: 20091105150931.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: PIT
Event Code: 0
Message: Service started successfully.

Record Number: 39461
Source Name: idsvc
Time Written: 20091105140931.000000+060
Event Type: Informations
User:

Computer Name: PIT
Event Code: 0
Message: Service stopped successfully.

Record Number: 39460
Source Name: idsvc
Time Written: 20091105104703.000000+060
Event Type: Informations
User:

Computer Name: PIT
Event Code: 518
Message: The Windows CardSpace service has been idle for some time. It has been shut down to make resources available for other programs.

Record Number: 39459
Source Name: CardSpace 3.0.0.0
Time Written: 20091105104703.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0e08
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Merci encore Destrio5 !!

1/

Démarre Spybot, clique sur Mode, coche Mode avancé.

A gauche, clique sur Outils, puis sur Résident.

Décoche la case devant Résident "TeaTimer" :

Quitte Spybot.


2/

Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

Double-clique sur UsbFix pour l'exécuter.

Choisis l'option 1 (Recherche).

Laisse travailler l'outil.

Poste le rapport UsbFix.txt.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

Voici ce que donne mon scan UsbFix :

############################## | UsbFix V6.063 |

User : Pierre (Administrateurs) # PIT
Update on 14/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 18:48:36 | 14/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Genuine Intel(R) CPU T2050 @ 1.60GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1368 [VPS 091214-0] 4.8.1368 [ Enabled | Updated ]

C:\ -> Disque fixe local # 51,19 Go (26,66 Go free) # NTFS
D:\ -> Disque fixe local # 17,21 Go (17,13 Go free) [Sauvegarder] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible # 7,52 Go (80,17 Mo free) [NATHALIE] # FAT32
H:\ -> Disque amovible # 971 Mo (249,59 Mo free) [THM_LYRA] # FAT32
I:\ -> Disque CD-ROM # 446,77 Mo (0 Mo free) [WD SmartWare] # UDF
J:\ -> Disque fixe local # 297,44 Go (172,64 Go free) [My Passport] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 1876
C:\WINDOWS\system32\csrss.exe 204
C:\WINDOWS\system32\winlogon.exe 272
C:\WINDOWS\system32\services.exe 376
C:\WINDOWS\system32\lsass.exe 400
C:\WINDOWS\system32\svchost.exe 704
C:\WINDOWS\system32\svchost.exe 796
C:\WINDOWS\System32\svchost.exe 836
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe 924
C:\WINDOWS\system32\svchost.exe 1108
C:\WINDOWS\system32\svchost.exe 1188
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1376
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1432
C:\WINDOWS\system32\spoolsv.exe 780
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe 976
C:\WINDOWS\eHome\ehRecvr.exe 1060
C:\WINDOWS\eHome\ehSched.exe 1084
C:\Program Files\Intel\WiFi\bin\EvtEng.exe 1160
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 1484
C:\Program Files\Java\jre6\bin\jqs.exe 1604
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe 1684
C:\WINDOWS\system32\HPZipm12.exe 1844
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe 1892
C:\WINDOWS\system32\svchost.exe 2024
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe 184
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe 844
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe 1356
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2372
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2424
C:\WINDOWS\system32\dllhost.exe 2484
C:\WINDOWS\System32\alg.exe 2672
C:\WINDOWS\system32\wbem\wmiprvse.exe 2688
C:\WINDOWS\system32\wbem\wmiapsrv.exe 3512
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe 3276
C:\WINDOWS\Explorer.EXE 3672
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe 4036
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe 4068
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe 1516
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe 1736
C:\Program Files\Java\jre6\bin\jusched.exe 2460
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe 2116
C:\WINDOWS\system32\ctfmon.exe 3252
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 3280
C:\WINDOWS\system32\wbem\unsecapp.exe 3948
C:\WINDOWS\system32\wbem\wmiprvse.exe 1256
C:\Program Files\FileHippo.com\UpdateChecker.exe 3552
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe 3484
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe 3488
C:\Program Files\Internet Explorer\iexplore.exe 536
C:\Program Files\Internet Explorer\iexplore.exe 2016
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe 4828
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 200
C:\Program Files\Internet Explorer\iexplore.exe 8664
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 4396
C:\WINDOWS\system32\wbem\wmiprvse.exe 3684

################## | Fichiers # Dossiers infectieux |

G:\autorun.inf
I:\autorun.inf

################## | Registre # Clés infectieuses |

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"

################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{1cb89506-bf00-11dd-ad4f-0015c5aa91a4}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL coPIe caNEbIere.eXE

HKCU\..\..\Explorer\MountPoints2\{65fa07c4-4292-11dc-bfdf-0015c5aa91a4}
Shell\Auto\command =AdobeR.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

HKCU\..\..\Explorer\MountPoints2\{95a671f2-a44e-11de-af8f-0015c5aa91a4}
Shell\AutoRun\command ="I:\WD SmartWare.exe" autoplay=true

HKCU\..\..\Explorer\MountPoints2\{ab192ad0-2aa4-11de-ae73-0015c5aa91a4}
Shell\AutoRun\command =F:\InstallTomTomHOME.exe

################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.063 ! |

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

Double-clique sur UsbFix présent sur ton Bureau pour le lancer.

Choisis l'option 2 (Suppression).

Ton Bureau disparaîtra et le PC redémarrera.

Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.

Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

Rapport UsbFix :

############################## | UsbFix V6.063 |

User : Pierre (Administrateurs) # PIT
Update on 14/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 20:48:57 | 14/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Genuine Intel(R) CPU T2050 @ 1.60GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1368 [VPS 091214-0] 4.8.1368 [ Enabled | Updated ]

C:\ -> Disque fixe local # 51,19 Go (26,67 Go free) # NTFS
D:\ -> Disque fixe local # 17,21 Go (17,13 Go free) [Sauvegarder] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible # 7,52 Go (80,17 Mo free) [NATHALIE] # FAT32
H:\ -> Disque amovible # 971 Mo (249,59 Mo free) [THM_LYRA] # FAT32
I:\ -> Disque CD-ROM # 446,77 Mo (0 Mo free) [WD SmartWare] # UDF
J:\ -> Disque fixe local # 297,44 Go (172,65 Go free) [My Passport] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 1676
C:\WINDOWS\system32\csrss.exe 1284
C:\WINDOWS\system32\winlogon.exe 1320
C:\WINDOWS\system32\services.exe 1392
C:\WINDOWS\system32\lsass.exe 1408
C:\WINDOWS\system32\svchost.exe 1700
C:\WINDOWS\system32\svchost.exe 1812
C:\WINDOWS\System32\svchost.exe 1840
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe 1872
C:\WINDOWS\system32\svchost.exe 236
C:\WINDOWS\system32\svchost.exe 268
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 592
C:\Program Files\Alwil Software\Avast4\ashServ.exe 644
C:\WINDOWS\system32\spoolsv.exe 1184
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe 1248
C:\WINDOWS\eHome\ehRecvr.exe 1288
C:\WINDOWS\eHome\ehSched.exe 1372
C:\Program Files\Intel\WiFi\bin\EvtEng.exe 1564
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 2004
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 2044
C:\Program Files\Java\jre6\bin\jqs.exe 736
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe 828
C:\WINDOWS\system32\HPZipm12.exe 1636
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe 1988
C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe 2024
C:\WINDOWS\system32\svchost.exe 408
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe 552
C:\WINDOWS\Explorer.EXE 576
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe 784
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe 988
C:\WINDOWS\system32\wuauclt.exe 2228
C:\WINDOWS\system32\wbem\wmiprvse.exe 2288
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2668
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2684
C:\WINDOWS\system32\dllhost.exe 2756
C:\WINDOWS\system32\wbem\wmiapsrv.exe 2872
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe 3108
C:\WINDOWS\System32\alg.exe 3216
C:\WINDOWS\system32\wbem\wmiprvse.exe 3300
C:\WINDOWS\system32\WgaTray.exe 4092

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\Recycler\S-1-5-21-1895506034-1014131055-1494101493-1005
Supprimé ! C:\Recycler\S-1-5-21-1895506034-1014131055-1494101493-500
Supprimé ! D:\Recycler\S-1-5-21-1895506034-1014131055-1494101493-1005
Supprimé ! D:\Recycler\S-1-5-21-1895506034-1014131055-1494101493-500
Supprimé ! G:\autorun.inf
Non supprimé ! I:\autorun.inf
Supprimé ! J:\Recycler\S-1-5-21-1895506034-1014131055-1494101493-1005
Supprimé ! J:\Recycler\S-1-5-21-725345543-261478967-2147061141-1003

################## | Registre # Clés infectieuses |

Supprimé ! [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"

################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{65fa07c4-4292-11dc-bfdf-0015c5aa91a4}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{ab192ad0-2aa4-11de-ae73-0015c5aa91a4}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[19/04/2009 13:39|--a------|15744] C:\aaw7boot.log
[04/03/2009 18:13|--a------|2252] C:\Ad-Fix.txt
[24/11/2007 00:54|-rahs----|209] C:\boot.ini
[10/08/2004 12:00|-rahs----|4952] C:\Bootfont.bin
[01/07/2008 18:30|--a------|34543] C:\caavsetupLog.txt
[02/07/2008 06:09|--a------|19037] C:\caisslog.txt
[13/09/2006 23:59|-rah-----|5797] C:\dell.sdr
[?|?|?] C:\hiberfil.sys
[04/06/2007 17:47|--a------|4128] C:\INFCACHE.1
[25/10/2006 21:57|--a------|1120] C:\INSTALL.LOG
[01/09/2005 06:17|--ah-----|0] C:\IO.SYS
[01/09/2005 06:17|--ah-----|0] C:\MSDOS.SYS
[06/05/1999 11:59|--a------|220172] C:\nsoFC.tmp
[10/08/2004 12:00|-rahs----|47564] C:\NTDETECT.COM
[09/09/2008 10:28|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[06/09/2009 15:00|--a------|251] C:\rapport_clean.txt
[24/05/2001 11:59|--a------|162304] C:\UNWISE.EXE
[03/09/2009 00:35|--a------|825] C:\updatedatfix.log
[14/12/2009 20:51|--a------|5271] C:\UsbFix.txt
[19/09/2006 20:11|--ahs----|4096] C:\VSNAP.IDX
[21/09/2009 16:10|--ah-----|512] F:\NIKON001.DSC
[05/10/2009 14:05|--a------|8247] G:\Attestation CAF.pdf
[12/11/2009 18:50|--a------|1427456] H:\CV_PierreHaro_ Assistant Logistique Trilingue.doc
[27/12/2002 18:44|-rahs----|438] H:\SETTINGS.DAT
[09/06/2009 09:09|--ah-----|4096] H:\._.Trashes
[31/08/2009 10:19|--ah-----|12292] H:\.DS_Store
[29/08/2009 14:37|---h-----|21160960] H:\~WRL2626.tmp
[29/10/2008 17:55|---h-----|78848] H:\~WRL2137.tmp
[12/11/2009 18:58|--a------|1421824] H:\CV_PierreHaro_ASSISTANT LOGISTIQUE TRILINGUE.doc
[18/06/2009 22:12|-r-------|88] I:\autorun.inf
[17/08/2009 18:51|-r-------|3669504] I:\Unlock.exe
[17/08/2009 18:53|-r-------|2770432] I:\WD SmartWare.exe
[18/06/2009 18:06|-r-------|695] I:\What is this.html
[28/09/2007 19:24|--a------|56893] J:\RICE.pdf

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# F:\autorun.inf -> Dossier créé par UsbFix.
# G:\autorun.inf -> Dossier créé par UsbFix.
# H:\autorun.inf -> Dossier créé par UsbFix.
# J:\autorun.inf -> Dossier créé par UsbFix.

################## | Cracks / Keygens / Serials |


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\Pierre\Bureau\UsbFix_Upload_Me_PIT.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .

Relance UsbFix et choisis l'option 5 pour le désinstaller.

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.

Double-clique sur le fichier téléchargé pour lancer le processus d'installation.

Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.

Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.

Sélectionne Exécuter un examen rapide.

Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

Ferme tes navigateurs.

Si des malwares ont été détectés, clique sur Afficher les résultats.

Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

R.A.S. pour le scan MBAM :

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3359
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

14/12/2009 22:07:36
mbam-log-2009-12-14 (22-07-36).txt

Type de recherche: Examen rapide
Eléments examinés: 121831
Temps écoulé: 15 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Il te reste quel(s) souci(s) ?

1 - Lorsque j'essaie d'accéderà certains sites (paruvendu, par exemple), le PC recherche la page mais me redirige vers une page d'erreur Google avec ceci pour message : " Impossible de trouver http://ad.yieldmanager.com/st%3Fad_type%3Diframe. "

Je te mets un lien pour exemple : " http://www.google.fr/hws/dell-row/afe?hl=fr&channel=fr&... "

2 - Je ne peux plus lire des fichiers .txt sauf avec Internet Explorer.

En revanche, pour ce qui est des erreurs de scripts dans Internet Explorer, a priori il n'y en a plus. Je suis allé sur les sites qui déclenchaient l'ouverture de ces messages d'erreur et tout est OK.

Merci, je peux déjà surfer de manière un peu plus fluide.

Rectif : j'ai eu une erreur de script ce matin (sans avoir reconnecté un de mes périphériques) mais rien à voir avec ces derniers jours.

Télécharge Gmer sur ton Bureau.

Extrais l'archive (Clic droit > Extraire) puis renomme gmer.exe en IDN.exe (Le .exe n'est pas forcément visible).

Double-clique sur IDN.exe.

Onglet "Rootkit/Malware", clique sur "Scan" puis patiente.

En fin de traitement, clique sur "Save..." et enregistre sur ton Bureau "gmer.txt".

Double-clique sur "gmer.txt", le rapport apparaît, poste-le.

Mon ordi a planté plusieurs fois pendant l'analyse... Mais voici le résultat :

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2009-12-15 21:34:59
Windows 5.1.2600 Service Pack 3
Running: IDN.exe; Driver: C:\DOCUME~1\Pierre\LOCALS~1\Temp\pxtdapob.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xA98B76B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xA98B7574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xA98B7A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xA98B714C]
SSDT spyh.sys ZwEnumerateKey [0xF741DCA2]
SSDT spyh.sys ZwEnumerateValueKey [0xF741E030]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xA98B764E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xA98B708C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xA98B70F0]
SSDT spyh.sys ZwQueryKey [0xF741E108]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xA98B776E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xA98B772E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xA98B78AE]

INT 0x62 ? 86BD7BF8
INT 0x74 ? 869F4BF8
INT 0x82 ? 86BD7BF8
INT 0x94 ? 869F4BF8
INT 0xA4 ? 869F4BF8

---- Kernel code sections - GMER 1.0.15 ----

? spyh.sys Le fichier spécifié est introuvable. !
.text USBPORT.SYS!DllUnload F66B98AC 5 Bytes JMP 869F41D8

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[512] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D8541D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[512] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5D6EC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[512] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F5441F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[512] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F54351 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[512] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F543BC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[512] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F54222 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[512] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F54284 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[512] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F54482 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[512] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F542E6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D8541D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 40E59865 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 40E4CEE9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5D6EC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 40DC4602 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F5441F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F54351 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F543BC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F54222 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F54284 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F54482 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F542E6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 40E5D748 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3964] ole32.dll!OleLoadFromStream 774E9C85 5 Bytes JMP 40F547A0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7401040] spyh.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F740113C] spyh.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74010BE] spyh.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74017FC] spyh.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74016D2] spyh.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7410D92] spyh.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[248] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00390002
IAT C:\WINDOWS\system32\services.exe[248] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00390000
IAT C:\WINDOWS\Explorer.EXE[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01A92F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01A92DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01A92D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01A92DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C82F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C82DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C82D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C82DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A42F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A42DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A42D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A42DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Pierre\Bureau\IDN.exe[772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00802F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Pierre\Bureau\IDN.exe[772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00802DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Pierre\Bureau\IDN.exe[772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00802D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Pierre\Bureau\IDN.exe[772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00802DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\FileHippo.com\UpdateChecker.exe[1032] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtCreateFile] [00802F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\FileHippo.com\UpdateChecker.exe[1032] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDeviceIoControlFile] [00802DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\FileHippo.com\UpdateChecker.exe[1032] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtClose] [00802D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\FileHippo.com\UpdateChecker.exe[1032] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDuplicateObject] [00802DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[1096] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D02F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[1096] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D02DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[1096] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D02D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[1096] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D02DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[1716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A22F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[1716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A22DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[1716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A22D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[1716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A22DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2280] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009F2F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2280] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009F2DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2280] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009F2D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2280] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009F2DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2392] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00CE2F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2392] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00CE2DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2392] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00CE2D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2392] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00CE2DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wbem\unsecapp.exe[2768] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B82F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wbem\unsecapp.exe[2768] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B82DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wbem\unsecapp.exe[2768] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B82D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wbem\unsecapp.exe[2768] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B82DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[3016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009F2F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[3016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009F2DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[3016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009F2D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[3016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009F2DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C22F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C22DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C22D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C22DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe[3704] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D92F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe[3704] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D92DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe[3704] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D92D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe[3704] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D92DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[3868] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtCreateFile] [00D72F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[3868] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDeviceIoControlFile] [00D72DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[3868] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtClose] [00D72D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[3868] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDuplicateObject] [00D72DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe[3928] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D22F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe[3928] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D22DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe[3928] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D22D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe[3928] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D22DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3964] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003E2F60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3964] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003E2DB0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3964] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003E2D70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3964] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003E2DC0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3964] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00CE1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 86BD61F8

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\usbuhci \Device\USBPDO-0 869D91F8
Device \Driver\usbuhci \Device\USBPDO-1 869D91F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 86B681F8
Device \Driver\dmio \Device\DmControl\DmConfig 86B681F8
Device \Driver\dmio \Device\DmControl\DmPnP 86B681F8
Device \Driver\dmio \Device\DmControl\DmInfo 86B681F8
Device \Driver\usbuhci \Device\USBPDO-2 869D91F8
Device \Driver\usbuhci \Device\USBPDO-3 869D91F8
Device \Driver\usbehci \Device\USBPDO-4 869B41F8

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Ftdisk \Device\HarddiskVolume1 86BD81F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 86BD81F8
Device \Driver\Cdrom \Device\CdRom0 8695A1F8
Device \Driver\Ftdisk \Device\HarddiskVolume3 86BD81F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F7353B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F7353B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7353B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F7353B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Ftdisk \Device\HarddiskVolume4 86BD81F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{74585082-7813-4358-A8AA-295639826443} 850671F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 850671F8
Device \Driver\NetBT \Device\NetbiosSmb 850671F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{CC9DE7DD-75D4-4AE6-95A0-71C358F8830E} 850671F8

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\usbuhci \Device\USBFDO-0 869D91F8
Device \Driver\usbuhci \Device\USBFDO-1 869D91F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 850541F8
Device \Driver\usbuhci \Device\USBFDO-2 869D91F8
Device 850541F8
Device \Driver\usbuhci \Device\USBFDO-3 869D91F8
Device \Driver\usbehci \Device\USBFDO-4 869B41F8
Device \Driver\Ftdisk \Device\FtControl 86BD81F8
Device 869331F8
Device A6D6D297

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs 84FF11F8
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xDB 0x96 0x1E 0x03 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x28 0x5A 0xAB 0xBC ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xDB 0x96 0x1E 0x03 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x28 0x5A 0xAB 0xBC ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xDB 0x96 0x1E 0x03 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x28 0x5A 0xAB 0xBC ...
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Current State 0
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Log Type 0
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{ce798e57-6141-4d00-9f99-fc0497114daa}@ExecuteOnly 1

---- EOF - GMER 1.0.15 ----

Ça sent le Trojan.Alureon.

Télécharge mbr.exe (de Gmer) sur ton Bureau.

Double-clique sur mbr.exe. Un rapport sera généré : mbr.log

Poste le rapport.

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

Je m'absente.

ok. Bonne soirée.

Télécharge OTL (de OldTimer) sur ton Bureau.

Double-clique sur OTL pour le lancer.
(Sous Vista, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

Une fenêtre apparaît. Dans la section Output en haut de cette fenêtre, coche Minimal Output.

Coche également les cases à côté de LOP Check et Purity Check.

Enfin, clique sur le bouton Run Scan. Le scan ne prendra pas beaucoup de temps.

Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).

Pour me transmettre les rapports :

Clique sur ce lien : http://www.cijoint.fr/

Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.

Clique sur Ouvrir.

Clique sur Cliquez ici pour déposer le fichier.

Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.

Copie-colle ce lien dans ta réponse.

Rapport OTL.txt : http://www.cijoint.fr/cjlink.php?file=cj200912/cijK9t2m...

Rapport Extras.txt : http://www.cijoint.fr/cjlink.php?file=cj200912/cij3tPCd...

Parfois, lorsque je clique sur un lien internet une fenêtre "RUNDLL"s'ouvre avec ce message :

" Erreur de chargement de C:\WINDOWS\system32\sysdm.cpl
Le module spécifié est introuvable "

Ensuite, je clique sur "OK" et c'est seulement après ça que je peux accéder à la page voulue. (Désolé, je te rajoute du boulot...)

Exécute ce fichier :
http://download.bleepingcomputer.com/sUBs/Beta/KittyFix...

Puis poste le rapport.

Avant de commencer le scan, Combofix m'a signalé que le fichier regedit.exe était introuvable dans C:\Windows\... donc je l'y ai mis, puis il m'a fait installer la Console dde récupération Windows.


Voici le rapport :

ComboFix 09-12-17.01 - Pierre 18/12/2009 8:59.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1014.452 [GMT 1:00]
Lancé depuis: c:\documents and settings\Pierre\Bureau\KittyFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091217-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\windows\kb913800.exe
c:\windows\patch.exe
c:\windows\SW_Win2000X9.DLL
c:\windows\SW_Win2146X32.DLL
c:\windows\system32\_000007_.tmp.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IMAPISERVICE
-------\Service_ImapiService


((((((((((((((((((((((((((((( Fichiers créés du 2009-11-18 au 2009-12-18 ))))))))))))))))))))))))))))))))))))
.

2009-12-10 10:28 . 2009-12-10 10:28 -------- d-----w- c:\documents and settings\Pierre\Application Data\AVG8
2009-12-08 16:47 . 2009-12-08 16:47 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-12-04 17:00 . 2009-12-04 17:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\TuneUp Software
2009-12-04 16:40 . 2009-12-04 16:40 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-18 08:10 . 2006-09-21 14:22 -------- d-----w- c:\documents and settings\Pierre\Application Data\Skype
2009-12-18 07:51 . 2009-12-18 07:51 153088 ----a-w- c:\windows\regedit.exe
2009-12-17 16:56 . 2008-02-08 19:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-12-16 15:50 . 2006-09-13 23:34 -------- d-----w- c:\program files\Google
2009-12-14 17:43 . 2007-04-24 19:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-13 20:33 . 2009-05-15 18:37 -------- d-----w- c:\documents and settings\Pierre\Application Data\dvdcss
2009-12-13 18:27 . 2009-12-13 18:27 440320 ----a-w- c:\windows\system32\shimgvw.dll
2009-12-12 21:18 . 2009-12-12 21:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-12 20:37 . 2007-02-07 21:49 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-12 12:51 . 2007-11-23 19:13 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-12 09:26 . 2006-09-19 18:44 63000 -c--a-w- c:\documents and settings\Pierre\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-12 09:25 . 2008-10-25 07:30 8224 -c--a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-12-10 21:10 . 2005-09-01 04:53 85834 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-10 21:10 . 2005-09-01 04:53 512530 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-10 11:51 . 2008-07-08 21:19 -------- d-----w- c:\program files\AVG
2009-12-10 11:37 . 2008-12-13 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Avg8
2009-12-10 10:17 . 2009-12-10 10:17 -------- d-----w- c:\program files\Panda Security
2009-12-08 18:25 . 2006-09-13 23:31 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-12-08 12:04 . 2009-09-02 23:35 -------- d-----w- c:\documents and settings\Pierre\Application Data\HpUpdate
2009-12-04 17:23 . 2006-09-13 23:24 -------- d-----w- c:\program files\CyberLink
2009-12-04 17:23 . 2006-09-13 23:23 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-04 16:43 . 2009-12-04 16:41 -------- d-----w- c:\program files\TuneUp Utilities 2010
2009-12-04 16:41 . 2009-01-09 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-12-03 15:14 . 2009-12-12 21:18 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2009-12-12 21:18 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-02 15:16 . 2007-01-20 08:26 -------- d-----w- c:\program files\QuickTime
2009-12-02 15:04 . 2009-08-21 14:15 -------- d-----w- c:\program files\Paint.NET
2009-11-30 16:27 . 2009-11-30 16:27 33558 ----a-w- c:\documents and settings\All Users\Application Data\Google\Toolbar for Firefox\Firefox_Toolbar_Uninstaller.exe
2009-11-25 20:52 . 2009-11-25 20:52 -------- d-----w- c:\program files\MSXML 4.0
2009-11-24 23:54 . 2008-12-13 19:07 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2008-12-13 19:08 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2008-12-13 19:08 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2008-12-13 19:08 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2008-12-13 19:08 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2008-12-13 19:08 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2008-12-13 19:08 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2008-12-13 19:08 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2008-12-13 19:08 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 15:58 . 2005-09-01 04:52 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-13 11:00 . 2009-12-04 16:43 29512 ----a-w- c:\windows\system32\TURegOpt.exe
2009-11-13 10:53 . 2009-12-04 16:43 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2009-11-11 11:19 . 2009-09-21 08:04 -------- d-----r- c:\program files\Skype
2009-11-11 11:08 . 2009-11-11 11:08 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-11-11 11:07 . 2007-01-07 21:00 -------- d-----w- c:\program files\Apple Software Update
2009-11-11 11:07 . 2009-11-11 11:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-11-11 09:50 . 2009-11-11 09:50 -------- d-----w- c:\program files\FileHippo.com
2009-11-09 17:55 . 2006-09-13 23:15 -------- d-----w- c:\program files\Java
2009-11-09 17:54 . 2009-11-09 17:54 152576 ----a-w- c:\documents and settings\Pierre\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-09 17:53 . 2009-11-09 17:53 79488 ----a-w- c:\documents and settings\Pierre\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-08 21:45 . 2008-10-30 16:46 4088 -c--a-w- c:\windows\mozver.dat
2009-11-08 17:48 . 2006-11-19 20:01 -------- d-----w- c:\program files\Messenger Plus! Live
2009-10-29 07:42 . 2005-09-01 04:53 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-22 15:05 . 2008-02-10 21:11 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-10-21 05:39 . 2005-09-01 04:53 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:39 . 2005-09-01 04:53 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-03 22:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-19 17:52 . 2009-10-19 17:52 -------- d-----w- c:\program files\windirstat
2009-10-13 10:33 . 2005-09-01 04:53 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:39 . 2005-09-01 04:53 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:39 . 2005-09-01 04:53 150528 ----a-w- c:\windows\system32\rastls.dll
2009-10-11 03:17 . 2008-12-22 18:16 411368 -c--a-w- c:\windows\system32\deploytk.dll
2009-10-10 12:44 . 2006-09-19 23:26 17134 -c--a-w- c:\windows\system32\pcandis5.sys
2009-10-10 12:44 . 2006-09-19 23:26 81920 -c--a-w- c:\windows\system32\w32n50.dll
2009-10-10 00:06 . 2006-09-19 23:27 303104 -c--a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
2009-10-06 04:09 . 2009-10-11 22:44 221184 ----a-w- c:\windows\system32\SII_PDF.dll
2009-09-24 13:02 . 2009-10-11 22:44 811008 ----a-w- c:\windows\system32\tx15.dll
2009-09-21 08:10 . 2009-09-21 08:10 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-09-21 01:00 . 2009-10-11 22:44 643072 ----a-w- c:\windows\system32\tx15_htm.dll
2006-09-21 15:56 . 2006-09-21 15:18 88 -csh--r- c:\windows\system32\123FAD9983.sys
2007-04-24 18:52 . 2007-04-24 18:52 5 -csha-w- c:\windows\system32\cdebbab_g.dll
2006-09-21 15:56 . 2006-09-21 15:18 4182 -csha-w- c:\windows\system32\KGyGaAvL.sys
.

------- Sigcheck -------

[-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . 80A5400514EB32D393654768C4017E46 . 979456 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-08 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2009-11-02 155648]
"eMuleAutoStart"="c:\program files\eMule\emule.exe" [2009-02-22 5668864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2005-06-10 249856]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2009-05-21 1372160]
"IntelWireless"="c:\program files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" [2009-05-21 1202448]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-11-11 122880]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-9-18 2049344]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-9-18 9083200]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.exe

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Widget LEquipe.fr

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ModemOnHold"=c:\program files\NetWaiting\netWaiting.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 2009\\english\\setup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [05/04/2009 09:56 64160]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [10/12/2009 11:17 28552]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/04/2007 17:28 716272]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [13/12/2008 20:08 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13/12/2008 20:08 20560]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [13/11/2009 11:57 1021256]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [18/09/2009 12:50 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16/06/2009 08:58 20480]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14/10/2009 07:24 10064]
S1 SDManager;SDManager;\??\c:\program files\SpywareDetector\SDManager.sys --> c:\program files\SpywareDetector\SDManager.sys [?]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [16/12/2009 16:50 135664]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [23/09/2009 13:50 238960]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [07/10/2009 09:10 11520]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/webhp?sourceid=navclient&ie=UTF-8&rlz=1T4...
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949}
FF - ProfilePath - c:\documents and settings\Pierre\Application Data\Mozilla\Firefox\Profiles\kagfdhes.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 600000
FF - user.js: nglayout.initialpaint.delay - 600
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-TomTomHOME - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-18 09:06
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spge.sys >>UNKNOWN [0x86587938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7601f28
\Driver\ACPI -> ACPI.sys @ 0xf737ecb8
\Driver\atapi -> atapi.sys @ 0xf7313b40
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->NDIS: Broadcom 440x 10/100 Integrated Controller -> SendCompleteHandler -> NDIS.sys @ 0xf7207bb0
PacketIndicateHandler -> NDIS.sys @ 0xf71f6a0d
SendHandler -> NDIS.sys @ 0xf720ab40
user & kernel MBR OK

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\BVRP Software\Modem Helper]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\BVRP Software, Inc\Digital Line Detect]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\BVRP Software, Inc\NetWaiting]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Intel, Inc.\iProInst]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services]
@DACL=(02 0000)
@SACL=
"NoServices"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(7436)
c:\program files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll
c:\program files\Google\Quick Search Box\bin\1.2.1151.235\qsb.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\progra~1\SPYBOT~1\SDHelper.dll
c:\windows\system32\netprovcredman.dll
c:\program files\Microsoft Office\Office10\msohev.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Dell\QuickSet\NICCONFIGSVC.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Heure de fin: 2009-12-18 09:15:25 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-18 08:15

Avant-CF: 27 956 428 800 octets libres
Après-CF: 27 976 585 216 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - E665DAE61EE4F144ECBC3712EB53CD36

Double-clique sur OTL pour le lancer.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

Sous Custom Scans/Fixes, copie-colle ce qu'il y a dans le cadre ci-dessous :

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

Clique sur le bouton Quick Scan.

Quand le scan est fini, utilise le site http://www.cijoint.fr/ pour me donner les deux rapports : OTL.Txt et Extras.Txt.

Rapport OTL.txt : http://www.cijoint.fr/cjlink.php?file=cj200912/cijKHhwn...

Cette fois-ci, je n'ai pas de rapport Extras.txt sur le Bureau.

Mon ordi rame trop. ça s'arrange pas ... Bonnes fêtes et à très vite j'espère !!

Toi aussi  

Je ne sais pas trop ce que ton PC a.