Virus HELP...

jeje1967

6 Janvier 2010 07:16:29

Bonjour a tous,

Voici mon problème, j'ai été infecté par un virus suite au fait que je devais renouveler mon abonnement pour l'antivirus mais je ne suis pas assez bon pour reparer cela.
Suite à ce virus, mon pc demarre me demande mon mon de passe à l'invit utilisateur puis ensuite j'ai un ecran noir plus de fond, plus de bureau uniquement la souris et pas d'actions si ce n'est le gestionnaire de tache.
voici un rapport hijackthis et merci pour votre aide.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jeje at 2010-01-06 08:06:09
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 2 GB (10%) free of 19 GB
Total RAM: 3071 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:06:23, on 06/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jeje\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\Jeje.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
F2 - REG:system.ini: Shell=
O1 - Hosts: 65.75.216.6 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.54 www.winmx.com err.winmx.com
O1 - Hosts: 65.75.216.6 cache0.winmx.com test3201.winmx.com test3206.winmx.com
O1 - Hosts: 65.75.216.7 cache1.winmx.com test3202.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.229.238 cache2.winmx.com test3203.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.1 cache3.winmx.com test3204.winmx.com
O1 - Hosts: 205.238.40.2 cache4.winmx.com test3205.winmx.com
O1 - Hosts: 65.75.216.6 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O1 - Hosts: 65.75.216.6 winmx-com.winmxgroup.com winmx-com-v30.winmxgroup.com
O1 - Hosts: 205.238.40.54 winmx-com.winmxgroup.com winmx-com-v30.winmxgroup.com
O1 - Hosts: 65.75.216.6 test0.winmxgroup.net test5.winmxgroup.net
O1 - Hosts: 65.75.216.7 test1.winmxgroup.net test6.winmxgroup.net
O1 - Hosts: 82.43.229.238 test2.winmxgroup.net
O1 - Hosts: 205.238.40.1 test3.winmxgroup.net
O1 - Hosts: 205.238.40.2 test4.winmxgroup.net
O1 - Hosts: 65.75.216.6 cache0.winmxgroup.com cache5.winmxgroup.com cache0.winmxgroup.net cache5.winmxgroup.net cache10.winmxgroup.net cache15.winmxgroup.net
O1 - Hosts: 65.75.216.7 cache1.winmxgroup.com cache6.winmxgroup.com cache1.winmxgroup.net cache6.winmxgroup.net cache11.winmxgroup.net cache16.winmxgroup.net
O1 - Hosts: 82.43.229.238 cache2.winmxgroup.com cache7.winmxgroup.com cache2.winmxgroup.net cache7.winmxgroup.net cache12.winmxgroup.net cache17.winmxgroup.net
O1 - Hosts: 205.238.40.1 cache3.winmxgroup.com cache8.winmxgroup.com cache3.winmxgroup.net cache8.winmxgroup.net cache13.winmxgroup.net cache18.winmxgroup.net
O1 - Hosts: 205.238.40.2 cache4.winmxgroup.com cache9.winmxgroup.com cache4.winmxgroup.net cache9.winmxgroup.net cache14.winmxgroup.net cache19.winmxgroup.net
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\progra~1\fichie~1\instal~1\update~1\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\RunOnce: [tmp257614312] cmd /Q /C "C:\WINDOWS\tmp257614312.bat"
O4 - HKLM\..\RunOnce: [*Restore] C:\WINDOWS\system32\restore\rstrui.exe -i
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [LREC75DND7] C:\DOCUME~1\Jeje\LOCALS~1\Temp\d.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: QuickMonth Calendar.lnk = C:\WINDOWS\qmc.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {01232355-5C70-455B-B33E-A62433F3B77F} (WebCamX Control) - http://82.122.236.219:48841/WebCamX.cab
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - https://81.252.25.161/Remote/msrdp.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/fr/Prg/ESTPTe...
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - http://liveupdate.msi.com.tw/autobios/LOnline/install.c...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CS2\Services\Tcpip\..\{0B13B9FB-C951-4C88-B95A-DA6A5DB918CE}: NameServer = 212.27.53.252,212.27.54.252
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: BvrpKrnl - Unknown owner - (no file)
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 17529 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
C:\WINDOWS\tasks\Norton Internet Security - Analyse système complète - Jeje.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\Recherche de problèmes automatique.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2008-01-08 95664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-04-23 1377576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll [2009-10-29 392560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.DLL [2009-10-01 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-28 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-25 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-07-29 1153024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-28 263280]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll [2009-10-29 392560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-16 13680640]
"nwiz"=nwiz.exe /install []
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-02-05 849280]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2006-11-21 813912]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-03-18 282624]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-01-16 86016]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"ISUSScheduler"=C:\progra~1\fichie~1\instal~1\update~1\issch.exe [2004-08-09 81920]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-23 1983816]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-17 767312]
"ArcSoft Connection Service"=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-10-11 31232]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-07-29 1024512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tmp257614312"=cmd /Q /C C:\WINDOWS\tmp257614312.bat []
"*Restore"=C:\WINDOWS\system32\restore\rstrui.exe [2008-04-14 384512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-09-18 171464]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-11-09 323392]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-20 68856]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
"LREC75DND7"=C:\DOCUME~1\Jeje\LOCALS~1\Temp\d.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camfrog]
C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe [2009-10-13 41864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-20 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

C:\Documents and Settings\Jeje\Menu Démarrer\Programmes\Démarrage
QuickMonth Calendar.lnk - C:\WINDOWS\qmc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled

NA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\HomePlayer\HomePlayer.exe"="C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\Program Files\HomePlayer\VLC\vlc.exe"="C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2010-01-06 08:06:12 ----D---- C:\Program Files\trend micro
2010-01-06 08:06:09 ----D---- C:\rsit
2010-01-05 19:09:17 ----D---- C:\Program Files\Panda Security
2010-01-05 12:36:30 ----A---- C:\WINDOWS\ntbtlog.txt
2010-01-05 12:17:43 ----A---- C:\WINDOWS\system32\sshnas.dll
2010-01-05 12:11:02 ----A---- C:\WINDOWS\tmp257614312.bat
2009-12-19 18:34:15 ----D---- C:\Program Files\Symantec
2009-12-19 18:34:15 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-12-19 18:32:48 ----D---- C:\Program Files\Windows Sidebar
2009-12-19 18:32:42 ----D---- C:\Program Files\Norton Internet Security
2009-12-19 18:27:25 ----D---- C:\Documents and Settings\All Users\Application Data\PCSettings
2009-12-19 18:27:06 ----D---- C:\Program Files\NortonInstaller
2009-12-19 18:27:06 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-12-19 18:13:00 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2009-12-18 11:42:17 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-12-15 11:07:21 ----D---- C:\Program Files\OpenXML-ODF Translator
2009-12-15 11:06:25 ----D---- C:\Program Files\MSECache
2009-12-10 11:59:57 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2009-12-10 11:59:47 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-12-10 11:59:11 ----D---- C:\Program Files\TuneUp Utilities 2010
2009-12-10 11:58:58 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-12-10 11:58:50 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-09 09:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$

======List of files/folders modified in the last 1 months======

2010-01-06 08:06:15 ----D---- C:\WINDOWS\Prefetch
2010-01-06 08:06:12 ----D---- C:\Program Files
2010-01-06 08:06:11 ----D---- C:\WINDOWS\Temp
2010-01-06 07:57:54 ----D---- C:\Program Files\Mozilla Firefox
2010-01-06 07:44:35 ----D---- C:\WINDOWS
2010-01-05 23:51:05 ----SHD---- C:\System Volume Information
2010-01-05 23:49:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-05 23:49:56 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-05 23:28:01 ----SD---- C:\WINDOWS\Tasks
2010-01-05 21:06:39 ----D---- C:\WINDOWS\system32\drivers
2010-01-05 19:09:49 ----HD---- C:\WINDOWS\inf
2010-01-05 13:15:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-05 12:29:49 ----D---- C:\WINDOWS\system32
2010-01-05 12:28:28 ----D---- C:\Documents and Settings\Jeje\Application Data\DNA
2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\svchost.exe
2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\spoolsv.exe
2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\services.exe
2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\lsass.exe
2010-01-02 12:38:55 ----D---- C:\Program Files\DNA
2009-12-26 13:56:36 ----D---- C:\Documents and Settings\Jeje\Application Data\Skype
2009-12-26 13:32:19 ----D---- C:\Program Files\Tomtomax Maxi-Box
2009-12-24 11:49:43 ----A---- C:\WINDOWS\win.ini
2009-12-22 12:01:39 ----SHD---- C:\WINDOWS\Installer
2009-12-22 11:09:21 ----D---- C:\Documents and Settings\Jeje\Application Data\DMCache
2009-12-21 19:53:34 ----SHD---- C:\WINDOWS\CSC
2009-12-19 18:31:14 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-12-19 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2009-12-19 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-12-19 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-12-19 17:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-12-19 17:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2009-12-19 17:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-12-19 17:03:26 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-12-19 17:03:24 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2009-12-19 17:03:22 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-12-19 17:03:22 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
2009-12-19 17:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2009-12-19 17:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2009-12-19 17:03:18 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2009-12-19 17:03:17 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2009-12-19 17:03:16 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
2009-12-19 17:03:15 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$
2009-12-19 17:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-12-19 17:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
2009-12-19 17:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2009-12-19 17:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$
2009-12-19 17:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941644$
2009-12-19 17:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-12-19 17:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2009-12-19 17:03:05 ----HDC---- C:\WINDOWS\$NtUninstallKB946627$
2009-12-19 17:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2009-12-19 17:02:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951376_0$
2009-12-19 17:02:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-12-19 17:02:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-12-19 17:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-12-19 17:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-12-19 17:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-12-19 17:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-19 17:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-12-19 17:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-12-19 17:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-19 17:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-19 17:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-19 17:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB963027$
2009-12-19 17:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-12-19 17:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-12-19 17:02:40 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-19 17:02:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-19 17:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-12-19 17:02:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-19 17:02:32 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-12-19 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-12-19 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-12-19 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2009-12-18 12:01:05 ----D---- C:\Program Files\Fichiers communs
2009-12-18 11:31:40 ----D---- C:\WINDOWS\Debug
2009-12-18 10:59:45 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-17 10:36:39 ----D---- C:\Documents and Settings\Jeje\Application Data\UseNeXT
2009-12-17 10:23:43 ----D---- C:\Program Files\eMule
2009-12-15 15:27:45 ----A---- C:\WINDOWS\ModemLog_Olitec SmartMemory 56000 V90 & K56 PnP.txt
2009-12-15 12:05:40 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-15 11:08:34 ----RSD---- C:\WINDOWS\assembly
2009-12-15 11:08:15 ----SD---- C:\Documents and Settings\Jeje\Application Data\Microsoft
2009-12-15 11:06:53 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-12-15 11:06:43 ----RSD---- C:\WINDOWS\Fonts
2009-12-15 11:06:35 ----D---- C:\Program Files\Microsoft Office
2009-12-15 10:32:10 ----A---- C:\WINDOWS\ModemLog_Olitec Smart Memory 56000 V90 & K56.txt
2009-12-15 10:23:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-15 10:09:22 ----A---- C:\WINDOWS\wgedit.ini
2009-12-10 11:58:33 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-12-09 09:32:50 ----D---- C:\Program Files\Internet Explorer
2009-12-09 09:32:28 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-08 19:32:47 ----D---- C:\Program Files\WinPhone eXPert

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Pilote de processeur AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NIS\1101000.013\ccHPx86.sys [2009-10-20 501888]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\system32\drivers\NIS\1101000.013\SRTSP.SYS [2009-10-09 325168]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1101000.013\SRTSPX.SYS [2009-10-09 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1101000.013\Ironx86.SYS [2009-10-09 114736]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\system32\drivers\NIS\1101000.013\SYMTDI.SYS [2009-10-15 361520]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-02-08 278984]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-02-08 25416]
R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSxpx86.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-06 4755968]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-07-13 171008]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\NAVEX15.SYS []
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-01-16 6305120]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-07 21760]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-12-09 296448]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\system32\drivers\AWRTPD.sys []
S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; \??\C:\WINDOWS\system32\drivers\AWRTRD.sys []
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 avtzvuko;avtzvuko; C:\WINDOWS\system32\drivers\avtzvuko.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\drivers\BT.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hcdriver;Intel EHCI Compliance Test Tool Device Driver; C:\WINDOWS\system32\DRIVERS\hcdriver.sys [2006-11-20 50432]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 nocashio;nocashio; C:\WINDOWS\system32\drivers\nocashio.sys [2009-06-30 4096]
S3 OVT511Plus;Dual Mode USB Camera Plus; C:\WINDOWS\System32\Drivers\omcamvid.sys [2001-09-18 167816]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SPC500NC;Philips SPC500NC Webcam; C:\WINDOWS\system32\DRIVERS\SPC500NC.SYS [2007-06-21 409600]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Driver Programmateur USB COGELEC; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\drivers\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\system32\drivers\VcommMgr.sys []
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2007-10-11 51712]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2010-01-05 16896]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2007-10-16 1094936]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2002-01-29 77824]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2002-07-17 94208]
R2 FolderSize;Folder Size; C:\Program Files\FolderSize\FolderSizeSvc.exe [2007-11-14 131072]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2008-12-18 9158656]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe [2009-10-20 126392]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-01-16 163908]
R2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2010-01-05 16896]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-11-13 1021256]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 yksvc;Marvell Yukon Service; ykx32mpcoinst,serviceStartProc []
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-28 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-12-10 435016]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Autres pages sur : virus help

| Etre averti des réponses
| Alerter

Répondre à jeje1967

Destrio5

6 Janvier 2010 07:34:42

Bonjour,

Dans le gestionnaire des tâches, va dans Fichier > Nouvelle tâche > Tape explorer et valide.

| Alerter

Répondre à Destrio5

jeje1967

6 Janvier 2010 07:38:20

message d'erreur, Il ne trouve pas le fichier

| Alerter

Répondre à jeje1967

Destrio5

6 Janvier 2010 07:49:25

[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Il va te demander d'installer la console de récupération : accepte.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

| Alerter

Répondre à Destrio5

jeje1967

6 Janvier 2010 09:08:00

Voila le rapport de combofix ca à été laborieux par contre a la fin une fois le log fait windows m'indique ne pas trouver explorer dans c:/......etc
<Merci a vous

ComboFix 10-01-04.01 - Jeje 06/01/2010 9:57.2.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2517 [GMT 1:00]
Lancé depuis: c:\documents and settings\Jeje\Mes documents\Téléchargements\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
/wow section - STAGE 32A

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Exécution préalable -------
.
c:\docume~1\Jeje\LOCALS~1\Temp\sshnas.dll
c:\program files\pdfforge Toolbar\SearchSettings.dll
C:\Thumbs.db
c:\windows\Fonts\mskntbb.sys
c:\windows\system32\kr_done1
c:\windows\system32\sshnas.dll
c:\windows\system32\winspool.dll
c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
c:\windows\unins000.dat
c:\windows\unins000.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS
-------\Service_SSHNAS

((((((((((((((((((((((((((((( Fichiers créés du 2009-12-06 au 2010-01-06 ))))))))))))))))))))))))))))))))))))
.

2010-01-06 07:06 . 2010-01-06 07:06 -------- d-----w- c:\program files\trend micro
2010-01-06 07:06 . 2010-01-06 07:06 -------- d-----w- C:\rsit
2010-01-06 06:03 . 2009-12-19 17:52 84912 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\NAVENG.SYS
2010-01-06 06:03 . 2009-12-19 17:52 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\EECTRL.SYS
2010-01-06 06:03 . 2009-12-19 17:52 2747440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\CCERASER.DLL
2010-01-06 06:03 . 2009-12-19 17:52 259440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\ECMSVR32.DLL
2010-01-06 06:03 . 2009-12-19 17:52 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\NAVENG32.DLL
2010-01-06 06:03 . 2009-12-19 17:52 1647984 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\NAVEX32A.DLL
2010-01-06 06:03 . 2009-12-19 17:52 1323568 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\NAVEX15.SYS
2010-01-06 06:03 . 2009-12-19 17:52 102448 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\ERASER.SYS
2010-01-05 23:02 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSvix86.sys
2010-01-05 23:02 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSXpx86.sys
2010-01-05 23:02 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\Scxpx86.dll
2010-01-05 23:02 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSxpx86.dll
2010-01-05 23:02 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSviA64.sys
2010-01-05 18:10 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-01-05 18:09 . 2010-01-05 18:09 -------- d-----w- c:\program files\Panda Security
2010-01-05 12:35 . 2010-01-05 12:38 -------- d-----w- c:\documents and settings\Administrateur\Application Data\QuickScan
2010-01-05 12:35 . 2010-01-02 23:26 789320 ----a-w- c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\oelxv6bg.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2010-01-05 12:35 . 2010-01-02 23:26 697672 ----a-w- c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\oelxv6bg.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\bdqscan.dll
2010-01-05 12:27 . 2010-01-05 12:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Search Settings
2010-01-05 12:27 . 2010-01-05 12:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\pdfforge
2010-01-05 12:24 . 2010-01-05 12:24 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache
2009-12-19 18:35 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091217.002\IDSvix86.sys
2009-12-19 18:35 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091217.002\IDSXpx86.sys
2009-12-19 18:35 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091217.002\Scxpx86.dll
2009-12-19 18:35 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091217.002\IDSxpx86.dll
2009-12-19 18:35 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091217.002\IDSviA64.sys
2009-12-19 17:35 . 2009-10-29 02:31 784752 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\components\coFFPlgn.dll
2009-12-19 17:34 . 2009-10-01 09:19 164216 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\IPSFFPlgn\components\IPSFFPl.dll
2009-12-19 17:34 . 2009-12-19 17:34 -------- d-----w- c:\program files\Symantec
2009-12-19 17:34 . 2009-12-19 17:34 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2009-12-19 17:34 . 2009-12-19 17:34 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-12-19 17:33 . 2009-10-05 17:34 929648 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\OCS\hsplayer.dll
2009-12-19 17:33 . 2009-11-07 01:10 893808 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\CLT\cltLMSx.dll
2009-12-19 17:32 . 2009-12-19 17:32 -------- d-----w- c:\windows\system32\drivers\NIS
2009-12-19 17:32 . 2009-12-19 17:32 -------- d-----w- c:\program files\Windows Sidebar
2009-12-19 17:32 . 2009-12-19 17:32 -------- d-----w- c:\program files\Norton Internet Security
2009-12-19 17:27 . 2009-12-19 17:27 -------- d-----w- c:\documents and settings\All Users\Application Data\PCSettings
2009-12-19 17:27 . 2009-12-19 17:27 -------- d-----w- c:\program files\NortonInstaller
2009-12-19 17:27 . 2009-12-19 17:27 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-12-19 17:13 . 2009-12-19 17:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2009-12-18 10:42 . 2009-12-19 17:46 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2009-12-15 10:07 . 2009-12-15 10:07 -------- d-----w- c:\program files\OpenXML-ODF Translator
2009-12-15 10:06 . 2009-12-15 10:06 -------- d-----w- c:\program files\MSECache
2009-12-12 10:00 . 2009-12-12 10:00 -------- d-----w- c:\documents and settings\LocalService\Bureau
2009-12-10 12:00 . 2009-12-10 12:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\TuneUp Software
2009-12-10 10:59 . 2009-11-13 11:00 29512 ----a-w- c:\windows\system32\TURegOpt.exe
2009-12-10 10:59 . 2009-11-13 10:53 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2009-12-10 10:59 . 2009-12-10 10:59 -------- d-----w- c:\program files\TuneUp Utilities 2010
2009-12-10 10:58 . 2009-12-10 10:59 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-12-10 10:58 . 2009-12-10 10:58 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-06 08:44 . 2009-12-02 15:40 -------- d-----w- c:\program files\pdfforge Toolbar
2010-01-05 11:28 . 2009-08-11 20:45 -------- d-----w- c:\documents and settings\Jeje\Application Data\DNA
2010-01-05 11:22 . 2004-08-05 12:00 58368 ----a-w- c:\windows\system32\spoolsv.exe
2010-01-05 11:22 . 2004-08-05 12:00 16896 ----a-w- c:\windows\system32\svchost.exe
2010-01-05 11:22 . 2004-08-05 12:00 14336 ----a-w- c:\windows\system32\lsass.exe
2010-01-05 11:22 . 2004-08-05 12:00 112640 ----a-w- c:\windows\system32\services.exe
2010-01-02 11:38 . 2009-08-11 20:45 -------- d-----w- c:\program files\DNA
2009-12-26 12:56 . 2007-09-18 13:04 -------- d-----w- c:\documents and settings\Jeje\Application Data\Skype
2009-12-26 12:32 . 2008-12-17 09:46 -------- d-----w- c:\program files\Tomtomax Maxi-Box
2009-12-22 10:09 . 2008-01-31 07:30 -------- d-----w- c:\documents and settings\Jeje\Application Data\DMCache
2009-12-19 17:34 . 2009-12-19 17:34 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-12-19 17:34 . 2009-12-19 17:34 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-12-19 17:31 . 2007-09-16 17:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-12-18 09:59 . 2007-09-17 10:36 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-17 09:36 . 2008-03-04 10:10 -------- d-----w- c:\documents and settings\Jeje\Application Data\UseNeXT
2009-12-17 09:23 . 2007-09-20 15:40 -------- d-----w- c:\program files\eMule
2009-12-15 14:26 . 2009-11-04 23:40 1024 ----a-w- c:\documents and settings\All Users\Application Data\BVRP Software\WinPhone eXPert\faxres.cmd
2009-12-15 10:07 . 2007-09-24 13:46 67008 ----a-w- c:\documents and settings\Jeje\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-15 09:23 . 2004-08-05 12:00 92572 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-15 09:23 . 2004-08-05 12:00 527702 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-10 10:58 . 2007-10-30 17:46 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-12-08 18:32 . 2009-11-04 23:37 -------- d-----w- c:\program files\WinPhone eXPert
2009-12-05 04:54 . 2009-12-05 04:54 529456 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys
2009-12-05 04:54 . 2009-12-05 04:54 201616 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHRules.dll
2009-12-05 04:54 . 2009-12-05 04:54 1405840 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHEngine.dll
2009-12-05 04:54 . 2009-12-05 04:54 668720 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx64.sys
2009-12-05 04:54 . 2009-12-05 04:54 610704 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\bbRGen.dll
2009-12-04 13:51 . 2009-12-04 13:51 -------- d-----w- c:\program files\UseNeXT
2009-12-03 21:41 . 2009-07-25 09:07 -------- d-----w- c:\program files\HomePlayer
2009-12-02 15:55 . 2009-12-02 15:55 -------- d-----w- c:\documents and settings\Jeje\Application Data\Search Settings
2009-12-02 15:55 . 2009-12-02 15:55 -------- d-----w- c:\documents and settings\Jeje\Application Data\pdfforge
2009-12-02 15:41 . 2009-12-02 15:40 -------- d-----w- c:\program files\PDFCreator
2009-11-27 13:56 . 2009-11-27 13:55 -------- d-----w- c:\documents and settings\Jeje\Application Data\Panasonic
2009-11-27 13:48 . 2009-11-27 13:48 -------- d-----w- c:\program files\Panasonic
2009-11-27 13:47 . 2008-09-03 14:26 -------- d-----w- c:\documents and settings\Jeje\Application Data\ArcSoft
2009-11-27 13:44 . 2008-09-03 14:24 -------- d-----w- c:\program files\Fichiers communs\ArcSoft
2009-11-27 13:43 . 2009-11-27 13:43 -------- d-----w- c:\program files\ArcSoft
2009-11-27 13:42 . 2009-11-27 13:42 -------- d-----w- c:\documents and settings\Jeje\Application Data\InstallShield
2009-11-24 14:19 . 2008-07-26 12:16 -------- d-----w- c:\documents and settings\Jeje\Application Data\IDM
2009-11-22 15:37 . 2009-07-29 12:52 921632 ----a-w- C:\SPC500NC.DAT
2009-11-19 10:48 . 2009-11-24 13:34 872960 ----a-w- c:\documents and settings\Jeje\Application Data\Mozilla\Firefox\Profiles\9j9x330u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-11-19 10:48 . 2009-11-24 13:34 43008 ----a-w- c:\documents and settings\Jeje\Application Data\Mozilla\Firefox\Profiles\9j9x330u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-11-19 10:48 . 2009-11-24 13:34 340480 ----a-w- c:\documents and settings\Jeje\Application Data\Mozilla\Firefox\Profiles\9j9x330u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-11-19 10:48 . 2009-11-24 13:34 346624 ----a-w- c:\documents and settings\Jeje\Application Data\Mozilla\Firefox\Profiles\9j9x330u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-11-19 05:12 . 2007-10-07 09:22 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-11-16 09:29 . 2009-11-16 09:29 -------- d-----w- c:\documents and settings\IWAM_ASP.PCFIXE\Application Data\Jasc Software Inc
2009-11-13 22:00 . 2009-11-12 16:49 -------- d-----w- c:\documents and settings\Jeje\Application Data\Canon
2009-11-12 16:50 . 2009-11-12 16:50 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJScan
2009-11-12 16:21 . 2009-11-12 16:21 -------- d-----w- c:\documents and settings\Jeje\Application Data\CD-LabelPrint
2009-11-12 16:17 . 2009-11-12 16:17 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJEGV
2009-11-12 16:05 . 2009-11-12 15:51 -------- d-----w- c:\program files\Canon
2009-11-12 16:04 . 2009-11-12 16:04 -------- d-----w- c:\program files\Fichiers communs\CANON
2009-11-12 15:54 . 2009-11-12 15:54 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ
2009-11-12 15:53 . 2009-11-12 15:53 -------- d--h--w- c:\program files\CanonBJ
2009-11-11 07:20 . 2009-11-11 07:20 -------- d-----w- c:\documents and settings\IWAM_ASP\Application Data\Jasc Software Inc
2009-11-10 10:46 . 2009-11-10 10:46 -------- d-----w- c:\program files\MXpie Patch
2009-11-08 00:49 . 2009-11-08 00:49 -------- d-----w- c:\documents and settings\Jeje\Application Data\Camfrog
2009-11-08 00:49 . 2009-11-08 00:49 -------- d-----w- c:\program files\Camfrog
2009-11-04 07:50 . 2009-11-04 07:50 152576 ----a-w- c:\documents and settings\Jeje\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-01 22:26 . 2009-02-16 09:32 4045528 -c--a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-10-29 07:42 . 2004-08-05 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\IDSviA64.sys
2009-10-21 05:39 . 2004-08-05 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:39 . 2004-08-05 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-05 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:33 . 2004-08-05 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:39 . 2004-08-05 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:39 . 2004-08-05 12:00 150528 ----a-w- c:\windows\system32\rastls.dll
2009-10-11 03:17 . 2008-12-05 15:51 411368 ----a-w- c:\windows\system32\deploytk.dll
2006-05-03 09:06 . 2008-12-11 08:39 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 . 2008-12-11 08:39 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30 . 2008-12-11 08:39 216064 --sh--r- c:\windows\system32\nbDX.dll
.

------- Sigcheck -------

[-] 2010-01-05 . AC9A15CB3C431468F43C1E0D5DCE3B0E . 14336 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[7] 2008-04-14 . 91E6024D6D4DCDECDB36C43ECF9BBECB . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe

[-] 2010-01-05 . 072B6B7283C109F361A4414494B9043E . 112640 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[7] 2009-02-09 . 62789101F9C2401ED598AA2CDE7450C0 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2008-04-14 . 54CB50058851D95E56EC70D09F70857F . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe

[-] 2010-01-05 . 86CE8F09FA7DCADDFA31014FAC232AFB . 58368 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
[7] 2008-04-14 . 460E4CE148BD07218DA0B6A3D31885A9 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

[-] 2010-01-05 . D8B34FF3B2D3DA74CBE15610C9D9C06A . 16896 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[7] 2008-04-14 . E4BDF223CD75478BF44567B4D5C2634D . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe

[7] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe

c:\windows\explorer.exe ... manque !!
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2009-07-31 01:00 698880 ----a-w- c:\program files\pdfforge Toolbar\pdfforgeToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\pdfforgeToolbarIE.dll" [2009-07-31 698880]

[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-09-18 171464]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-11-08 323392]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-20 68856]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-16 13680640]
"nwiz"="nwiz.exe" [2009-01-16 1657376]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 813912]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-03-18 282624]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-16 86016]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"ISUSScheduler"="c:\progra~1\fichie~1\instal~1\update~1\issch.exe" [2004-08-09 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-03-23 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-17 767312]
"ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-10-11 31232]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-07-29 1024512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Jeje\Menu D‚marrer\Programmes\D‚marrage\
QuickMonth Calendar.lnk - c:\windows\qmc.exe [2007-10-16 218419]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck lsdelete\0autocheck lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camfrog]
2009-10-13 06:37 41864 ----a-w- c:\program files\Camfrog\Camfrog Video Chat\CamfrogNET.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-09-20 08:06 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe"
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"SPC500NC_Monitor"=c:\windows\Philips\SPC500NC\Monitor.exe
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\HomePlayer\\HomePlayer.exe"=
"c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*

isabled:@xpsp2res.dll,-22009

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [07/01/2009 22:39 20744]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [05/01/2010 19:10 28552]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1101000.013\SymDS.sys [19/12/2009 18:33 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1101000.013\SymEFA.sys [19/12/2009 18:33 171056]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys [05/12/2009 05:54 529456]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1101000.013\cchpx86.sys [19/12/2009 18:33 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1101000.013\Ironx86.sys [19/12/2009 18:33 114736]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe [19/12/2009 18:33 126392]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [19/02/2009 11:23 14976]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13/11/2009 12:31 92008]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [13/11/2009 11:57 1021256]
R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32mpcoinst,serviceStartProc --> RUNDLL32.EXE ykx32mpcoinst,serviceStartProc [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [21/12/2009 02:27 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSXpx86.sys [06/01/2010 00:02 329592]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14/10/2009 07:24 10064]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26/09/2007 14:02 685816]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [07/12/2008 11:44 30088]
S3 BvrpKrnl;BvrpKrnl; [x]
S3 hcdriver;Intel EHCI Compliance Test Tool Device Driver;c:\windows\system32\drivers\hcdriver.sys [13/04/2009 19:44 50432]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [02/07/2008 13:58 26248]
S3 SPC500NC;Philips SPC500NC Webcam;c:\windows\system32\drivers\SPC500NC.SYS [21/06/2007 05:42 409600]
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: com.tw\www.msi
DPF: Microsoft XML Parser for Java
DPF: {01232355-5C70-455B-B33E-A62433F3B77F} - hxxp://82.122.236.219:48841/WebCamX.cab
DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} - hxxp://data.jeuxclassiques.com/npwwg.cab
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath - c:\documents and settings\Jeje\Application Data\Mozilla\Firefox\Profiles\9j9x330u.default\
FF - prefs.js: browser.startup.homepage - hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr

fficial
FF - component: c:\documents and settings\Jeje\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\Jeje\Application Data\Mozilla\Firefox\Profiles\9j9x330u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----

FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHELINS SUPPRIMES - - - -

AddRemove-QuickMonth Calendar_is1 - c:\windows\unins000.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-06 10:03
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.1.0.19\diMaster.dll\" /prefetch:1"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-436374069-1547161642-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:29,6c,d4,27,58,0b,5d,5d,94,52,f9,6a,2a,55,4b,c9,82,fe,cc,a7,75,79,79,
38,25,5b,8b,03,20,0b,58,b1,08,d6,d0,6f,2b,26,22,85,a7,7b,82,30,00,79,7c,86,\
"??"=hex:97,f3,ec,86,15,81,64,f6,85,37,6e,92,c0,9b,48,35

[HKEY_USERS\S-1-5-21-436374069-1547161642-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:02,71,a0,85,35,76,56,47,62,c1,cf,a6,9f,fd,c1,c9,2c,81,7f,b3,a7,
15,e6,97,53,b2,36,cd,3f,73,22,d6,3c,3e,eb,2e,e8,a6,0b,fe,3e,f8,1e,1b,54,0b,\
"rkeysecu"=hex:5c,ee,16,b2,93,fe,06,c3,fb,3a,3b,ab,ee,9f,8d,73

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):44,4b,7e,b3,40,8d,01,96,e0,5f,24,73,79,2d,57,99,a9,8a,c4,c7,2e,
57,68,0c,0a,bc,d4,21,19,65,b3,a1,f0,cd,03,4f,31,38,e5,33,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{882431ea-42a4-41f1-b70e-89e53d1e1d88}]
@Denied: (Full) (Everyone)
"Model"=dword:000000ac
"Therad"=dword:00000015
"MData"=hex(0):cb,9b,ad,ef,27,7d,29,69,f5,02,f0,76,aa,4a,f1,7c,d3,d9,67,7f,6a,
4b,7b,ad,04,7a,b1,b5,76,9b,27,47,91,4b,35,e2,0d,3d,6d,ba,95,17,08,ab,09,bc,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Heure de fin: 2010-01-06 10:05:32
ComboFix-quarantined-files.txt 2010-01-06 09:05

Avant-CF: 2 147 307 520 octets libres
Après-CF: 2 106 814 464 octets libres

- - End Of File - - 74F27EBBE81022CE219B63C19171004A

| Alerter

Répondre à jeje1967

Destrio5

6 Janvier 2010 09:29:22

/!\ Seul jeje1967 peut suivre cette procédure /!\

Désactive toute protection résidente (Antivirus...) !

---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :

KillAll::

Folder::
c:\documents and settings\Administrateur\Application Data\Search Settings
c:\documents and settings\Jeje\Application Data\Search Settings

FCOPY::
c:\windows\ServicePackFiles\i386\explorer.exe|c:\windows\explorer.exe

---> Ouvre le Bloc-notes : Démarrer > Tous les programmes > Accessoires > Bloc-notes.

- Colle (CTRL+V) le texte dans le Bloc-notes.
- Enregistre ce fichier dans : Bureau
- Nom du fichier : CFScript
- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer.
- Quitte le Bloc-notes.

---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :

Cela va relancer Combofix : au message qui apparaît, accepte.

Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.

Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt

| Alerter

Répondre à Destrio5

jeje1967

6 Janvier 2010 09:54:49

Tout d'abord merci a toi destrio5
par contre je ne peux pas faire ca car je n'ai pas de bureau en faitj'ai uniquement un ecran noir pas de de fond d'ecran, par de barre avec le menu demarrer par de clic gauche sur la souris rien que le déplacement de la souris ete le gestionnaire de tache qui me permet d'ouvrir des "taches".
tout ce que je fais jusqu'a maintenant c'est via le gestionnaire.

| Alerter

Répondre à jeje1967

jeje1967

6 Janvier 2010 09:58:13

de plus je voudrais indiquer que apparemment norton m'a détecté des virus et qu'il les a mis en quarantaine et ceci avant le log.
cela peut il t'aider?
as tu repéré encore un ou des virus?

| Alerter

Répondre à jeje1967

Destrio5

6 Janvier 2010 10:02:03

Il faudrait copier-coller le fichier c:\windows\ServicePackFiles\i386\explorer.exe dans c:\windows\.

| Alerter

Répondre à Destrio5

jeje1967

6 Janvier 2010 10:08:36

ok ca c'est fait

| Alerter

Répondre à jeje1967

Destrio5

6 Janvier 2010 10:10:03

Redémarre le PC ou réessaie de lancer l'explorer.

| Alerter

Répondre à Destrio5

jeje1967

6 Janvier 2010 10:13:48

j'ai cliquer sur explorer et mon bureau est revenu
mais pour autant est ce que tout est réglé?????

| Alerter

Répondre à jeje1967

Destrio5

6 Janvier 2010 10:24:14

Désinstalle pdfforge Toolbar.

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.

Double-clique sur le fichier téléchargé pour lancer le processus d'installation.

Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.

Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.

Sélectionne Exécuter un examen rapide.

Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

Ferme tes navigateurs.

Si des malwares ont été détectés, clique sur Afficher les résultats.

Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

| Alerter

Répondre à Destrio5

jeje1967

6 Janvier 2010 11:14:05

Malwarebytes' Anti-Malware 1.43
Version de la base de données: 3499
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

06/01/2010 12:13:11
mbam-log-2010-01-06 (12-13-08).txt

Type de recherche: Examen rapide
Eléments examinés: 139009
Temps écoulé: 8 minute(s), 35 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\explorer.exe (Worm.AutoRun) -> No action taken.

| Alerter

Répondre à jeje1967

Destrio5

6 Janvier 2010 11:15:57

Tu as supprimé l'infection trouvée ?

| Alerter

Répondre à Destrio5

jeje1967

6 Janvier 2010 11:38:00

Ok donc j'ai supprimé l'infection.
j'ai refait un malawarebytes examen rapide et il n"à rien trouvé.
Est ce mon problème est réglé?

| Alerter

Répondre à jeje1967

Destrio5

6 Janvier 2010 11:39:46

Relance MBAM, va dans Quarantaine et supprime tout.

Refais un scan RSIT et poste le rapport log.

Poste le rapport info qui se trouve dans C:\Rsit.

| Alerter

Répondre à Destrio5

jeje1967

6 Janvier 2010 11:43:40

Ok donc quarantaine MBAM supprimé.
Voici le rapport RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jeje at 2010-01-06 12:42:08
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 2 GB (10%) free of 19 GB
Total RAM: 3071 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:42:13, on 06/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\progra~1\fichie~1\instal~1\update~1\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\qmc.exe
C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jeje\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\Jeje.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 65.75.216.6 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.54 www.winmx.com err.winmx.com
O1 - Hosts: 65.75.216.6 cache0.winmx.com test3201.winmx.com test3206.winmx.com
O1 - Hosts: 65.75.216.7 cache1.winmx.com test3202.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.229.238 cache2.winmx.com test3203.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.1 cache3.winmx.com test3204.winmx.com
O1 - Hosts: 205.238.40.2 cache4.winmx.com test3205.winmx.com
O1 - Hosts: 65.75.216.6 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O1 - Hosts: 65.75.216.6 winmx-com.winmxgroup.com winmx-com-v30.winmxgroup.com
O1 - Hosts: 205.238.40.54 winmx-com.winmxgroup.com winmx-com-v30.winmxgroup.com
O1 - Hosts: 65.75.216.6 test0.winmxgroup.net test5.winmxgroup.net
O1 - Hosts: 65.75.216.7 test1.winmxgroup.net test6.winmxgroup.net
O1 - Hosts: 82.43.229.238 test2.winmxgroup.net
O1 - Hosts: 205.238.40.1 test3.winmxgroup.net
O1 - Hosts: 205.238.40.2 test4.winmxgroup.net
O1 - Hosts: 65.75.216.6 cache0.winmxgroup.com cache5.winmxgroup.com cache0.winmxgroup.net cache5.winmxgroup.net cache10.winmxgroup.net cache15.winmxgroup.net
O1 - Hosts: 65.75.216.7 cache1.winmxgroup.com cache6.winmxgroup.com cache1.winmxgroup.net cache6.winmxgroup.net cache11.winmxgroup.net cache16.winmxgroup.net
O1 - Hosts: 82.43.229.238 cache2.winmxgroup.com cache7.winmxgroup.com cache2.winmxgroup.net cache7.winmxgroup.net cache12.winmxgroup.net cache17.winmxgroup.net
O1 - Hosts: 205.238.40.1 cache3.winmxgroup.com cache8.winmxgroup.com cache3.winmxgroup.net cache8.winmxgroup.net cache13.winmxgroup.net cache18.winmxgroup.net
O1 - Hosts: 205.238.40.2 cache4.winmxgroup.com cache9.winmxgroup.com cache4.winmxgroup.net cache9.winmxgroup.net cache14.winmxgroup.net cache19.winmxgroup.net
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\progra~1\fichie~1\instal~1\update~1\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: QuickMonth Calendar.lnk = C:\WINDOWS\qmc.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {01232355-5C70-455B-B33E-A62433F3B77F} (WebCamX Control) - http://82.122.236.219:48841/WebCamX.cab
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - https://81.252.25.161/Remote/msrdp.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/fr/Prg/ESTPTe...
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - http://liveupdate.msi.com.tw/autobios/LOnline/install.c...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CS2\Services\Tcpip\..\{0B13B9FB-C951-4C88-B95A-DA6A5DB918CE}: NameServer = 212.27.53.252,212.27.54.252
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: BvrpKrnl - Unknown owner - (no file)
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 16939 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
C:\WINDOWS\tasks\Norton Internet Security - Analyse système complète - Jeje.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\Recherche de problèmes automatique.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2008-01-08 95664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-04-23 1377576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll [2009-10-29 392560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.DLL [2009-10-01 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-28 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-25 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-28 263280]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll [2009-10-29 392560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-16 13680640]
"nwiz"=nwiz.exe /install []
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-02-05 849280]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2006-11-21 813912]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-03-18 282624]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-01-16 86016]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"ISUSScheduler"=C:\progra~1\fichie~1\instal~1\update~1\issch.exe [2004-08-09 81920]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-23 1983816]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-17 767312]
"ArcSoft Connection Service"=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-10-11 31232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-09-18 171464]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-11-09 323392]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-20 68856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camfrog]
C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe [2009-10-13 41864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-20 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

C:\Documents and Settings\Jeje\Menu Démarrer\Programmes\Démarrage
QuickMonth Calendar.lnk - C:\WINDOWS\qmc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled

NA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\HomePlayer\HomePlayer.exe"="C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\Program Files\HomePlayer\VLC\vlc.exe"="C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2010-01-06 11:17:32 ----A---- C:\WINDOWS\explorer.exe
2010-01-06 11:16:57 ----A---- C:\LISTING.TXT
2010-01-06 10:58:09 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-01-06 10:57:05 ----SHD---- C:\Config.Msi
2010-01-06 10:05:32 ----A---- C:\ComboFix.txt
2010-01-06 09:40:09 ----A---- C:\Boot.bak
2010-01-06 09:40:04 ----RASHD---- C:\cmdcons
2010-01-06 09:32:12 ----A---- C:\WINDOWS\zip.exe
2010-01-06 09:32:12 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-01-06 09:32:12 ----A---- C:\WINDOWS\SWSC.exe
2010-01-06 09:32:12 ----A---- C:\WINDOWS\SWREG.exe
2010-01-06 09:32:12 ----A---- C:\WINDOWS\sed.exe
2010-01-06 09:32:12 ----A---- C:\WINDOWS\PEV.exe
2010-01-06 09:32:12 ----A---- C:\WINDOWS\NIRCMD.exe
2010-01-06 09:32:12 ----A---- C:\WINDOWS\MBR.exe
2010-01-06 09:32:12 ----A---- C:\WINDOWS\grep.exe
2010-01-06 09:32:04 ----D---- C:\WINDOWS\ERDNT
2010-01-06 09:20:57 ----D---- C:\Qoobox
2010-01-06 08:06:12 ----D---- C:\Program Files\trend micro
2010-01-06 08:06:09 ----D---- C:\rsit
2010-01-05 19:09:17 ----D---- C:\Program Files\Panda Security
2010-01-05 12:36:30 ----A---- C:\WINDOWS\ntbtlog.txt
2009-12-19 18:34:15 ----D---- C:\Program Files\Symantec
2009-12-19 18:34:15 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-12-19 18:32:48 ----D---- C:\Program Files\Windows Sidebar
2009-12-19 18:32:42 ----D---- C:\Program Files\Norton Internet Security
2009-12-19 18:27:25 ----D---- C:\Documents and Settings\All Users\Application Data\PCSettings
2009-12-19 18:27:06 ----D---- C:\Program Files\NortonInstaller
2009-12-19 18:27:06 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-12-19 18:13:00 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2009-12-18 11:42:17 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-12-15 11:07:21 ----D---- C:\Program Files\OpenXML-ODF Translator
2009-12-15 11:06:25 ----D---- C:\Program Files\MSECache
2009-12-10 11:59:57 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2009-12-10 11:59:11 ----D---- C:\Program Files\TuneUp Utilities 2010
2009-12-10 11:58:58 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-12-10 11:58:50 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-09 09:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$

======List of files/folders modified in the last 1 months======

2010-01-06 12:36:31 ----D---- C:\Program Files\Mozilla Firefox
2010-01-06 12:33:34 ----D---- C:\Documents and Settings\Jeje\Application Data\DNA
2010-01-06 12:28:19 ----D---- C:\WINDOWS\Temp
2010-01-06 12:23:29 ----D---- C:\Program Files\DNA
2010-01-06 12:22:06 ----D---- C:\WINDOWS
2010-01-06 12:21:55 ----SHD---- C:\System Volume Information
2010-01-06 12:21:17 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2010-01-06 12:21:17 ----D---- C:\WINDOWS\system32\drivers
2010-01-06 12:20:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-06 11:54:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-06 11:36:39 ----SHD---- C:\WINDOWS\Installer
2010-01-06 11:36:37 ----D---- C:\WINDOWS\WinSxS
2010-01-06 11:36:14 ----D---- C:\Program Files
2010-01-06 11:17:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-06 10:58:11 ----D---- C:\WINDOWS\system32\config
2010-01-06 10:58:09 ----D---- C:\WINDOWS\system32
2010-01-06 10:03:27 ----A---- C:\WINDOWS\system.ini
2010-01-06 10:01:27 ----D---- C:\WINDOWS\AppPatch
2010-01-06 10:01:17 ----D---- C:\Program Files\Fichiers communs
2010-01-06 09:57:21 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-06 09:44:41 ----SD---- C:\WINDOWS\Tasks
2010-01-06 09:44:40 ----RSD---- C:\WINDOWS\Fonts
2010-01-06 09:40:09 ----RASH---- C:\boot.ini
2010-01-06 09:20:56 ----D---- C:\WINDOWS\Prefetch
2010-01-05 19:09:49 ----HD---- C:\WINDOWS\inf
2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\svchost.exe
2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\spoolsv.exe
2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\services.exe
2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\lsass.exe
2009-12-26 13:56:36 ----D---- C:\Documents and Settings\Jeje\Application Data\Skype
2009-12-26 13:32:19 ----D---- C:\Program Files\Tomtomax Maxi-Box
2009-12-24 11:49:43 ----A---- C:\WINDOWS\win.ini
2009-12-22 11:09:21 ----D---- C:\Documents and Settings\Jeje\Application Data\DMCache
2009-12-21 19:53:34 ----SHD---- C:\WINDOWS\CSC
2009-12-19 18:31:14 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-12-19 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2009-12-19 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-12-19 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-12-19 17:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-12-19 17:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2009-12-19 17:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-12-19 17:03:26 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-12-19 17:03:24 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2009-12-19 17:03:22 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-12-19 17:03:22 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
2009-12-19 17:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2009-12-19 17:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2009-12-19 17:03:18 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2009-12-19 17:03:17 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2009-12-19 17:03:16 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
2009-12-19 17:03:15 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$
2009-12-19 17:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-12-19 17:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
2009-12-19 17:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2009-12-19 17:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$
2009-12-19 17:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941644$
2009-12-19 17:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-12-19 17:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2009-12-19 17:03:05 ----HDC---- C:\WINDOWS\$NtUninstallKB946627$
2009-12-19 17:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2009-12-19 17:02:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951376_0$
2009-12-19 17:02:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-12-19 17:02:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-12-19 17:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-12-19 17:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-12-19 17:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-19 17:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-12-19 17:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-12-19 17:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-19 17:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-19 17:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-19 17:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB963027$
2009-12-19 17:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-12-19 17:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-12-19 17:02:40 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-19 17:02:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-19 17:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-12-19 17:02:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-19 17:02:32 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-12-19 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-12-19 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-12-19 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2009-12-18 11:31:40 ----D---- C:\WINDOWS\Debug
2009-12-18 10:59:45 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-17 10:36:39 ----D---- C:\Documents and Settings\Jeje\Application Data\UseNeXT
2009-12-17 10:23:43 ----D---- C:\Program Files\eMule
2009-12-15 15:27:45 ----A---- C:\WINDOWS\ModemLog_Olitec SmartMemory 56000 V90 & K56 PnP.txt
2009-12-15 12:05:40 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-15 11:08:34 ----RSD---- C:\WINDOWS\assembly
2009-12-15 11:08:15 ----SD---- C:\Documents and Settings\Jeje\Application Data\Microsoft
2009-12-15 11:06:53 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-12-15 11:06:35 ----D---- C:\Program Files\Microsoft Office
2009-12-15 10:32:10 ----A---- C:\WINDOWS\ModemLog_Olitec Smart Memory 56000 V90 & K56.txt
2009-12-15 10:23:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-15 10:09:22 ----A---- C:\WINDOWS\wgedit.ini
2009-12-10 11:58:33 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-12-09 09:32:50 ----D---- C:\Program Files\Internet Explorer
2009-12-09 09:32:28 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-08 19:32:47 ----D---- C:\Program Files\WinPhone eXPert

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Pilote de processeur AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NIS\1101000.013\ccHPx86.sys [2009-10-20 501888]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\system32\drivers\NIS\1101000.013\SRTSP.SYS [2009-10-09 325168]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1101000.013\SRTSPX.SYS [2009-10-09 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1101000.013\Ironx86.SYS [2009-10-09 114736]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\system32\drivers\NIS\1101000.013\SYMTDI.SYS [2009-10-15 361520]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-02-08 278984]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-02-08 25416]
R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSxpx86.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-06 4755968]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-07-13 171008]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.053\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.053\NAVEX15.SYS []
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-01-16 6305120]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-07 21760]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-12-09 296448]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\system32\drivers\AWRTPD.sys []
S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; \??\C:\WINDOWS\system32\drivers\AWRTRD.sys []
S3 afwqpjan;afwqpjan; C:\WINDOWS\system32\drivers\afwqpjan.sys []
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\drivers\BT.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 catchme;catchme; \??\C:\DOCUME~1\Jeje\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hcdriver;Intel EHCI Compliance Test Tool Device Driver; C:\WINDOWS\system32\DRIVERS\hcdriver.sys [2006-11-20 50432]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 nocashio;nocashio; C:\WINDOWS\system32\drivers\nocashio.sys [2009-06-30 4096]
S3 OVT511Plus;Dual Mode USB Camera Plus; C:\WINDOWS\System32\Drivers\omcamvid.sys [2001-09-18 167816]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SPC500NC;Philips SPC500NC Webcam; C:\WINDOWS\system32\DRIVERS\SPC500NC.SYS [2007-06-21 409600]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Driver Programmateur USB COGELEC; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\drivers\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\system32\drivers\VcommMgr.sys []
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2007-10-11 51712]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2010-01-05 16896]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2007-10-16 1094936]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2002-01-29 77824]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2002-07-17 94208]
R2 FolderSize;Folder Size; C:\Program Files\FolderSize\FolderSizeSvc.exe [2007-11-14 131072]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2008-12-18 9158656]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe [2009-10-20 126392]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-01-16 163908]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-17 1044808]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2010-01-05 16896]
R2 yksvc;Marvell Yukon Service; ykx32mpcoinst,serviceStartProc []
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-28 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-01-06 435016]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

| Alerter

Répondre à jeje1967

Destrio5

6 Janvier 2010 12:08:53

Je m'absente.

| Alerter

Répondre à Destrio5

jeje1967

7 Janvier 2010 11:07:48

je pensais que destrio5 terminerait son analyse avec moi mais .....
ceci étant merci a destrio5 pour ces solutions.
peut on m'indiquer au vu des rapports log si mon problème est fini ou si j'ai encore des choses a supprimer?
merci d'avance

| Alerter

Répondre à jeje1967

Destrio5

7 Janvier 2010 16:15:15

Télécharge HostsXpert sur ton Bureau.

Décompresse-le (Clic droit >> Extraire ici).

Double-clique sur HostsXpert pour le lancer.

Clique sur le bouton Restore MS Hosts File puis ferme le programme.

PS : Avant de cliquer sur le bouton Restore MS Hosts File, vérifie que le cadenas en haut à gauche soit ouvert sinon tu vas avoir un message d'erreur.

Et pour le rapport info ?

| Alerter

Répondre à Destrio5

jeje1967

7 Janvier 2010 18:21:09

ok donc HostsXpert c fait.
En ce qui concerne le rapport info il est au dessus quand tu t absenté; il était déjà posté.
Par contre, bon mon écran bureau est revenu avec la barre de menu "démarrer" mais par contre je ne peux pas ouvrir les dossiers en fait on dirait qu'il essaye d'ouvrir ca sous une fentre DOS avec command.com ?????

| Alerter

Répondre à jeje1967

Destrio5

7 Janvier 2010 18:28:46

Non, c'est le rapport log et non info.

| Alerter

Répondre à Destrio5

jeje1967

7 Janvier 2010 19:25:46

Ok autant pour excuse moi donc voici le rapport info.

info.txt logfile of random's system information tool 1.06 2010-01-06 08:06:25

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
1-2-3 Schéma-->C:\WINDOWS\IsUn040c.exe -fc:\Hager\Taloha\Uninst.isu
40000 lettres types & correspondance-->"C:\Program Files\Anuman Interactive\40000 lettres types & correspondance\unins000.exe"
ABBYY PDF Transformer 1.0-->MsiExec.exe /I{4837718C-5B6E-4496-B283-FFFB5A937825}
Access Password Recovery Master 1.0-->"C:\Program Files\Access Password Recovery Master\unins000.exe"
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
ArcSoft Software Suite-->C:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\Setup.exe -runfromtemp -l0x040c -removeonly
Camfrog Video Chat 5.3-->"C:\Program Files\Camfrog\Camfrog Video Chat\uninstall.exe"
Canon MP Navigator EX 3.0-->"C:\Program Files\Canon\MP Navigator EX 3.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 3.0\uninst.ini
Canon MP640 series MP Drivers-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini uinstrsc.dll
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
Ciel Compta pour Windows-->C:\WINDOWS\unin040c.exe -fC:\CIEL\WCPTA\DeIsL1.isu
Ciel Gestion Commerciale Evolution pour Windows-->C:\WINDOWS\unin040c.exe -fC:\CIEL\WGC\DeIsL1.isu
Ciel Liasse Fiscale pour Windows-->C:\WINDOWS\unin040c.exe -fC:\CIEL\WLF\DeIsL1.isu
City Life Deluxe-->D:\Jeux installés\CityLife\City Life Deluxe\uninst.exe
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
CureROM Pro 1.3.1-->C:\Program Files\CureROM\uninst.exe
Diskeeper 2008 Pro Premier-->MsiExec.exe /X{4ECCF281-ED79-4EA7-AE89-5E39D3291C2A}
DivX ;-) Audio Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\WINDOWS\INF\DivX Audio codec.inf
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver Genius Professional Edition 2007-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"
DriverMax 4-->"C:\Program Files\Innovative Solutions\DriverMax\unins000.exe"
DTE-->C:\WINDOWS\IsUninst.exe -fC:\DTE\Uninst.isu
DVD Decoder Pak for Windows XP-->MsiExec.exe /X{92C5DB3D-9D6F-4324-BB11-57825F4C2635}
eLearn CDROM 1.0-->C:\eLearn\unins000.exe
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Enregistrement utilisateur de Canon MP640 series-->C:\Program Files\Canon\IJEREG\MP640 series\UNINST.EXE
EVEREST Ultimate Edition v5.00-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
eXtreme Movie Manager 6.7.4.0 - Full Install!-->"C:\Program Files\eXtreme Movie Manager\unins000.exe"
Folder Size for Windows-->MsiExec.exe /I{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HomePlayer 1.5.9-->C:\Program Files\HomePlayer\uninst.exe
Hotel Giant 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6328CF1B-FA83-485C-94F5-B3D1B4B934E2}\setup.exe" -l0x40c -uninst -removeonly
Hotfix 2055 for SQL Server 2000 ENU (KB960082)-->"C:\WINDOWS\$SQLUninstallSQL2000-KB960082-v8.00.2055-x86-ENU$\spuninst\spuninst.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Internet Download Manager-->C:\Program Files\Internet Download Manager\Uninstall.exe
Jasc Paint Shop Pro 9-->MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Kaspersky Online Scanner-->C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
KC Softwares AudioGrail-->"C:\Program Files\KC Softwares\AudioGrail\unins000.exe"
La_SchemaTech-->MsiExec.exe /I{3BA69722-4F00-4195-ABCE-1B290F884E32}
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
LightSoft-->"C:\Cogelec\LightSoft\unins000.exe"
Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Desktop Engine (PINNACLESYS)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{CBDE9C7D-CF52-4558-B23E-B66359CB586A}
Nokia Flashing Cable Driver-->MsiExec.exe /X{2A0A6470-FD0F-4F45-9B11-85F3167DB943}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{D5577624-0626-4C4B-87AA-D966DA1739D6}\Nokia_PC_Suite_rel_7_0_9_2_fre.exe
Nokia PC Suite-->MsiExec.exe /I{D5577624-0626-4C4B-87AA-D966DA1739D6}
Nokia Software Updater-->MsiExec.exe /X{A2A0D7E5-BBD0-4948-B452-63A91354C12C}
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\17.1.0.19\InstStub.exe /X
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
ODF Add-in for Microsoft Office-->MsiExec.exe /I{59D1195A-7E64-4120-BB37-F053D9FD45FB}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Package de pilotes Windows - Nokia Modem (03/05/2008 3.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
Package de pilotes Windows - Nokia Modem (03/13/2008 6.86.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf
Package de pilotes Windows - Nokia Modem (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf
Package de pilotes Windows - Nokia Modem (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9\nokbtmdm.inf
Package de pilotes Windows - Nokia Modem (08/03/2007 6.84.0.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_1EB5F2E6F54A6BEDE9F436D1BA5D830FC71739BE\nokbtmdm.inf
Package de pilotes Windows - Nokia Modem (10/12/2007 3.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7\nokia_bluetooth.inf
Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PC Connectivity Solution-->MsiExec.exe /I{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}
PCC-1O01A-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F35C4331-A385-4DC9-9BAE-485E4C999D07}\setup.exe" -l0x9
PDF Password Cracker Pro v2.0-->"C:\Program Files\PDF Password Cracker Pro v2.0\unins000.exe"
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
pdfforge Toolbar v1.1.1-->MsiExec.exe /X{4EF8BE6A-899C-4196-94E7-297C5F7A203E}
Philips SPC500NC Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C243875A-1622-427A-BBAB-57EA705A6C3D}\setup.exe" -l0x40c -removeonly
Philips VLounge-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9486FE2-407B-4B45-B353-0EBE1E4F4FDE}\Setup.exe" -l0x40c
PHOTOfunSTUDIO HD Edition-->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x040c -z"Uninstall" -removeonly
ProSoft v1.2.1-->"C:\Cogelec\ProSoft\unins000.exe"
QuickMonth Calendar 1.2-->"C:\WINDOWS\unins000.exe"
QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Semiolog-->C:\WINDOWS\IsUn040c.exe -fc:\Hager\Semiolog\Uninst.isu
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002)-->MsiExec.exe /X{09959E11-AD5D-408E-96AF-E3346954D6B8}
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002)-->MsiExec.exe /X{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sony Sound Forge Audio Studio 9.0-->MsiExec.exe /X{20207CCE-A8FA-44A7-AA3D-1E43EB307B27}
SUPER © Version 2008.bld.33 (Sep 2, 2008)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
TeLL me More Anglais prestige-->"D:\JEUX INSTALLÉS\TELL ME MORE NV ANGLAIS PRESTIGE\BIN\unsetup.exe" -file "D:\JEUX INSTALLÉS\TELL ME MORE NV ANGLAIS PRESTIGE\unsetup.aui"
Thrustmaster FFB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}\setup.exe" -l0x40c -removeonly
TomTom HOME 2.7.3.1894-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Tomtomax Maxi-Box V2.0.19-->"C:\Program Files\Tomtomax Maxi-Box\unins000.exe"
TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}
Ultra AVI Converter 5.0.1123-->"C:\Program Files\Ultra AVI Converter\unins000.exe"
Uniblue RegistryBooster 2-->"C:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WebCam T'nB-->C:\Program Files\WebCamTnB\Uninstal.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinGTSystem-->C:\PROGRA~1\WINGTS~1\UNWISE.EXE C:\PROGRA~1\WINGTS~1\INSTALL.LOG
WinHTTrack Website Copier 3.42-2-->"C:\Program Files\WinHTTrack\unins000.exe"
WinPhone eXPert-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C339CAC7-65FF-40F3-9D56-317BF20C8CFE}\Setup.exe" -l0x40c ControlPanel
X-Lite 3.0-->"C:\Program Files\CounterPath\X-Lite\unins000.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XviD Video Codec 18082002-1 (Koepi's build with EPSZ ME)-->"C:\Program Files\XviD\UninstXviD.exe"

======Hosts File======

65.75.216.6 www.winmx.com err.winmx.com
205.238.40.54 www.winmx.com err.winmx.com
65.75.216.6 cache0.winmx.com test3201.winmx.com test3206.winmx.com
65.75.216.7 cache1.winmx.com test3202.winmx.com test3207.winmx.com
82.43.229.238 cache2.winmx.com test3203.winmx.com test3208.winmx.com
205.238.40.1 cache3.winmx.com test3204.winmx.com
205.238.40.2 cache4.winmx.com test3205.winmx.com
65.75.216.6 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
65.75.216.6 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
65.75.216.6 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com

======System event log======

Computer Name: PCFIXE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service LiveUpdate.

Record Number: 33836
Source Name: Service Control Manager
Time Written: 20091119011950.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: PCFIXE
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : arrêté.

Record Number: 33835
Source Name: Service Control Manager
Time Written: 20091118215117.000000+060
Event Type: Informations
User:

Computer Name: PCFIXE
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.

Record Number: 33834
Source Name: Service Control Manager
Time Written: 20091118215017.000000+060
Event Type: Informations
User:

Computer Name: PCFIXE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Google Software Updater.

Record Number: 33833
Source Name: Service Control Manager
Time Written: 20091118215017.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: PCFIXE
Event Code: 7036
Message: Le service LiveUpdate est entré dans l'état : arrêté.

Record Number: 33832
Source Name: Service Control Manager
Time Written: 20091118210900.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: PCFIXE
Event Code: 1904
Message:
Record Number: 5246
Source Name: HHCTRL
Time Written: 20091102081153.000000+060
Event Type: Informations
User:

Computer Name: PCFIXE
Event Code: 1904
Message:
Record Number: 5245
Source Name: HHCTRL
Time Written: 20091102081153.000000+060
Event Type: Informations
User:

Computer Name: PCFIXE
Event Code: 1904
Message:
Record Number: 5244
Source Name: HHCTRL
Time Written: 20091102081153.000000+060
Event Type: Informations
User:

Computer Name: PCFIXE
Event Code: 1904
Message:
Record Number: 5243
Source Name: HHCTRL
Time Written: 20091102081153.000000+060
Event Type: Informations
User:

Computer Name: PCFIXE
Event Code: 1904
Message:
Record Number: 5242
Source Name: HHCTRL
Time Written: 20091102081153.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\DISKEE~1\DISKEE~1\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

| Alerter

Répondre à jeje1967

Destrio5

7 Janvier 2010 20:26:20

Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

Double-clique sur UsbFix pour l'exécuter.

Choisis l'option 1 (Recherche).

Laisse travailler l'outil.

Poste le rapport UsbFix.txt.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

| Alerter

Répondre à Destrio5

jeje1967

7 Janvier 2010 20:39:19

Voila le log de USBfIX

############################## | UsbFix V6.071 |

User : Jeje (Administrateurs) # PCFIXE
Update on 06/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 21:32:32 | 07/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Norton Internet Security 17.1.0.19 [ Enabled | Updated ]
FW : Norton Internet Security[ Enabled ]17.1.0.19

C:\ -> Disque fixe local # 18,64 Go (2,27 Go free) # NTFS
D:\ -> Disque fixe local # 298,09 Go (56,88 Go free) [Sauvegarde DD2] # NTFS
E:\ -> Disque fixe local # 149,05 Go (9,34 Go free) [DD3 160 Go] # NTFS
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
K:\ -> Disque CD-ROM
L:\ -> Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 860
C:\WINDOWS\system32\csrss.exe 1228
C:\WINDOWS\system32\winlogon.exe 1404
C:\WINDOWS\system32\services.exe 1592
C:\WINDOWS\system32\lsass.exe 1636
C:\WINDOWS\system32\svchost.exe 1836
C:\WINDOWS\system32\svchost.exe 1940
C:\WINDOWS\System32\svchost.exe 160
C:\WINDOWS\system32\svchost.exe 308
C:\WINDOWS\system32\svchost.exe 548
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe 684
C:\WINDOWS\Explorer.EXE 1168
C:\WINDOWS\system32\spoolsv.exe 1304
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe 2004
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe 604
C:\WINDOWS\system32\bgsvcgen.exe 600
C:\WINDOWS\system32\svchost.exe 696
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe 888
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe 1264
C:\Program Files\FolderSize\FolderSizeSvc.exe 1456
C:\Program Files\Microsoft IntelliPoint\ipoint.exe 1028
C:\Program Files\Java\jre6\bin\jqs.exe 1068
C:\Program Files\Microsoft IntelliType Pro\itype.exe 1076
C:\WINDOWS\RTHDCPL.EXE 1468
C:\WINDOWS\system32\RUNDLL32.EXE 972
C:\WINDOWS\system32\rundll32.exe 1564
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe 1604
C:\progra~1\fichie~1\instal~1\update~1\issch.exe 196
C:\Program Files\Java\jre6\bin\jusched.exe 2156
C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe 2188
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe 2792
C:\Program Files\CDBurnerXP\NMSAccessU.exe 3016
C:\WINDOWS\system32\nvsvc32.exe 3140
C:\WINDOWS\system32\svchost.exe 3272
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 3464
C:\Program Files\DNA\btdna.exe 3520
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 3680
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe 4024
C:\WINDOWS\system32\ctfmon.exe 1236
C:\WINDOWS\system32\wdfmgr.exe 2352
C:\WINDOWS\system32\RUNDLL32.EXE 2460
C:\WINDOWS\qmc.exe 2592
C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe 3684
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe 2616
C:\WINDOWS\System32\alg.exe 3228
C:\Program Files\Mozilla Firefox\firefox.exe 1956
C:\WINDOWS\system32\wbem\wmiprvse.exe 2360

################## | Elements infectieux |

################## | Registre |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

################## | Cracks > Keygens > Serials |

################## | ! Fin du rapport # UsbFix V6.071 ! |

| Alerter

Répondre à jeje1967

Destrio5

7 Janvier 2010 20:50:58

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

Double-clique sur UsbFix présent sur ton Bureau pour le lancer.

Choisis l'option 2 (Suppression).

Ton Bureau disparaîtra et le PC redémarrera.

Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.

Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

| Alerter

Répondre à Destrio5

jeje1967

9 Janvier 2010 12:52:16

Avec quelque jours de retard, il faut bien bosser, voici le rapport apres suppression avec usbfix

############################## | UsbFix V6.071 |

User : Jeje (Administrateurs) # PCFIXE
Update on 06/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 12:59:58 | 09/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Norton Internet Security 17.1.0.19 [ Enabled | Updated ]
FW : Norton Internet Security[ Enabled ]17.1.0.19

C:\ -> Disque fixe local # 18,64 Go (2,17 Go free) # NTFS
D:\ -> Disque fixe local # 298,09 Go (56,94 Go free) [Sauvegarde DD2] # NTFS
E:\ -> Disque fixe local # 149,05 Go (9,34 Go free) [DD3 160 Go] # NTFS
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
L:\ -> Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 724
C:\WINDOWS\system32\csrss.exe 1052
C:\WINDOWS\system32\winlogon.exe 1124
C:\WINDOWS\system32\services.exe 1184
C:\WINDOWS\system32\lsass.exe 1196
C:\WINDOWS\system32\svchost.exe 1432
C:\WINDOWS\system32\svchost.exe 1540
C:\WINDOWS\System32\svchost.exe 1636
C:\WINDOWS\system32\svchost.exe 1788
C:\WINDOWS\system32\svchost.exe 1912
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe 1960
C:\WINDOWS\system32\spoolsv.exe 524
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe 848
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe 1044
C:\WINDOWS\system32\bgsvcgen.exe 1072
C:\WINDOWS\system32\svchost.exe 1056
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe 1324
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe 1368
C:\Program Files\FolderSize\FolderSizeSvc.exe 1448
C:\Program Files\Java\jre6\bin\jqs.exe 1904
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe 2040
C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe 576
C:\Program Files\CDBurnerXP\NMSAccessU.exe 616
C:\WINDOWS\system32\nvsvc32.exe 628
C:\WINDOWS\system32\svchost.exe 792
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 816
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe 1144
C:\WINDOWS\system32\wdfmgr.exe 1608
C:\WINDOWS\system32\RUNDLL32.EXE 1748
C:\WINDOWS\system32\wuauclt.exe 2184
C:\WINDOWS\System32\alg.exe 3228
C:\WINDOWS\system32\wbem\wmiprvse.exe 2916
C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe 3604
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe 3684
C:\WINDOWS\system32\userinit.exe 3792
C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe 3808
C:\WINDOWS\Explorer.EXE 3844
C:\WINDOWS\system32\wbem\wmiprvse.exe 2748

################## | Elements infectieux |

Supprimé ! C:\Recycler\S-1-5-21-436374069-1547161642-725345543-1003
Supprimé ! D:\$Recycle.Bin\S-1-5-21-2635879813-4033499100-240206174-1000
Supprimé ! D:\Recycler\S-1-5-21-117609710-1897051121-839522115-1003
Supprimé ! D:\Recycler\S-1-5-21-1715567821-1801674531-839522115-1003
Supprimé ! D:\Recycler\S-1-5-21-436374069-1547161642-725345543-1003
Supprimé ! D:\Recycler\S-1-5-21-854245398-1547161642-725345543-1003
Supprimé ! E:\Recycler\S-1-5-21-436374069-1547161642-725345543-1003
Supprimé ! E:\Recycler\S-1-5-21-854245398-1547161642-725345543-1003

################## | Registre |

Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

################## | Listing des fichiers présent |

[20/03/2009 23:36|--a------|128] C:\AUTOEXEC.BAT
[20/03/2009 22:59|--a------|212] C:\Boot.bak
[06/01/2010 09:40|-rahs----|282] C:\boot.ini
[05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin
[17/02/2008 23:59|--a------|177] C:\CielVideo.ini
[03/08/2004 23:00|--a------|263488] C:\cmldr
[06/01/2010 10:05|--a------|32594] C:\ComboFix.txt
[24/07/2008 14:55|--a------|102] C:\Config.Dat
[16/09/2007 17:50|--a------|0] C:\CONFIG.SYS
[06/11/2007 12:22|--a------|49236] C:\fat32format.exe
[04/11/2009 22:00|--a------|0] C:\hw.log
[04/11/2009 22:16|--a------|285] C:\ILsSrv.log
[31/10/2007 09:04|--a------|420] C:\InstallHelper.log
[16/09/2007 17:50|-rahs----|0] C:\IO.SYS
[14/05/2009 11:20|--a------|0] C:\iwctrllog.txt
[03/02/2009 22:48|--a------|0] C:\libSRTP_log.txt
[08/01/2010 10:22|--a------|4756] C:\LISTING.TXT
[28/02/2008 11:29|--a------|831] C:\MKDEMSG.LOG
[28/02/2008 11:28|--a------|2048] C:\MKDEWE.TRN
[18/03/2009 10:07|--a------|213406] C:\MSDELog.log
[16/09/2007 17:50|-rahs----|0] C:\MSDOS.SYS
[05/08/2004 13:00|-rahs----|47564] C:\NTDETECT.COM
[16/09/2008 08:33|-rahs----|252240] C:\ntldr
[29/02/2004 16:44|--a------|52576] C:\orange.bmp
[04/11/2009 22:16|--a------|653] C:\SIPPakage.log
[22/11/2009 16:37|--a------|921632] C:\SPC500NC.DAT
[09/01/2010 13:06|--a------|5214] C:\UsbFix.txt
[04/11/2009 22:16|--a------|187] C:\VisuIPUI.log
[28/04/2008 09:52|-ra------|328] C:\YukonInstall.log
[27/05/2009 22:01|--a------|3584] D:\playback.grf
[10/02/2007 15:04|--a------|14278] E:\Ciel_2004_crack_supergege.zip
[?|?|?] E:\pagefile.sys

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.

################## | Crack > Keygen > Serial |

################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\Jeje\Bureau\UsbFix_Upload_Me_PCFIXE.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.071 ! |

| Alerter

Répondre à jeje1967

Destrio5

9 Janvier 2010 19:22:54

Relance UsbFix et choisis l'option 6 pour le désinstaller.

Il te reste quel(s) souci(s) ?

| Alerter

Répondre à Destrio5

jeje1967

11 Janvier 2010 10:36:10

Merci pour tous ce que tu a fait pour moi,

les soucis qu'il me reste sont:
quand je clic sur un dossier sur mon bureau, il me lance une commande DOS c:/windows/system32/command.com et le dossier ne s'ouvre pas.
de plus quand je clic sur bureau dans lancement rapide rien ne se passe.
De plus j'ai essayé de faire ccleaner pour nettoyer la base de registre et la, une multitude d'erreur que je n'avais pas avant. je n'est pas réparé me disant que tu voudrais peut être voir un log de ces erreurs.
quand penses tu?

| Alerter

Répondre à jeje1967

Destrio5

11 Janvier 2010 14:23:15

Tu peux réparer les erreurs avec CCleaner.

| Alerter

Répondre à Destrio5

Tom's guide dans le monde