[Résolu] Arret à tord de combofix

Bonjour,

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Voila les 2 fichiers
info.txt logfile of random's system information tool 1.06 2010-01-08 16:34:19

======Uninstall list======

-->"C:\Program Files\Creative\SBAudigy2ZS\Program\Ctzapxx.EXE" /W /U /S /L:FRN
-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\AFPViewr\DeIsL5.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\Aoc\DeIsL1.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL100.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL101.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL132.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL68.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL69.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL70.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL71.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL72.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL73.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL74.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL75.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL76.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL77.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL78.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL79.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL80.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL81.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL82.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL83.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL84.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL85.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL86.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL87.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL88.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL89.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL90.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL91.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL92.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL93.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL94.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL95.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL96.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL97.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL98.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\DeIsL99.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\Emulator\DeIsL1.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\Emulator\DeIsL2.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\EZSetup\DeIsL1.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\Toolkit\DeIsL1.isu"
-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IBM\Client Access\Toolkit\DeIsL2.isu"
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{169F8893-C1C5-4847-972C-EA1E008112AC}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{169F8893-C1C5-4847-972C-EA1E008112AC}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{236FADD8-58FD-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{236FADD8-58FD-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5933921D-4253-40B6-B4D9-B7D680F1B6EC}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5933921D-4253-40B6-B4D9-B7D680F1B6EC}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{77ACE67A-0D21-4CEF-8A97-ED20A61B978B}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{77ACE67A-0D21-4CEF-8A97-ED20A61B978B}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF5F498-7FB5-11D6-9963-00A0C92C4EC3}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF5F498-7FB5-11D6-9963-00A0C92C4EC3}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9154ED7C-926E-49CC-B677-0CF3C5267457}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9154ED7C-926E-49CC-B677-0CF3C5267457}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3549608-69D3-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3549608-69D3-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9104A09A-EC83-11D8-8469-00D0B726B56E}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9104A09A-EC83-11D8-8469-00D0B726B56E}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9744AE38-1CC6-414F-96CE-0643AEE30A9B}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9744AE38-1CC6-414F-96CE-0643AEE30A9B}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB14DF5-3B04-4E3B-9969-695DBA7F2008}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB14DF5-3B04-4E3B-9969-695DBA7F2008}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E54F486-CD4A-44A5-B041-16D4E1E56A53}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E54F486-CD4A-44A5-B041-16D4E1E56A53}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
Adobe Reader 9.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
Ant Movie Catalog-->"C:\Program Files\Ant Movie Catalog\unins000.exe"
Assistant Publication de sites Web Microsoft 1.53-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall
Brennig's 1.4.2-->C:\Program Files\Brennig's\uninst.exe
Canon CanoScan Toolbox 4.9-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}\Setup.exe" -l0x40c anything
Canon i560-->C:\WINDOWS\system32\CNMCP58.exe "-PRINTERNAMECanon i560" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon i560 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon i560 Installer\Inst2\cnmi040c.dll"
Canon ScanGear Starter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\SETUP.EXE" -l0x40c anything
CDisplay 1.8.1.0 Fr-->C:\Program Files\CDisplay\UnInstall_CDisplay.exe
Cegetel ADSL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A16E2D86-7D92-48F4-9649-6029C96D4D8F}\setup.exe"
CircleSurround II Plugin for Windows Media Player-->MsiExec.exe /I{135BFFD7-D9C1-4374-B18C-BEB64FC7851C}
CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\windows\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Creative Jukebox Driver-->C:\Program Files\Creative\Jukebox 3 Drivers\DrvUnins.exe /s
Creative MediaSource-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\SETUP.EXE" -l0x40c /remove
Creative Removable Disk Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x40c /remove
Creative System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
Creative Zen Micro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D944236D-7992-41D6-8257-930B5832F1CC}\SETUP.EXE" -l0x40c /remove
CR-Hexact 2.3-->C:\Program Files\CR-TEKnologies\Hexact\desinstaller.exe
Crystal Reports-->MsiExec.exe /I{1FC5FDB9-E29F-4740-9A1B-3A8D08AF709E}
Crystal Reports-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\CrxRptfr.inf, Uninstall.NT
D-Link Bluetooth Software-->MsiExec.exe /X{90535871-81B9-4D99-8A13-A7EE97F2D7FE}
Dream Aquarium-->"C:\Program Files\Dream Aquarium\UnInstall.exe"
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
EtudBio V3.0.0.408-->"C:\Program Files\EtudBio\Uninstall.exe"
FreeGo version 4-->"C:\Program Files\FreeGo\unins000.exe"
Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
GearDrvs-->MsiExec.exe /I{CB84F0F2-927B-458D-9DC5-87832E3DC653}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.38\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GrabIt 1.7.2 Beta 3 (build 996)-->"C:\Program Files\GrabIt2\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IBM 32-bit Runtime Environment for Java 2, v1.4.2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E922961C-6DB6-41DE-9FEA-426DF3E9F81C} /l1036
IBM iSeries Access for Windows-->"C:\Program Files\IBM\Client Access\cwbinarp.exe"
IBM Rescue and Recovery with Rapid Restore-->MsiExec.exe /X{11783F13-C3A9-44A8-929B-21A476F65272}
IBM Themes-->MsiExec.exe /I{6CE96A14-61E2-48CC-837E-22710A953ADE}
IBM Update Connector-->MsiExec.exe /X{8D815BF3-2399-459C-B121-49373FEFB9E8}
InstallShield for Microsoft Visual C++ 6-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\InstallShield\InstallShield for Microsoft Visual C++ 6\Uninst.isu"
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
K-Lite Codec Pack 2.80 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LifeGlobe Goldfish Aquarium 2.0-->"C:\Program Files\Prolific Publishing, Inc\Goldfish Aquarium 2.0\unins000.exe"
LightScribe Diagnostic Utility-->MsiExec.exe /X{3754D55C-585E-4BC5-A182-4B70FABBFDB7}
Lizardtech DjVu Control-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{105CFC7C-6992-11D5-BD9D-000102C10FD8}\Setup.exe" -l0x40c
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
MAGIX Goya burnR 1.3.1.2 (F)-->C:\Program Files\MAGIX\Goya_burnR\instslct.exe
MAGIX Music Manager 2006 7.4.0.461 (F)-->C:\Program Files\MAGIX\Music_Manager_2006\instslct.exe
MAGIX Photo Clinic 5.5 5.5.29.0 (F)-->C:\Program Files\MAGIX\Photo_Clinic_55\instslct.exe
MAGIX Photo Manager 2007 4.1.1.53 (F)-->C:\Program Files\MAGIX\Photo_Manager_2007\instslct.exe
MAGIX Photos sur CD & DVD 6 deluxe 6.0.2.3 (F)-->C:\Program Files\MAGIX\Photos_sur_CD_DVD_6_dlx\instslct.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual Studio 6.0 Édition Professionnelle (Français)-->"C:\Program Files\Microsoft Visual Studio\Common\Setup\1036\Setup.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB974455)-->"C:\windows\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB976325)-->"C:\windows\ie7updates\KB976325-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\windows\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\windows\$NtUninstallKB970430$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970483)-->"C:\WINDOWS\$NtUninstallKB970483$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\windows\$NtUninstallKB973904$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\windows\$NtUninstallKB974318$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\windows\$NtUninstallKB974392$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 7 (KB976749)-->"C:\windows\ie7updates\KB976749-IE7\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB971737)-->"C:\windows\$NtUninstallKB971737$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\windows\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Mouse Suite-->Pmuninst.exe MouseSuite98
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero Suite-->C:\Program Files\Fichiers communs\Ahead\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
Norton 360-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.5.2.11\InstStub.exe /X
PakMan 2008-->"C:\Program Files\FreeGamePick.com\PakMan 2008\unins000.exe"
PC-Doctor for Windows-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{19C989C4-50AE-43A4-B06E-8C70FFFF852F} /l1036
PDFCreator Toolbar-->"C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_593.exe" _?=C:\Program Files\PDFCreator Toolbar
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
pdfsam-->C:\Program Files\pdfsam\uninstall.exe
Picasa 3-->"C:\Program Files\Google\Picasa31\Uninstall.exe"
Pinnacle PCTV-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C02ED4F-46B0-4E9E-87F7-47AEBA4031C8}\Setup.exe" -l0x40c -L0x40c UNINSTALL
Pinnacle TVCenter Pro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\setup.exe" -l0x40c
PowerArchiver-->C:\Program Files\PowerArchiver\UNINST.EXE
PrimoPDF -- brought to you by Nitro PDF Software-->"C:\Program Files\Nitro PDF\PrimoPDF\uninstaller.exe"
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
SAGEM F@st 800-840-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x40c
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sound Blaster Audigy 2 ZS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E2514D9-DC24-4634-B348-61F3EF0F1628}\SETUP.EXE" -l0x40c
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x40c -removeonly
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Super Video to Audio Converter 5.0-->"C:\Program Files\Witcobber\Super Video to Audio Converter\unins000.exe"
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
Symantec Technical Support Web Controls-->MsiExec.exe /X{20C53FA2-4307-4671-A93F-9463B29DFCF1}
TerraExplorer-->C:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U
Tests de QI et Mémoire-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A164036A-722E-41CB-A1C1-3C3825A575D6}\Setup.exe" -l0x40c
ThinkCentre Wallpaper-->MsiExec.exe /I{80380166-A872-4B78-B98A-33447A032BDF}
Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}
Uniblue SpeedUpMyPC 2009-->"C:\Documents and Settings\All Users\Application Data\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\speedupmypc2009.exe" REMOVE=TRUE MODIFY=FALSE
Uniblue SpeedUpMyPC 2009-->C:\Documents and Settings\All Users\Application Data\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\speedupmypc2009.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Venture Flock-->"C:\Program Files\FreeGamePick.com\Venture Flock\unins000.exe"
ViewSonic Monitor Drivers-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9
VLC media player 1.0.0-->C:\Program Files\adslTV\uninstall.exe
VMN Toolbar-->C:\Program Files\vmntoolbar\uninstall.exe
Web Media Player 0.64.1-->"C:\Program Files\Web Media Player\unins000.exe"
widget_programmes-->MsiExec.exe /X{29C877B1-19D9-3F74-E86C-2ECF5028C087}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 10 Hotfix - KB894476-->"C:\WINDOWS\$NtUninstallKB894476$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Winhex-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ROISYS\Winhex\Uninst.isu"
WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
Xvid 1.1.3 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Hosts File======

86.64.78.99 NPAR2
86.64.78.99 QNPAR2

======Security center information======

AV: Norton 360
FW: Norton 360

======System event log======

Computer Name: ASC1623
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk2\D au cours d'une opération de pagination.

Record Number: 53582
Source Name: Disk
Time Written: 20091224211646.000000+060
Event Type: Avertissement
User:

Computer Name: ASC1623
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk2\D au cours d'une opération de pagination.

Record Number: 53581
Source Name: Disk
Time Written: 20091224211646.000000+060
Event Type: Avertissement
User:

Computer Name: ASC1623
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk2\D au cours d'une opération de pagination.

Record Number: 53580
Source Name: Disk
Time Written: 20091224211646.000000+060
Event Type: Avertissement
User:

Computer Name: ASC1623
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk2\D au cours d'une opération de pagination.

Record Number: 53579
Source Name: Disk
Time Written: 20091224211646.000000+060
Event Type: Avertissement
User:

Computer Name: ASC1623
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk2\D au cours d'une opération de pagination.

Record Number: 53578
Source Name: Disk
Time Written: 20091224211646.000000+060
Event Type: Avertissement
User:

=====Application event log=====

Computer Name: ASC1623
Event Code: 4099
Message: Échec de l'ouverture de services.

Record Number: 59786
Source Name: WmiAdapter
Time Written: 20091019201829.000000+120
Event Type: erreur
User: BUILTIN\Administrateurs

Computer Name: ASC1623
Event Code: 4099
Message: Échec de l'ouverture de services.

Record Number: 59785
Source Name: WmiAdapter
Time Written: 20091019201827.000000+120
Event Type: erreur
User: BUILTIN\Administrateurs

Computer Name: ASC1623
Event Code: 4099
Message: Échec de l'ouverture de services.

Record Number: 59784
Source Name: WmiAdapter
Time Written: 20091019201826.000000+120
Event Type: erreur
User: BUILTIN\Administrateurs

Computer Name: ASC1623
Event Code: 4099
Message: Échec de l'ouverture de services.

Record Number: 59783
Source Name: WmiAdapter
Time Written: 20091019201826.000000+120
Event Type: erreur
User: BUILTIN\Administrateurs

Computer Name: ASC1623
Event Code: 4099
Message: Échec de l'ouverture de services.

Record Number: 59782
Source Name: WmiAdapter
Time Written: 20091019201824.000000+120
Event Type: erreur
User: BUILTIN\Administrateurs

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\lotus\notes;D:\lotus\notes\data;%SystemDrive%\IBMTOOLS\Python22;C:\PROGRA~1\IBM\CLIENT~1;C:\PROGRA~1\IBM\CLIENT~1\Shared;C:\PROGRA~1\IBM\CLIENT~1\Emulator;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.pyo;.pyc;.py;.pyw
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"RRU"=C:\Program Files\IBM\IBM Rapid Restore Ultra\
"PYTHONPATH"=%SystemDrive%\IBMTOOLS\utils\support;%SystemDrive%\IBMTOOLS\utils\logger
"IBMSHARE"=%SystemDrive%\IBMSHARE
"TCL_LIBRARY"=%SystemDrive%\IBMTOOLS\Python22\tcl\tcl8.4
"TK_LIBRARY"=%SystemDrive%\IBMTOOLS\Python22\tcl\tk8.4
"PYTHONCASEOK"=1
"CI_HOLOS_CLI"=C:\Program Files\Seagate Software\Open Olap\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2010-01-08 16:32:04
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 13 GB (17%) free of 73 GB
Total RAM: 2038 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:34:13, on 08/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\windows\System32\svchost.exe
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\windows\emMON.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\D-Link\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\windows\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\windows\system32\ctfmon.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.voila.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: 86.64.78.99 NPAR2
O1 - Hosts: 86.64.78.99 QNPAR2
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [emMON] emMON.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\D-Link\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\D-Link\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\D-Link\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.ap...
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{577EB73B-8DD5-4B5D-8B77-665AC182E54A}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\D-Link\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Fonction Commande à distance d'iSeries Access for Windows (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE
O23 - Service: Service Google Update (gupdate1ca477f3fcf988e) (gupdate1ca477f3fcf988e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe

--
End of file - 11582 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-07-07 439872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}]
VMN Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll [2009-08-22 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL [2009-08-22 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-03 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-27 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-10-08 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-07-07 439872]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-10-08 806912]
{A057A204-BACC-4D26-C39E-35F1D2A32EC8}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll [2009-08-22 378736]
- []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-03 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-02-22 126976]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-07-27 1388544]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-08-06 860160]
"UC_SMB"= []
"CTSysVol"=C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe [2003-07-02 57344]
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL []
"SBDrvDet"=C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe [2002-12-03 45056]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"RemoteCenter"= []
"emMON"=C:\windows\emMON.exe [2006-05-30 61440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-13 68856]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\D-Link\Logiciel Bluetooth\BTTray.exe
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxsrvc.dll [2005-02-22 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\C

Le rapport log est incomplet.

J'ai vu un peu tard, voila la fin desolé !

-------------------------------------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
pwdmon

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IBM\Updater\jre\bin\java.exe"="C:\Program Files\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\IBM\Updater\jre\bin\javaw.exe"="C:\Program Files\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\IBM\Updater\ucsmb.exe"="C:\Program Files\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IBM\Client Access\cwbunnav.exe"="C:\Program Files\IBM\Client Access\cwbunnav.exe:*:Enabled:cwbunnav.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Documents and Settings\Administrateur\Local Settings\Temp\WZSE0.TMP\SymNRT.exe"="C:\Documents and Settings\Administrateur\Local Settings\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Symantec Removal Utility"
"C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe"="C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe:* isabled:IziSpot"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:* isabled:adsltv"
"C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Freeplayer\vlc\vlc.exe"="C:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:* isabled:@xpsp2res.dll,-22019"
"C:\Program Files\Danware Data\NetOp Remote Control\GUEST\Ngstw32.exe"="C:\Program Files\Danware Data\NetOp Remote Control\GUEST\Ngstw32.exe:* isabled:NetOp 32 Guest Application - Copyright © 1995, 2000. All Rights Reserved."
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:* isabled:Internet Explorer"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IBM\Updater\jre\bin\java.exe"="C:\Program Files\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\IBM\Updater\jre\bin\javaw.exe"="C:\Program Files\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\IBM\Updater\ucsmb.exe"="C:\Program Files\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\Danware Data\NetOp Remote Control\GUEST\Ngstw32.exe"="C:\Program Files\Danware Data\NetOp Remote Control\GUEST\Ngstw32.exe:*:Enabled:NetOp 32 Guest Application - Copyright © 1995, 2000. All Rights Reserved."
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{22d0db85-d9ff-11db-8cb7-001485a6ba4f}]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{abcd9fe6-42b6-11dd-8f2a-001485a6ba4f}]
shell\AutoRun\command - F:\EmDesk.exe
shell\EmDesk\command - F:\EmDesk.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b7b28510-e04e-11db-8ccd-4d6564696130}]
shell\AutoRun\command - F:\Player.exe


======List of files/folders created in the last 1 months======

2010-01-08 16:33:24 ----D---- C:\windows\LastGood
2010-01-08 16:32:08 ----D---- C:\Program Files\trend micro
2010-01-08 16:32:04 ----D---- C:\rsit
2010-01-06 15:16:59 ----A---- C:\PixFile.txt
2009-12-24 10:29:51 ----A---- C:\windows\zip.exe
2009-12-24 10:29:51 ----A---- C:\windows\SWXCACLS.exe
2009-12-24 10:29:51 ----A---- C:\windows\SWSC.exe
2009-12-24 10:29:51 ----A---- C:\windows\SWREG.exe
2009-12-24 10:29:51 ----A---- C:\windows\sed.exe
2009-12-24 10:29:51 ----A---- C:\windows\PEV.exe
2009-12-24 10:29:51 ----A---- C:\windows\NIRCMD.exe
2009-12-24 10:29:51 ----A---- C:\windows\MBR.exe
2009-12-24 10:29:51 ----A---- C:\windows\grep.exe
2009-12-24 10:26:44 ----SD---- C:\ComboFix
2009-12-24 10:24:10 ----D---- C:\windows\ERDNT
2009-12-24 10:24:08 ----A---- C:\windows\system32\CF20885.exe
2009-12-24 10:23:55 ----D---- C:\Qoobox
2009-12-23 17:10:29 ----D---- C:\Documents and Settings\Administrateur\Application Data\uniblue
2009-12-23 17:10:10 ----D---- C:\Program Files\Uniblue
2009-12-23 17:10:00 ----HDC---- C:\Documents and Settings\All Users\Application Data\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2009-12-23 17:04:11 ----A---- C:\windows\system32\sshnas.dll
2009-12-22 22:22:34 ----D---- C:\Program Files\LightScribe Diagnostic Utility
2009-12-14 20:49:10 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-12-12 20:49:07 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-12-10 22:04:22 ----HDC---- C:\windows\$NtUninstallKB970430$
2009-12-10 22:04:13 ----HDC---- C:\windows\$NtUninstallKB974318$
2009-12-10 22:04:03 ----HDC---- C:\windows\$NtUninstallKB973904$
2009-12-10 22:03:27 ----HDC---- C:\windows\$NtUninstallKB974392$
2009-12-10 22:03:15 ----HDC---- C:\windows\$NtUninstallKB971737$

======List of files/folders modified in the last 1 months======

2010-01-08 16:33:28 ----D---- C:\windows\Prefetch
2010-01-08 16:33:27 ----D---- C:\windows\Temp
2010-01-08 16:33:27 ----AD---- C:\windows\system32
2010-01-08 16:33:26 ----HD---- C:\windows\inf
2010-01-08 16:33:24 ----D---- C:\windows\system32\CatRoot2
2010-01-08 16:33:24 ----AD---- C:\WINDOWS
2010-01-08 16:32:08 ----D---- C:\Program Files
2010-01-08 15:20:19 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-01-08 15:15:53 ----D---- C:\windows\Registration
2010-01-08 12:01:30 ----A---- C:\windows\SchedLgU.Txt
2010-01-08 10:22:25 ----SHD---- C:\windows\Installer
2010-01-06 20:40:40 ----D---- C:\Program Files\Google
2010-01-06 20:21:12 ----A---- C:\windows\{0000000A-00000000-00000001-00001102-00000004-20011102}.BAK
2010-01-06 20:13:30 ----A---- C:\windows\NeroDigital.ini
2010-01-05 19:04:00 ----RD---- C:\Mes documents
2010-01-04 18:18:05 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc
2010-01-03 18:30:03 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-01-03 18:30:03 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe
2009-12-31 12:40:36 ----SHD---- C:\windows\CSC
2009-12-28 22:52:44 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
2009-12-28 20:06:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
2009-12-26 13:51:21 ----D---- C:\windows\system32\Restore
2009-12-24 10:45:56 ----D---- C:\windows\network diagnostic
2009-12-24 10:31:35 ----D---- C:\windows\system32\drivers
2009-12-24 10:29:53 ----SHD---- C:\System Volume Information
2009-12-23 17:53:24 ----SD---- C:\windows\Tasks
2009-12-23 17:51:55 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2009-12-22 22:22:34 ----D---- C:\windows\WinSxS
2009-12-13 19:48:44 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-12-13 19:48:33 ----SD---- C:\windows\Downloaded Program Files
2009-12-12 13:48:28 ----N---- C:\windows\win.ini
2009-12-12 09:19:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\Creative
2009-12-11 11:47:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-10 22:04:25 ----RSHD---- C:\windows\system32\dllcache
2009-12-10 22:04:17 ----A---- C:\windows\imsins.BAK
2009-12-10 22:04:01 ----HD---- C:\windows\$hf_mig$
2009-12-10 22:03:48 ----D---- C:\windows\system32\fr-fr
2009-12-10 22:03:48 ----D---- C:\Program Files\Internet Explorer
2009-12-09 20:38:23 ----D---- C:\Documents and Settings\Administrateur\Application Data\dvdcss
2009-12-09 11:26:39 ----D---- C:\EXPORT_PDF
2009-12-09 11:19:33 ----A---- C:\windows\vbaddin.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;Symantec Heuristics Driver; C:\windows\System32\Drivers\N360\0305020.00B\BHDrvx86.sys [2009-08-22 259632]
R1 ccHP;Symantec Hash Provider; C:\windows\System32\Drivers\N360\0305020.00B\ccHPx86.sys [2009-08-22 482432]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20091230.004\IDSxpx86.sys []
R1 intelppm;Pilote de processeur Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 SRTSP;Symantec Real Time Storage Protection; C:\windows\System32\Drivers\N360\0305020.00B\SRTSP.SYS [2009-08-22 308272]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\windows\system32\drivers\N360\0305020.00B\SRTSPX.SYS [2009-08-22 43696]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\windows\System32\Drivers\N360\0305020.00B\SYMTDI.SYS [2009-08-22 217136]
R2 ACEDRV08;ACEDRV08; \??\C:\WINDOWS\system32\drivers\ACEDRV08.sys []
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R2 ibmfilter;ibmfilter; \??\C:\WINDOWS\system32\drivers\ibmfilter.sys []
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
R2 PMEM;PMEM; \??\C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS []
R2 ROB_A;Pinnacle WDM PCTV Audio Capture; C:\windows\system32\DRIVERS\rob_a.sys [2003-02-10 17664]
R2 ROB_V;Pinnacle WDM PCTV Video Capture; C:\windows\system32\drivers\rob_v.sys [2003-04-11 125568]
R3 aeaudio;aeaudio; C:\windows\system32\drivers\aeaudio.sys [2004-05-17 133200]
R3 b57w2k;Broadcom NetXtreme Fast Ethernet; C:\windows\system32\DRIVERS\b57xp32.sys [2004-12-06 126720]
R3 btaudio;Périphérique audio Bluetooth; C:\windows\system32\drivers\btaudio.sys [2004-11-30 17024]
R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\windows\system32\DRIVERS\btport.sys [2004-11-30 30299]
R3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\windows\system32\DRIVERS\btwdndis.sys [2004-11-30 148040]
R3 ctac32k;Creative AC3 Software Decoder; C:\windows\system32\drivers\ctac32k.sys [2003-07-10 651792]
R3 ctaud2k;Creative Audio Driver (WDM); C:\windows\system32\drivers\ctaud2k.sys [2003-06-20 509328]
R3 ctprxy2k;Creative Proxy Driver; C:\windows\system32\drivers\ctprxy2k.sys [2003-06-20 6144]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\windows\system32\drivers\ctsfm2k.sys [2003-06-20 136016]
R3 ElbyDelay;ElbyDelay; C:\windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 emupia;E-mu Plug-in Architecture Driver; C:\windows\system32\drivers\emupia2k.sys [2003-07-10 145232]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\System32\Drivers\GEARAspiWDM.sys [2009-09-19 26600]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\windows\system32\drivers\ha10kx2k.sys [2003-06-27 860592]
R3 hap16v2k;Creative P16V HAL Driver; C:\windows\system32\drivers\hap16v2k.sys [2003-06-27 159040]
R3 HidUsb;Pilote de classe HID Microsoft; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\windows\system32\DRIVERS\ialmnt5.sys [2005-02-22 807742]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\windows\system32\drivers\lvusbsta.sys [2005-05-27 22016]
R3 mouhid;Pilote HID de souris; C:\windows\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100107.049\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100107.049\NAVEX15.SYS []
R3 ossrv;Creative OS Services Driver; C:\windows\system32\drivers\ctoss2k.sys [2003-06-20 190208]
R3 pctvvbi;PCTVVBI; C:\windows\system32\DRIVERS\pctvvbi.sys [2002-11-11 6400]
R3 Pfc;Padus ASPI Shell; C:\windows\system32\drivers\pfc.sys [2002-06-17 14604]
R3 senfilt;senfilt; C:\windows\system32\drivers\senfilt.sys [2005-02-05 392832]
R3 smwdm;smwdm; C:\windows\system32\drivers\smwdm.sys [2004-09-01 259648]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;Symantec Network Filter Driver; C:\windows\System32\Drivers\N360\0305020.00B\SYMFW.SYS [2009-08-22 89904]
R3 SYMIDS;Symantec Network Filter Driver; C:\windows\System32\Drivers\N360\0305020.00B\SYMIDS.SYS [2009-08-22 33072]
R3 SymIMMP;SymIMMP; C:\windows\system32\DRIVERS\SymIM.sys [2009-08-22 36400]
R3 SYMNDIS;Symantec Network Filter Driver; C:\windows\System32\Drivers\N360\0305020.00B\SYMNDIS.SYS [2009-08-22 36400]
R3 usb_rndisx;Carte ISDN USB; C:\windows\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbscan;Pilote de scanneur USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WpdUsb;WpdUsb; C:\windows\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S1 geyekrymnacjgw;geyekrymnacjgw; C:\windows\system32\drivers\geyekrspveayun.sys [2009-07-17 66048]
S1 kbdhid;Pilote HID de clavier; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\windows\System32\Drivers\adildr.sys [2003-03-25 46455]
S3 ac97intc;Service d'installation du pilote audio Intel(r) 82801 (WDM); C:\windows\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 adiusbaw;USB ADSL WAN Adapter; C:\windows\system32\DRIVERS\adiusbaw.sys [2003-03-27 127145]
S3 Arp1394;Protocole client ARP 1394; C:\windows\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\windows\System32\Drivers\btwusb.sys [2004-11-30 55288]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\windows\system32\drivers\ctdvda2k.sys [2003-03-27 287920]
S3 E100B;Pilote de carte Intel (R) PRO; C:\windows\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 Jukebox3;Jukebox3; C:\windows\system32\DRIVERS\ctpdusb.sys [2004-09-30 16880]
S3 MidiSyn;MidiSyn; C:\windows\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\windows\System32\Drivers\mod7700.sys [2007-04-18 473728]
S3 MODRC;DiBcom Infrared Receiver; C:\windows\system32\DRIVERS\modrc.sys [2007-02-06 13440]
S3 MPE;Filtre BDA MPE; C:\windows\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\windows\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\windows\system32\DRIVERS\pcdrndisuio.sys [2005-02-01 12416]
S3 psadd;IBM PSA Access Driver; \??\C:\WINDOWS\system32\Drivers\psadd.sys []
S3 QCMerced;Logitech QuickCam Communicate; C:\windows\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]
S3 SLIP;Détrameur décalage BDA; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\windows\system32\DRIVERS\SymIM.sys [2009-08-22 36400]
S3 USB28xxBGA;USB 2883 Device; C:\windows\system32\DRIVERS\emBDA.sys [2006-09-12 292864]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\windows\system32\DRIVERS\emOEM.sys [2006-08-21 7168]
S3 usbaudio;Pilote USB audio (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\windows\system32\DRIVERS\wceusbsh.sys [2006-04-10 104576]
S3 WSTCODEC;Codec Teletext standard; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtre de bus AGP Intel; C:\windows\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\windows\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\windows\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\windows\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\windows\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\windows\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtre de bus AGP SIS; C:\windows\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2007-10-12 685816]
S4 viaagp;Filtre de bus AGP VIA; C:\windows\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 IBM Rapid Restore Ultra Service;IBM Rapid Restore Ultra Service; C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe [2004-12-16 385024]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [2009-08-22 117640]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 SSHNAS;SSHNAS; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
S2 gupdate1ca477f3fcf988e;Service Google Update (gupdate1ca477f3fcf988e); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-07 133104]
S2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-08-11 68096]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 btwdins;Bluetooth Service; C:\Program Files\D-Link\Logiciel Bluetooth\bin\btwdins.exe [2004-11-30 163840]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Cwbrxd;Fonction Commande à distance d'iSeries Access for Windows; C:\WINDOWS\CWBRXD.EXE [2003-10-07 57344]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-18 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe []
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S4 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S4 W3SVC;Publication World Wide Web; C:\windows\system32\inetsrv\inetinfo.exe [2008-04-14 15872]

-----------------EOF-----------------

[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Il va te demander d'installer la console de récupération : accepte.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

Si ComboFix ne se lance pas, renomme-le en KillRootkit puis relance-le.

Voila c'est fait.
Par contre je ne comprend pas ce message "AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE " car j'ai bien demandé son telechargement.
A la fin, j'ai vérifié dans mon explorateur, et l'arborescence est redevenue OK
------------------------------------------------------------------------------------------------------------------------
2 em point :
En début, j'ai eu un message "impossible de lister correctement la partition d'amorcage" et j'ai répondu "continuer"
------------------------------------------------------------------------------------------------------------------------

ComboFix 10-01-04.01 - Administrateur 08/01/2010 17:52:05.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2038.1434 [GMT 1:00]
Lancé depuis: c:\documents and settings\Administrateur\Bureau\ComboFix.exe
AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Internet Explorer\fxavx.ini
C:\Thumbs.db
c:\windows\EventSystem.log
c:\windows\Install.txt
c:\windows\system32\Cache
c:\windows\system32\Data
c:\windows\system32\Data\CT0060W.DAT
c:\windows\system32\Data\CTFRN.DAT
c:\windows\system32\Data\CTP0060W.DAT
c:\windows\system32\Data\CTP0061W.DAT
c:\windows\system32\Data\CTP0070W.DAT
c:\windows\system32\Data\CTP0073W.DAT
c:\windows\system32\Data\CTP0090W.DAT
c:\windows\system32\Data\CTP0091W.DAT
c:\windows\system32\Data\CTP0092W.DAT
c:\windows\system32\Data\CTP0095W.DAT
c:\windows\system32\Data\CTP0100W.DAT
c:\windows\system32\Data\CTP0101W.DAT
c:\windows\system32\Data\CTP0102W.DAT
c:\windows\system32\Data\CTP0103W.DAT
c:\windows\system32\Data\CTP0105W.DAT
c:\windows\system32\Data\CTP0150W.DAT
c:\windows\system32\Data\CTP0161W.DAT
c:\windows\system32\Data\CTP0162W.DAT
c:\windows\system32\Data\CTP0170W.DAT
c:\windows\system32\Data\CTP017AW.DAT
c:\windows\system32\Data\CTP017BW.DAT
c:\windows\system32\Data\CTP017CW.DAT
c:\windows\system32\Data\CTP017DW.DAT
c:\windows\system32\Data\CTP017EW.DAT
c:\windows\system32\Data\CTP017FW.DAT
c:\windows\system32\Data\CTP017GW.DAT
c:\windows\system32\Data\CTP017HW.DAT
c:\windows\system32\Data\CTP0191W.DAT
c:\windows\system32\Data\CTP0192W.DAT
c:\windows\system32\Data\CTP0221W.DAT
c:\windows\system32\Data\CTP0222W.DAT
c:\windows\system32\Data\CTP0230W.DAT
c:\windows\system32\Data\CTP0231W.DAT
c:\windows\system32\Data\CTP0232W.DAT
c:\windows\system32\Data\CTP0238W.DAT
c:\windows\system32\Data\CTP0240W.DAT
c:\windows\system32\Data\CTP0242W.DAT
c:\windows\system32\Data\CTP0243W.DAT
c:\windows\system32\Data\CTP0244W.DAT
c:\windows\system32\Data\CTP0280W.DAT
c:\windows\system32\Data\CTP0320W.DAT
c:\windows\system32\Data\CTP0350W.DAT
c:\windows\system32\Data\CTP0352W.DAT
c:\windows\system32\Data\CTP0360W.DAT
c:\windows\system32\Data\CTP1140W.DAT
c:\windows\system32\Data\CTP4620W.DAT
c:\windows\system32\Data\CTP4670W.DAT
c:\windows\system32\Data\CTP4760W.DAT
c:\windows\system32\Data\CTP4780W.DAT
c:\windows\system32\Data\CTP4790W.DAT
c:\windows\system32\Data\CTP4820W.DAT
c:\windows\system32\Data\CTP4830W.DAT
c:\windows\system32\Data\CTP4831W.DAT
c:\windows\system32\Data\CTP4832W.DAT
c:\windows\system32\Data\CTP4840W.DAT
c:\windows\system32\Data\CTP4850W.DAT
c:\windows\system32\Data\CTP4870W.DAT
c:\windows\system32\Data\CTP4871W.DAT
c:\windows\system32\Data\CTP4872W.DAT
c:\windows\system32\Data\CTP4875W.DAT
c:\windows\system32\Data\CTP4890W.DAT
c:\windows\system32\Data\CTP4891W.DAT
c:\windows\system32\Data\CTP4893W.DAT
c:\windows\system32\Data\CTPDXW.DAT
c:\windows\system32\Data\CTPM002W.DAT
c:\windows\system32\drivers\etc\lmhosts
c:\windows\system32\drivers\geyekrspveayun.sys
c:\windows\system32\geyekrrokvwvsd.dat
c:\windows\system32\geyekrvvkwnboy.dat
c:\windows\system32\Install.txt
c:\windows\system32\pwdmon.dll
c:\windows\system32\sshnas.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_geyekrymnacjgw
-------\Legacy_MSNCACHE
-------\Legacy_SOPIDKC
-------\Legacy_SSHNAS
-------\Service_geyekrymnacjgw
-------\Service_SSHNAS


((((((((((((((((((((((((((((( Fichiers créés du 2009-12-08 au 2010-01-08 ))))))))))))))))))))))))))))))))))))
.

2010-01-08 16:02 . 2009-12-09 09:00 2747440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100108.002\CCERASER.DLL
2010-01-08 16:02 . 2009-09-22 08:00 259440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100108.002\ECMSVR32.DLL
2010-01-08 16:02 . 2009-08-27 08:00 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100108.002\EECTRL.SYS
2010-01-08 16:02 . 2009-08-27 08:00 102448 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100108.002\ERASER.SYS
2010-01-08 16:02 . 2009-08-25 08:00 84912 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100108.002\NAVENG.SYS
2010-01-08 16:02 . 2009-08-25 08:00 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100108.002\NAVENG32.DLL
2010-01-08 16:02 . 2009-08-25 08:00 1647984 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100108.002\NAVEX32A.DLL
2010-01-08 16:02 . 2009-08-25 08:00 1323568 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100108.002\NAVEX15.SYS
2010-01-08 15:32 . 2010-01-08 15:34 -------- d-----w- c:\program files\trend micro
2010-01-08 15:32 . 2010-01-08 15:34 -------- d-----w- C:\rsit
2010-01-06 15:24 . 2010-01-06 15:24 33380 ---ha-w- c:\windows\system32\mlfcache.dat
2010-01-04 22:52 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091230.004\IDSvix86.sys
2010-01-04 22:52 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091230.004\IDSXpx86.sys
2010-01-04 22:52 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091230.004\Scxpx86.dll
2010-01-04 22:52 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091230.004\IDSxpx86.dll
2010-01-04 22:52 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091230.004\IDSviA64.sys
2009-12-24 09:24 . 2009-12-24 09:23 401408 ----a-w- c:\windows\system32\CF20885.exe
2009-12-23 16:37 . 2009-12-23 16:37 -------- d-----w- c:\documents and settings\Administrateur\ErrorLogs
2009-12-22 21:22 . 2009-12-22 21:22 -------- d-----w- c:\program files\LightScribe Diagnostic Utility
2009-12-19 08:54 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217.002\IDSvix86.sys
2009-12-19 08:54 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217.002\IDSXpx86.sys
2009-12-19 08:54 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217.002\Scxpx86.dll
2009-12-19 08:54 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217.002\IDSxpx86.dll
2009-12-19 08:54 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217.002\IDSviA64.sys
2009-12-14 19:49 . 2009-12-14 19:49 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-12-12 19:49 . 2009-12-12 19:49 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-12-12 19:48 . 2009-12-12 19:49 1956528 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe
2009-12-12 08:20 . 2008-04-14 02:33 30749 ----a-w- c:\documents and settings\Administrateur\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll
2009-12-12 08:20 . 2008-04-14 02:33 102400 ----a-w- c:\documents and settings\Administrateur\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll
2009-12-12 08:20 . 2008-04-14 02:33 57344 ----a-w- c:\documents and settings\Administrateur\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll
2009-12-12 08:20 . 2008-04-14 02:33 536576 ----a-w- c:\documents and settings\Administrateur\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll
2009-12-12 08:20 . 2008-04-14 02:33 200704 ----a-w- c:\documents and settings\Administrateur\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll
2009-12-12 08:20 . 2008-04-14 02:33 380445 ----a-w- c:\documents and settings\Administrateur\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll
2009-12-12 08:20 . 2008-03-25 04:51 621344 ----a-w- c:\documents and settings\Administrateur\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll
2009-12-12 08:20 . 2008-03-25 04:51 194144 ----a-w- c:\documents and settings\Administrateur\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll
2009-12-12 08:20 . 2008-03-25 04:50 60192 ----a-w- c:\documents and settings\Administrateur\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll
2009-12-12 08:20 . 2008-03-25 04:50 248608 ----a-w- c:\documents and settings\Administrateur\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll
2009-12-12 08:20 . 2008-03-25 04:50 355112 ----a-w- c:\documents and settings\Administrateur\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll
2009-12-12 08:20 . 2008-03-25 04:50 1516568 ----a-w- c:\documents and settings\Administrateur\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-08 16:59 . 2007-03-24 14:50 384 ----a-w- c:\windows\system32\DVCStateBkp-{0000000A-00000000-00000001-00001102-00000004-20011102}.dat
2010-01-08 16:59 . 2007-03-24 14:50 384 ----a-w- c:\windows\system32\DVCState-{0000000A-00000000-00000001-00001102-00000004-20011102}.dat
2010-01-08 14:20 . 1979-12-31 23:00 567136 ----a-w- c:\windows\system32\perfh00C.dat
2010-01-08 14:20 . 1979-12-31 23:00 105932 ----a-w- c:\windows\system32\perfc00C.dat
2010-01-06 19:40 . 2007-03-25 09:55 -------- d-----w- c:\program files\Google
2010-01-04 17:18 . 2009-07-09 18:57 -------- d-----w- c:\documents and settings\Administrateur\Application Data\vlc
2009-12-28 21:52 . 2007-03-25 09:55 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Skype
2009-12-28 19:06 . 2009-11-07 21:31 -------- d-----w- c:\documents and settings\Administrateur\Application Data\skypePM
2009-12-23 16:10 . 2009-12-23 16:10 -------- d-----w- c:\documents and settings\Administrateur\Application Data\uniblue
2009-12-23 16:10 . 2009-12-23 16:10 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2009-12-23 16:10 . 2009-12-23 16:10 -------- d-----w- c:\program files\Uniblue
2009-12-13 18:48 . 2008-10-24 18:20 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-12-12 08:19 . 2009-09-27 18:39 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Creative
2009-12-11 10:47 . 2009-07-21 15:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-11 10:45 . 2009-07-21 15:35 4844296 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-12-09 19:38 . 2009-10-13 18:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\dvdcss
2009-12-03 15:14 . 2009-07-21 15:34 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2009-07-21 15:34 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-09 03:19 . 2009-12-23 16:10 2838451 -c--a-w- c:\documents and settings\All Users\Application Data\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\speedupmypc2009.exe
2009-11-07 21:31 . 2009-11-07 21:31 48 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-29 07:44 . 1979-12-31 23:00 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:44 . 1979-12-31 23:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:44 . 1979-12-31 23:00 17408 ------w- c:\windows\system32\corpol.dll
2009-10-28 22:37 . 2009-11-12 21:34 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSvix86.sys
2009-10-28 22:37 . 2009-11-12 21:34 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-10-28 22:37 . 2009-11-12 21:34 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\Scxpx86.dll
2009-10-28 22:37 . 2009-11-12 21:34 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSxpx86.dll
2009-10-28 22:37 . 2009-11-12 21:34 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSviA64.sys
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys
2009-10-21 05:39 . 1979-12-31 23:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:39 . 1979-12-31 23:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-03 22:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 11:24 . 2004-09-17 16:04 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-13 10:33 . 1979-12-31 23:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:39 . 1979-12-31 23:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:39 . 1979-12-31 23:00 150528 ----a-w- c:\windows\system32\rastls.dll
2008-03-02 16:58 . 2008-11-13 19:43 520192 ----a-w- c:\program files\WinDjView-0.5.exe
2007-12-22 16:08 . 2007-12-22 15:54 48 --sh--w- c:\windows\S8E1DD430.tmp
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-13 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-02-22 126976]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-07-27 1388544]
"CTSysVol"="c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-07-02 57344]
"AsioReg"="CTASIO.DLL" [2003-06-20 118784]
"SBDrvDet"="c:\program files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 45056]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"emMON"="emMON.exe" [2006-05-30 61440]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - c:\program files\D-Link\Logiciel Bluetooth\BTTray.exe [2004-11-30 565309]
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-3-24 954475]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1378768790-793444470-927750060-1089\Scripts\Logon\0\0]
"Script"=cpy_proxy.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1378768790-793444470-927750060-1089\Scripts\Logon\0\1]
"Script"=Logon_AS.vbs

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1378768790-793444470-927750060-1104\Scripts\Logon\0\0]
"Script"=cpy_proxy.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1378768790-793444470-927750060-1104\Scripts\Logon\1\0]
"Script"=Logon_AS.vbs

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1378768790-793444470-927750060-500\Scripts\Logon\0\0]
"Script"=cpy_proxy.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-796845957-1592454029-725345543-500\Scripts\Logon\0\0]
"Script"=cpy_proxy.bat

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\IBM\\Updater\\jre\\bin\\java.exe"=
"c:\\Program Files\\IBM\\Updater\\jre\\bin\\javaw.exe"=
"c:\\Program Files\\IBM\\Updater\\ucsmb.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\IBM\\Client Access\\cwbunnav.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\adslTV\\adsltv.exe"=
"c:\\Program Files\\adslTV\\vlc.exe"=
"c:\\Program Files\\Freeplayer\\vlc\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5900:TCP"= 5900:TCP:* isabled:ultra vnc
"5800:TCP"= 5800:TCP:* isabled:ultra vnc web
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\RemoteAdminSettings]
"RemoteAddresses"= *
"Enabled"= 1 (0x1)

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/10/2007 20:46 685816]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0305020.00B\SymEFA.sys [19/09/2009 07:08 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\N360\0305020.00B\BHDrvx86.sys [19/09/2009 07:08 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0305020.00B\cchpx86.sys [19/09/2009 07:08 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091230.004\IDSXpx86.sys [04/01/2010 23:52 329592]
R2 ACEDRV08;ACEDRV08;c:\windows\system32\drivers\ACEDRV08.sys [18/03/2009 19:56 108768]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [19/09/2009 07:08 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [06/01/2010 19:06 102448]
R3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [24/03/2007 12:51 6400]
S0 kkon;kkon;c:\windows\system32\drivers\ibbgjs.sys --> c:\windows\system32\drivers\ibbgjs.sys [?]
S2 gupdate1ca477f3fcf988e;Service Google Update (gupdate1ca477f3fcf988e);c:\program files\Google\Update\GoogleUpdate.exe [07/10/2009 19:51 133104]
S3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\drivers\modrc.sys [19/10/2008 19:53 13440]
.
Contenu du dossier 'Tâches planifiées'

2010-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-07 18:51]

2010-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-07 18:51]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.voila.fr/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Envoyer à &Bluetooth - c:\program files\D-Link\Logiciel Bluetooth\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
Trusted Zone: localhost
TCP: {577EB73B-8DD5-4B5D-8B77-665AC182E54A} = 212.27.40.240,212.27.40.241
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
.
- - - - ORPHELINS SUPPRIMES - - - -

Toolbar-{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
WebBrowser-{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
HKLM-Run-UC_SMB - (no file)
HKLM-Run-RemoteCenter - (no file)
HKU-Default-RunOnce-IETI - c:\program files\Skype\Phone\IEPlugin\unins000.exe
AddRemove-LifeGlobe Goldfish Aquarium 2.0_is1 - c:\program files\Prolific Publishing



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 18:05
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.5.2.11\diMaster.dll\" /prefetch:1"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-2781403149-322335905-4221762012-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync]
"Name"="ActiveSync"
"DisplayName"="Microsoft ActiveSync"
"Param1"="ActiveSync"
"Type"="wellknown"
"Order"=dword:00000001
"State"=dword:00000020

[HKEY_USERS\S-1-5-21-2781403149-322335905-4221762012-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings]
"Name"="IESettings"
"Type"="IESettings"
"Order"=dword:00000004
"State"=dword:0000000b

[HKEY_USERS\S-1-5-21-2781403149-322335905-4221762012-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles]
"Name"="MediaFiles"
"Type"="MediaFiles"
"Order"=dword:00000003
"State"=dword:0000000b

[HKEY_USERS\S-1-5-21-2781403149-322335905-4221762012-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW]
"Name"="NPW"
"Param1"="NPW"
"Type"="wellknown"
"Order"=dword:00000002
"State"=dword:0000000b

[HKEY_USERS\S-1-5-21-2781403149-322335905-4221762012-500\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook]
"Name"="Outlook"
"DisplayName"="Microsoft Outlook"
"Param1"="Outlook"
"Type"="wellknown"
"Order"=dword:00000000
"State"=dword:00000002
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(3160)
c:\program files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTJBNS2.dll
c:\program files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTIntrfc.dll
c:\program files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTConfig.DLL
c:\program files\Creative\Creative Zen Micro\Zen Micro Media Explorer\JBNSRES.DLL
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\dllhost.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\MsPMSPSv.exe
c:\windows\emMON.exe
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MICROS~4\rapimgr.exe
c:\program files\Microsoft ActiveSync\WCESMgr.exe
c:\program files\Microsoft Office\Office\OUTLOOK.EXE
.
**************************************************************************
.
Heure de fin: 2010-01-08 18:07:17 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-08 17:07

Avant-CF: 14 746 927 104 octets libres
Après-CF: 14 825 988 096 octets libres

- - End Of File - - 71B2912674F850454E368F7636A9D60B

/!\ Seul GAR69OV peut suivre cette procédure /!\

Désactive toute protection résidente (Antivirus...) !

---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :


---> Ouvre le Bloc-notes : Démarrer > Tous les programmes > Accessoires > Bloc-notes.

- Colle (CTRL+V) le texte dans le Bloc-notes.
- Enregistre ce fichier dans : Bureau
- Nom du fichier : CFScript
- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer.
- Quitte le Bloc-notes.

---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :

Cela va relancer Combofix : au message qui apparaît, accepte.

Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.

Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt

 

J'ai bien lancé comme indiqué et ai été diner
Au retour, mon PC n'a pas redémarré ( ou plutot a redémarré avec écran vide )
Là, je suis sur un autre PC

Faut-il couper et redémarrer ?

Oui, essaie.

bien redémarré,

le rapport dit à nouveau que la console n'est pas installée
est-il possible de la charger avant de relancer la manip à nouveau ?

Télécharge le fichier suivant et déplace-le sur ComboFix :
http://www.microsoft.com/downloads/details.aspx?FamilyI...

Bonjour Destrio5,

C'est fait, mais toujours le même résultat !

Menu Démarrer > Exécuter > Tape ComboFix /uninstall et valide.

Retélécharge ComboFix et relance-le.

C'est fait aussi.
Avec la version prise sur combofix.org.

Hélas, toujours le même résultat.

Mais une question : la console sert à la désinfection ou seulement en cas de soucis pour redémarrer correctement.
Plus globalement, la remise en ordre s'effectue-t-elle tout e même.

ComboFix plante ?

non,
je viens de relancer combofix pour voir exactement ce qui se passe :

voici ce qui s'effectue :
- le backup
- puis message "la console n'est pas installée voulez-vous ...
-> je répond oui
- connexion à download ....
- 1000 % effectué
- et immédiatement une fenêtre apparait avec "impossible de lister correctement la partition d'amorçage (boot ).
- et là j'ai le chois de continuer avec le scan ou pas. Cette fois j'ai répondu non. les autres fois, j'avais accepté.

Ok, refais un scan RSIT et poste le rapport log.

c'est lancé.
cette fois, j'ai un plantage :

---------------------------------
Please help us improve hijackThis by reporting this error

Click "Yes" to submit
Error Details:
An unexpected error has occured at procedure: modRegistry_IniGetString(sFile=system.ini, sSection=boot, sValue=Shell) Error #5 - Argument ou appel de prodédure incorrect
Windows version : Windos NT 5.01.2600
MSIE version : 7.0.5730.11
HijackThis version : 2.0.2

Choix de réponse Oui ou NON
--------------------------------------------------------------------

NB : je viens d'aller vois dans l'observateur d'évènement. rien de particulier depuis le lancement de rsit .

Pour info, je suis retraité de l'informatique moyens systèmes et micros.

Voila après avoir répondu YES au plantage
-----------------------------------------------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2010-01-11 17:25:55
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 12 GB (17%) free of 73 GB
Total RAM: 2038 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:43:17, on 11/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\windows\System32\svchost.exe
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\windows\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\windows\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\D-Link\Logiciel Bluetooth\BTTray.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\windows\system32\ctfmon.exe
C:\WINDOWS\system32\LVComsX.exe
C:\windows\system32\wscntfy.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.voila.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [emMON] emMON.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\D-Link\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\D-Link\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\D-Link\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.ap...
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{577EB73B-8DD5-4B5D-8B77-665AC182E54A}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\D-Link\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Fonction Commande à distance d'iSeries Access for Windows (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE
O23 - Service: Service Google Update (gupdate1ca477f3fcf988e) (gupdate1ca477f3fcf988e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe

--
End of file - 11011 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-07-07 439872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}]
VMN Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll [2009-08-22 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL [2009-08-22 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-03 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-27 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-10-08 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-07-07 439872]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-10-08 806912]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll [2009-08-22 378736]
- []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-03 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-02-22 126976]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-07-27 1388544]
"CTSysVol"=C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe [2003-07-02 57344]
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL []
"SBDrvDet"=C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe [2002-12-03 45056]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"emMON"=C:\windows\emMON.exe [2006-05-30 61440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-13 68856]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\D-Link\Logiciel Bluetooth\BTTray.exe
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxsrvc.dll [2005-02-22 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IBM\Updater\jre\bin\java.exe"="C:\Program Files\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\IBM\Updater\jre\bin\javaw.exe"="C:\Program Files\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\IBM\Updater\ucsmb.exe"="C:\Program Files\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IBM\Client Access\cwbunnav.exe"="C:\Program Files\IBM\Client Access\cwbunnav.exe:*:Enabled:cwbunnav.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:* isabled:adsltv"
"C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Freeplayer\vlc\vlc.exe"="C:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:* isabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IBM\Updater\jre\bin\java.exe"="C:\Program Files\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\IBM\Updater\jre\bin\javaw.exe"="C:\Program Files\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\IBM\Updater\ucsmb.exe"="C:\Program Files\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\Danware Data\NetOp Remote Control\GUEST\Ngstw32.exe"="C:\Program Files\Danware Data\NetOp Remote Control\GUEST\Ngstw32.exe:*:Enabled:NetOp 32 Guest Application - Copyright © 1995, 2000. All Rights Reserved."
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======List of files/folders created in the last 1 months======

2010-01-11 17:15:19 ----SD---- C:\ComboFix
2010-01-10 19:46:49 ----SHD---- C:\RECYCLER
2010-01-10 19:02:12 ----A---- C:\windows\zip.exe
2010-01-10 19:02:12 ----A---- C:\windows\SWXCACLS.exe
2010-01-10 19:02:12 ----A---- C:\windows\SWSC.exe
2010-01-10 19:02:12 ----A---- C:\windows\SWREG.exe
2010-01-10 19:02:12 ----A---- C:\windows\sed.exe
2010-01-10 19:02:12 ----A---- C:\windows\PEV.exe
2010-01-10 19:02:12 ----A---- C:\windows\MBR.exe
2010-01-10 19:02:12 ----A---- C:\windows\grep.exe
2010-01-10 19:02:03 ----D---- C:\Qoobox
2010-01-08 20:46:48 ----D---- C:\N360_BACKUP
2010-01-08 16:32:08 ----D---- C:\Program Files\trend micro
2010-01-08 16:32:04 ----D---- C:\rsit
2009-12-24 10:24:10 ----D---- C:\windows\ERDNT
2009-12-24 10:24:08 ----A---- C:\windows\system32\CF20885.exe
2009-12-23 17:10:29 ----D---- C:\Documents and Settings\Administrateur\Application Data\uniblue
2009-12-23 17:10:10 ----D---- C:\Program Files\Uniblue
2009-12-23 17:10:00 ----HDC---- C:\Documents and Settings\All Users\Application Data\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2009-12-22 22:22:34 ----D---- C:\Program Files\LightScribe Diagnostic Utility
2009-12-14 20:49:10 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-12-12 20:49:07 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan

======List of files/folders modified in the last 1 months======

2010-01-11 17:21:15 ----D---- C:\windows\Temp
2010-01-11 17:17:02 ----AD---- C:\WINDOWS
2010-01-11 17:15:30 ----A---- C:\windows\SchedLgU.Txt
2010-01-11 17:15:20 ----D---- C:\windows\Prefetch
2010-01-11 17:00:28 ----D---- C:\windows\Registration
2010-01-10 19:29:26 ----N---- C:\windows\system.ini
2010-01-10 19:26:09 ----D---- C:\windows\system32\drivers
2010-01-10 19:26:09 ----D---- C:\windows\AppPatch
2010-01-10 19:26:09 ----AD---- C:\windows\system32
2010-01-10 19:26:06 ----D---- C:\Program Files\Fichiers communs
2010-01-10 19:03:17 ----D---- C:\windows\system32\CatRoot2
2010-01-10 13:13:32 ----A---- C:\windows\{0000000A-00000000-00000001-00001102-00000004-20011102}.BAK
2010-01-09 19:07:53 ----RD---- C:\Mes documents
2010-01-09 11:20:46 ----SHD---- C:\windows\Installer
2010-01-09 00:19:03 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc
2010-01-08 22:04:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-08 19:23:04 ----D---- C:\windows\system32\config
2010-01-08 18:04:55 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-01-08 17:57:02 ----D---- C:\Program Files\Internet Explorer
2010-01-08 16:33:26 ----HD---- C:\windows\inf
2010-01-08 16:32:08 ----D---- C:\Program Files
2010-01-06 20:40:40 ----D---- C:\Program Files\Google
2010-01-06 20:13:30 ----A---- C:\windows\NeroDigital.ini
2010-01-03 18:30:03 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-01-03 18:30:03 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe
2009-12-31 12:40:36 ----SHD---- C:\windows\CSC
2009-12-28 22:52:44 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
2009-12-28 20:06:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
2009-12-26 13:51:21 ----D---- C:\windows\system32\Restore
2009-12-24 10:45:56 ----D---- C:\windows\network diagnostic
2009-12-24 10:29:53 ----SHD---- C:\System Volume Information
2009-12-23 17:53:24 ----SD---- C:\windows\Tasks
2009-12-23 17:51:55 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2009-12-22 22:22:34 ----D---- C:\windows\WinSxS
2009-12-13 19:48:44 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-12-13 19:48:33 ----SD---- C:\windows\Downloaded Program Files
2009-12-12 13:48:28 ----N---- C:\windows\win.ini
2009-12-12 09:19:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\Creative

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;Symantec Heuristics Driver; C:\windows\System32\Drivers\N360\0305020.00B\BHDrvx86.sys [2009-08-22 259632]
R1 ccHP;Symantec Hash Provider; C:\windows\System32\Drivers\N360\0305020.00B\ccHPx86.sys [2009-08-22 482432]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100106.001\IDSxpx86.sys []
R1 intelppm;Pilote de processeur Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\windows\system32\drivers\N360\0305020.00B\SRTSPX.SYS [2009-08-22 43696]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\windows\System32\Drivers\N360\0305020.00B\SYMTDI.SYS [2009-08-22 217136]
R2 ACEDRV08;ACEDRV08; \??\C:\WINDOWS\system32\drivers\ACEDRV08.sys []
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R2 ibmfilter;ibmfilter; \??\C:\WINDOWS\system32\drivers\ibmfilter.sys []
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
R2 PMEM;PMEM; \??\C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS []
R2 ROB_A;Pinnacle WDM PCTV Audio Capture; C:\windows\system32\DRIVERS\rob_a.sys [2003-02-10 17664]
R2 ROB_V;Pinnacle WDM PCTV Video Capture; C:\windows\system32\drivers\rob_v.sys [2003-04-11 125568]
R3 aeaudio;aeaudio; C:\windows\system32\drivers\aeaudio.sys [2004-05-17 133200]
R3 b57w2k;Broadcom NetXtreme Fast Ethernet; C:\windows\system32\DRIVERS\b57xp32.sys [2004-12-06 126720]
R3 btaudio;Périphérique audio Bluetooth; C:\windows\system32\drivers\btaudio.sys [2004-11-30 17024]
R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\windows\system32\DRIVERS\btport.sys [2004-11-30 30299]
R3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\windows\system32\DRIVERS\btwdndis.sys [2004-11-30 148040]
R3 ctac32k;Creative AC3 Software Decoder; C:\windows\system32\drivers\ctac32k.sys [2003-07-10 651792]
R3 ctaud2k;Creative Audio Driver (WDM); C:\windows\system32\drivers\ctaud2k.sys [2003-06-20 509328]
R3 ctprxy2k;Creative Proxy Driver; C:\windows\system32\drivers\ctprxy2k.sys [2003-06-20 6144]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\windows\system32\drivers\ctsfm2k.sys [2003-06-20 136016]
R3 ElbyDelay;ElbyDelay; C:\windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 emupia;E-mu Plug-in Architecture Driver; C:\windows\system32\drivers\emupia2k.sys [2003-07-10 145232]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\System32\Drivers\GEARAspiWDM.sys [2009-09-19 26600]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\windows\system32\drivers\ha10kx2k.sys [2003-06-27 860592]
R3 HidUsb;Pilote de classe HID Microsoft; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\windows\system32\DRIVERS\ialmnt5.sys [2005-02-22 807742]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\windows\system32\drivers\lvusbsta.sys [2005-05-27 22016]
R3 mouhid;Pilote HID de souris; C:\windows\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100110.017\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100110.017\NAVEX15.SYS []
R3 ossrv;Creative OS Services Driver; C:\windows\system32\drivers\ctoss2k.sys [2003-06-20 190208]
R3 pctvvbi;PCTVVBI; C:\windows\system32\DRIVERS\pctvvbi.sys [2002-11-11 6400]
R3 Pfc;Padus ASPI Shell; C:\windows\system32\drivers\pfc.sys [2002-06-17 14604]
R3 senfilt;senfilt; C:\windows\system32\drivers\senfilt.sys [2005-02-05 392832]
R3 smwdm;smwdm; C:\windows\system32\drivers\smwdm.sys [2004-09-01 259648]
R3 SRTSP;Symantec Real Time Storage Protection; C:\windows\System32\Drivers\N360\0305020.00B\SRTSP.SYS [2009-08-22 308272]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;Symantec Network Filter Driver; C:\windows\System32\Drivers\N360\0305020.00B\SYMFW.SYS [2009-08-22 89904]
R3 SYMIDS;Symantec Network Filter Driver; C:\windows\System32\Drivers\N360\0305020.00B\SYMIDS.SYS [2009-08-22 33072]
R3 SymIMMP;SymIMMP; C:\windows\system32\DRIVERS\SymIM.sys [2009-08-22 36400]
R3 SYMNDIS;Symantec Network Filter Driver; C:\windows\System32\Drivers\N360\0305020.00B\SYMNDIS.SYS [2009-08-22 36400]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbscan;Pilote de scanneur USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WpdUsb;WpdUsb; C:\windows\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S1 kbdhid;Pilote HID de clavier; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\windows\System32\Drivers\adildr.sys [2003-03-25 46455]
S3 ac97intc;Service d'installation du pilote audio Intel(r) 82801 (WDM); C:\windows\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 adiusbaw;USB ADSL WAN Adapter; C:\windows\system32\DRIVERS\adiusbaw.sys [2003-03-27 127145]
S3 Arp1394;Protocole client ARP 1394; C:\windows\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\windows\System32\Drivers\btwusb.sys [2004-11-30 55288]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\windows\system32\drivers\ctdvda2k.sys [2003-03-27 287920]
S3 E100B;Pilote de carte Intel (R) PRO; C:\windows\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 hap16v2k;Creative P16V HAL Driver; C:\windows\system32\drivers\hap16v2k.sys [2003-06-27 159040]
S3 Jukebox3;Jukebox3; C:\windows\system32\DRIVERS\ctpdusb.sys [2004-09-30 16880]
S3 MidiSyn;MidiSyn; C:\windows\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\windows\System32\Drivers\mod7700.sys [2007-04-18 473728]
S3 MODRC;DiBcom Infrared Receiver; C:\windows\system32\DRIVERS\modrc.sys [2007-02-06 13440]
S3 MPE;Filtre BDA MPE; C:\windows\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\windows\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\windows\system32\DRIVERS\pcdrndisuio.sys [2005-02-01 12416]
S3 psadd;IBM PSA Access Driver; \??\C:\WINDOWS\system32\Drivers\psadd.sys []
S3 QCMerced;Logitech QuickCam Communicate; C:\windows\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]
S3 SLIP;Détrameur décalage BDA; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\windows\system32\DRIVERS\SymIM.sys [2009-08-22 36400]
S3 usb_rndisx;Carte ISDN USB; C:\windows\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 USB28xxBGA;USB 2883 Device; C:\windows\system32\DRIVERS\emBDA.sys [2006-09-12 292864]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\windows\system32\DRIVERS\emOEM.sys [2006-08-21 7168]
S3 usbaudio;Pilote USB audio (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\windows\system32\DRIVERS\wceusbsh.sys [2006-04-10 104576]
S3 WSTCODEC;Codec Teletext standard; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtre de bus AGP Intel; C:\windows\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\windows\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\windows\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\windows\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\windows\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\windows\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtre de bus AGP SIS; C:\windows\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2007-10-12 685816]
S4 viaagp;Filtre de bus AGP VIA; C:\windows\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 IBM Rapid Restore Ultra Service;IBM Rapid Restore Ultra Service; C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe [2004-12-16 385024]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [2009-08-22 117640]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
S2 gupdate1ca477f3fcf988e;Service Google Update (gupdate1ca477f3fcf988e); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-07 133104]
S2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-08-11 68096]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 btwdins;Bluetooth Service; C:\Program Files\D-Link\Logiciel Bluetooth\bin\btwdins.exe [2004-11-30 163840]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Cwbrxd;Fonction Commande à distance d'iSeries Access for Windows; C:\WINDOWS\CWBRXD.EXE [2003-10-07 57344]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-18 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe []
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S4 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S4 W3SVC;Publication World Wide Web; C:\windows\system32\inetsrv\inetinfo.exe [2008-04-14 15872]

-----------------EOF-----------------

Télécharge OTM (OldTimer) sur ton Bureau.

Double-clique sur OTM.exe afin de le lancer.

Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:services
kkon

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}]

:files
c:\windows\system32\drivers\ibbgjs.sys

:commands
[purity]
[emptytemp]
[reboot]

Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

Clique maintenant sur le bouton MoveIt! puis ferme OTM.

---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log

Voila le rapport :
________________
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Error: No service named kkon was found to stop!
Unable to stop service kkon!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}\ deleted successfully.
========== FILES ==========
File/Folder c:\windows\system32\drivers\ibbgjs.sys not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 417780 bytes
->Temporary Internet Files folder emptied: 157086979 bytes
->Java cache emptied: 46288711 bytes
->Google Chrome cache emptied: 7882845 bytes

User: Administrateur.ATELIERS-AS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temporary Internet Files folder emptied: 67 bytes

User: JP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: jpillet
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 504274 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33543 bytes

User: usradm
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19617 bytes
%systemroot%\System32 .tmp files removed: 3834368 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16867 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 206,00 mb


OTM by OldTimer - Version 3.1.5.0 log created on 01112010_183611

Files moved on Reboot...
File C:\Documents and Settings\Administrateur\Local Settings\Temp\Perflib_Perfdata_1e0.dat not found!
C:\Documents and Settings\Administrateur\Local Settings\Temp\WCESLog.log moved successfully.
File move failed. C:\windows\S8E1DD430.tmp scheduled to be moved on reboot.
File C:\windows\temp\JET36CA.tmp not found!
File C:\windows\temp\Perflib_Perfdata_184.dat not found!

Registry entries deleted on Reboot...

Désinstalle les programmes suivants :
- J2SE Runtime Environment 5.0 Update 4
- Java 6 Update 15
- Java 6 Update 3
- Java 6 Update 7
- Java SE Runtime Environment 6

Mets à jour Java.

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.

Double-clique sur le fichier téléchargé pour lancer le processus d'installation.

Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.

Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.

Sélectionne Exécuter un examen rapide.

Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

Ferme tes navigateurs.

Si des malwares ont été détectés, clique sur Afficher les résultats.

Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Aucune infection trouvée :
--------------------------------
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3540
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

11/01/2010 19:31:10
mbam-log-2010-01-11 (19-31-10).txt

Type de recherche: Examen rapide
Eléments examinés: 143000
Temps écoulé: 20 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Plus de souci ?

Il semble que non !
Tous les pgms que j'ai appercu dans windows ne sont pas dangereux ?
-> zip, swxcacls, swsc, swreg, sed, pev, mbr et grep

Ce sont des composants de SmitfraudFix, Microsoft et ComboFix.


1/

Désinstalle HijackThis.

Télécharge ToolsCleaner2 sur ton Bureau.

Double-clique sur ToolsCleaner2.exe pour le lancer.

Clique sur Recherche et laisse le scan agir.

Clique sur Suppression pour finaliser.

Tu peux, si tu le souhaites, te servir des Options Facultatives.

Clique sur Quitter pour obtenir le rapport.

Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


2/

Télécharge et installe CCleaner Slim.

Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....

Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


3/

Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


==Prévention==

Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer.

Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

Par rapport au P2P : Lien

Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


==Problème résolu ?==

--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :

Clique, dans ton premier message, sur le bouton Editer .

Ajoute la mention [Résolu] devant le titre.

Clique ensuite sur Valider votre message.


Sois plus vigilant(e) sur Internet  

Voila le rapport :
---------------------
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Combofix: trouvé !
C:\Qoobox: trouvé !
C:\_OTM: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Administrateur\Bureau\OTM.exe: trouvé !
C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Administrateur\Bureau\Rsit.exe: trouvé !
C:\Documents and Settings\Administrateur\Bureau\Telechargements\HijackThis.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
C:\Qoobox\Quarantine\catchme.log: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !
C:\WINDOWS\mbr.exe: trouvé !
C:\WINDOWS\system32\*.msnfix: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\Administrateur\Bureau\OTM.exe: supprimé !
C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Administrateur\Bureau\Telechargements\HijackThis.exe: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\Documents and Settings\Administrateur\Bureau\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Qoobox\Quarantine\catchme.log: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\WINDOWS\mbr.exe: supprimé !
C:\WINDOWS\system32\*.msnfix: ERREUR DE SUPPRESSION !!
C:\Combofix: supprimé !
C:\Qoobox: supprimé !
C:\_OTM: supprimé !
C:\Rsit: supprimé !

Fichiers temporaires nettoyés !
Sauvegarde du registre crée !

----------------------------------------------------------------------------

Je ne sais pas comment te remercier de ton aide.

En tous cas, merci, et effectivement je vais faire gaffe maintenant.

Alors meilleurs voeux pour 2010 et bon vent.

Très Cordialement

Tu peux supprimer ToolsCleaner.

Bonne soirée  

Ok merci, et que vive l'entraide.