Hello Haribo76

de **at920** » 22 Déc 2008, 08:31

Salut Haribo76

J'espère que tout va bien et qu'il n'y a pas de problème :P))

.
Sinon pour info j'attends que tu regarde mon log que je puisse faire mon image.

A bientot

de **MoJac** » 22 Déc 2008, 14:45

Bonjour at920, :sour)

Haribot76 est en vacances, je vais donc prendre le relai:

Le log que tu as posté ne montre pas d'infection. J'espère que depuis les choses n'ont pas changé.

Avant de faire une image, je te conseille de refaire un scan acomplet avec ton antivirus au moins car on n'est jamais trop prudent (surtout avec avec un logiciel de P2P qui tourne).

Je te propose aussi quelques manip supplémentaires pour sécuriser ta machine:

1) Mise à jour de certains composants.

:ss)

Ta version d'Acrobat Reader est obsolète (la version actuelle est la 9). C'est un risque d'infection important.
Télécharge ICI la dernière version et installe la.

:ss)

Ta machine Java n'est pas à jour. Mets la à jour de la façon suivante:

Va dans Panneau de Configuration/Java
Sélectionne l'onglet Mises à jour.
Coche la case Automatiser la détection des mises à jour.
Clique ensuite sur Mettre à jour Maintenant. Ensuite laisse toi guider par le programme de mises à jour.
Retour au panneau de configuration et désinstalle tous les Java(TM) update présents sauf le dernier Java(TM) Update 11.

Désinstalle les outils utilisés[/B]:

Désinstalle HijackThis par Panneau de configuration et Ajouter/Supprimer des programmes
Supprime le dossier SmitFraudFix et le fichier SmitFraudFix.exe.

:ss)

Je te conseille par contre de garder MBAM qui est un excellent produit qu'il convient de passer régulièrement (après mise à jour bien entendu).

:ss)

Vide les points de restauration système qui sont inévitablement infectés.
Ceci t'évitera de remonter un point de sauvegarde infecté si un jour tu veux lancer une restauration système.

Dans Panneau de configuration/Système/onglet Restauration du système, coche Désactiver la restauration du système sur tous les lecteurs puis clique sur OK.
Arrete et Redémarre ta machine.
Tout de suite après reviens dans l'ongelet restauration, décoche la case Désactiver ... puis clique sur OK de façon à remettre la restauration système en fonction.

2) Quelques remarques complémentaires.

Les logiciels de sécurité (antivirus, anti-troyens ...), même les meilleurs, ne sont pas efficaces à 100% contre les menaces actuelles. Pour protéger efficacement ton PC il faut que tu connaisses les pièges tendus sur le net et que tu apprennes à les éviter. Pour cela, je t'invite à lire ce document de la Lutte Antimalwares. (Au format PDF)
Il est très complet alors prends ton temps pour le lire et fais le circuler autour de toi.
Les risques liés au P2P:Idées reçues
Comment infecter son PC en recherchant des cracks

Voilà , je pense que ça va bien se passer, si tu as des soucis, n'hésite pas à demander !! :C)

A plus

de **at920** » 22 Déc 2008, 20:38

MoJac a écrit:Bonjour at920,
Haribot76 est en vacances, je vais donc prendre le relai:

Merci c'est tres sympa

Le log que tu as posté ne montre pas d'infection. J'espère que depuis les choses n'ont pas changé.

Non je n'ai presque rien fait

Avant de faire une image, je te conseille de refaire un scan acomplet avec ton antivirus au moins car on n'est jamais trop prudent (surtout avec avec un logiciel de P2P qui tourne).

Ok

Je te propose aussi quelques manip supplémentaires pour sécuriser ta machine:
1) Mise à jour de certains composants.
Ta version d'Acrobat Reader est obsolète (la version actuelle est la 9). C'est un risque d'infection important.
Télécharge ICI la dernière version et installe la.

Fait

Ta machine Java n'est pas à jour. Mets la à jour de la façon suivante:
Va dans Panneau de Configuration/Java
Sélectionne l'onglet Mises à jour.
Coche la case Automatiser la détection des mises à jour.
Clique ensuite sur Mettre à jour Maintenant. Ensuite laisse toi guider par le programme de mises à jour.
Retour au panneau de configuration et désinstalle tous les Java(TM) update présents sauf le dernier Java(TM) Update 11.

Fait

Désinstalle les outils utilisés[/B]:
Désinstalle HijackThis par Panneau de configuration et Ajouter/Supprimer des programmes
Supprime le dossier SmitFraudFix et le fichier SmitFraudFix.exe.

Fait

Je te conseille par contre de garder MBAM qui est un excellent produit qu'il convient de passer régulièrement (après mise à jour bien entendu).

OK

Vide les points de restauration système qui sont inévitablement infectés.
Ceci t'évitera de remonter un point de sauvegarde infecté si un jour tu veux lancer une restauration système.

Dans Panneau de configuration/Système/onglet Restauration du système, coche Désactiver la restauration du système sur tous les lecteurs puis clique sur OK.
Arrete et Redémarre ta machine.
Tout de suite après reviens dans l'ongelet restauration, décoche la case Désactiver ... puis clique sur OK de façon à remettre la restauration système en fonction.

Fait

2) Quelques remarques complémentaires.
Les logiciels de sécurité (antivirus, anti-troyens ...), même les meilleurs, ne sont pas efficaces à 100% contre les menaces actuelles. Pour protéger efficacement ton PC il faut que tu connaisses les pièges tendus sur le net et que tu apprennes à les éviter. Pour cela, je t'invite à lire ce document de la Lutte Antimalwares. (Au format PDF)
Il est très complet alors prends ton temps pour le lire et fais le circuler autour de toi.
Les risques liés au P2P:Idées reçues
Comment infecter son PC en recherchant des cracks

Voilà , je pense que ça va bien se passer, si tu as des soucis, n'hésite pas à demander !!

Ok merci pour tout je fait mon image et je la teste ce coup ci

Merci a tous pour votre gentillesse Bon Noël très bonne année 2009 qu'elle vous apporte joie santé bonheur et prosperite

A plus

de **MoJac** » 22 Déc 2008, 21:04

Salut at920,

Tu as bien bossé ! :-o

Passe aussi de bonnes fêtes de fin d'année, avec plein de bonnes choses.

:H)

de **at920** » 28 Déc 2008, 14:14

Désolé mais je crois avoir encore besoin de tes services.
Ce matin plus moyen de lancer Nod32 ni Antispyware ni Ccleaner etc.....

Je crois qu'il reste encore un malveillant sur ma machine et qu'il est toujours actif.

J'ai un répertoire sur c -> c'est Avenger qui ne veut pas se supprimer ????

J'ai essayé de réinstalle ces programme et pas moyen

Si tu as un peut de temps peut tu me donner la marche a suivre

Merci d'avance

A++

de **MoJac** » 28 Déc 2008, 17:25

Salut at920,

Allons bon, une rechute ? Qu'as tu fait de particulier ?

En tout cas le fait de ne pas pouvoir lancer ces exécutables ne me laisse présager rien de bon.

En attendant ->Télécharge random's system information tool (RSIT) (de random/random) sur ton Bureau.

Double-clique sur RSIT.exe .
Clique Continue à l'écran "Disclaimer".
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (qui sera affiché)
et celui de info.txt (qui sera réduit dans la Barre des Tâches).
Ces 2 rapports sont aussi sauvegardés dans le dossier C:\rsit

2 rapports sont donc attendus.

A plus
PS: je ne garantis pas une réponse ce soir ... :nnn:

de **at920** » 28 Déc 2008, 17:59

Merci pour ta réponse

Voila le 1er log

Logfile of random's system information tool 1.05 (written by random/random)
Run by ADMIN at 2008-12-28 16:55:54
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 7 GB (14%) free of 50 GB
Total RAM: 3062 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:44:32, on 28/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\oodtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\UltraMon\UltraMonTaskbar.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\ADMIN\Application Data\drivers\downld\338703.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\ADMIN.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UltraMon] "C:\Program Files\UltraMon\UltraMon.exe" /auto
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe --ports
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/ ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF8A36C3-F746-4D2F-8484-A7A48CFFD874}: NameServer = 192.168.0.1
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: USBest Service Zero (UTSCSI) - USBest - C:\WINDOWS\system32\UTSCSI.EXE

--
End of file - 13206 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for ADMIN.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2007-02-16 63048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-22 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-22 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2004-07-29 190616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-22 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2007-02-16 161352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=sttray.exe []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"OmniPage"=C:\Program Files\Caere\OmniPagePro90\opware32.exe [1998-10-28 44032]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2006-09-05 94208]
"Logitech Hardware Abstraction Layer"=C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE [2006-09-05 94208]
"Logitech BT Wizard"=LBTWiz.exe -silent []
"Easy Synchronization"=C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe [2005-10-05 53248]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-12-28 15872]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
"NWEReboot"= []
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]
"CTSysVol"=C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344]
"P17Helper"=Rundll32 P17.dll []
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-07 2620336]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-07 904880]
"Acronis Scheduler2 Service"=C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2007-10-07 140568]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2007-06-28 2512128]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"UltraMon"=C:\Program Files\UltraMon\UltraMon.exe [2006-10-12 304640]
"AdobeCS4ServiceManager"=C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-11-13 611712]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-02-18 77824]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2007-11-14 91432]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-22 136600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-12-03 399504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Easy Synchronization"=C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe [2005-10-05 53248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-03-20 794632]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"TaskSwitchXP"=C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe [2006-08-04 62976]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll [2006-10-25 65536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{FE24CD78-7C63-465D-8787-4EDF7FC79895}"=C:\Program Files\Logitech\Easy Synchronization\shellexecutehook.dll [2005-10-05 69632]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\Sony\Media Manager for PSP 2.5\MediaManager.exe"="C:\Program Files\Sony\Media Manager for PSP 2.5\MediaManager.exe:*:Enabled:Media Manager for PSP 2.5"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe"="C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:*:Enabled:VoipBuster"
"C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55521ec9-3d6e-11dd-b2da-806d6172696f}]
shell\AutoRun\command - F:\LGE.exe

======File associations======

.js - edit -
.js - open -
.txt - open -

======List of files/folders created in the last 1 months======

2008-12-28 16:44:23 ----D---- C:\rsit
2008-12-28 13:58:02 ----HD---- C:\Documents and Settings\ADMIN\Application Data\m
2008-12-28 12:38:26 ----D---- C:\Avanger
2008-12-28 11:56:54 ----A---- C:\WINDOWS\system32\ban_list.txt
2008-12-28 10:07:38 ----D---- C:\Documents and Settings\All Users\Application Data\DxO_Labs
2008-12-27 19:38:01 ----D---- C:\Program Files\InterLok
2008-12-27 19:24:52 ----HD---- C:\Documents and Settings\ADMIN\Application Data\drivers
2008-12-27 18:33:28 ----D---- C:\Documents and Settings\ADMIN\Application Data\DxO_Labs
2008-12-27 18:33:08 ----D---- C:\Documents and Settings\ADMIN\Application Data\DxO Labs
2008-12-27 18:32:55 ----D---- C:\Program Files\Fichiers communs\PACE Anti-Piracy
2008-12-27 18:32:55 ----D---- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
2008-12-27 18:32:55 ----D---- C:\Documents and Settings\ADMIN\Application Data\PACE Anti-Piracy
2008-12-27 18:31:27 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-27 18:29:30 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-27 18:29:26 ----D---- C:\WINDOWS\system32\en-US
2008-12-27 18:29:22 ----D---- C:\Program Files\Reference Assemblies
2008-12-27 18:28:57 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2008-12-27 18:28:57 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2008-12-27 18:28:57 ----N---- C:\WINDOWS\system32\prntvpt.dll
2008-12-27 18:27:05 ----SHD---- C:\Config.Msi
2008-12-27 18:08:29 ----D---- C:\Program Files\DxO Labs
2008-12-23 18:03:31 ----D---- C:\Documents and Settings\ADMIN\Application Data\Acronis
2008-12-23 07:26:06 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-22 19:48:28 ----SHD---- C:\RECYCLER
2008-12-22 19:26:41 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-19 03:00:34 ----A---- C:\WINDOWS\imsins.BAK
2008-12-12 06:33:53 ----A---- C:\WINDOWS\system32\tmp.txt
2008-12-11 04:09:23 ----SHD---- C:\System Volume Information
2008-12-10 04:11:15 ----A---- C:\WINDOWS\system32\VACFix.exe
2008-12-10 04:11:15 ----A---- C:\WINDOWS\system32\o4Patch.exe
2008-12-10 04:11:15 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-12-10 04:11:15 ----A---- C:\WINDOWS\system32\404Fix.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\swxcacls.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\swsc.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\swreg.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\IEDFix.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\dumphive.exe
2008-12-10 04:11:13 ----A---- C:\WINDOWS\system32\Process.exe
2008-12-10 04:01:33 ----D---- C:\WINDOWS\Temp
2008-12-09 02:39:49 ----D---- C:\Program Files\Trend Micro
2008-12-02 20:44:19 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-02 20:44:19 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-02 20:44:18 ----A---- C:\WINDOWS\system32\java.exe

======List of files/folders modified in the last 1 months======

2008-12-28 16:54:28 ----D---- C:\Program Files\Mozilla Firefox
2008-12-28 13:58:11 ----D---- C:\WINDOWS\Prefetch
2008-12-28 13:53:11 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-28 13:52:55 ----D---- C:\WINDOWS\system32\drivers
2008-12-28 13:52:24 ----D---- C:\WINDOWS
2008-12-28 13:51:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-28 13:00:51 ----SHD---- C:\WINDOWS\Installer
2008-12-28 12:51:01 ----D---- C:\WINDOWS\system32
2008-12-28 12:38:26 ----RD---- C:\Program Files
2008-12-28 12:32:15 ----HD---- C:\WINDOWS\inf
2008-12-28 12:31:35 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-28 11:34:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-28 11:13:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-28 11:12:38 ----SD---- C:\WINDOWS\Tasks
2008-12-28 10:58:10 ----D---- C:\WINDOWS\SxsCaPendDel
2008-12-28 10:53:10 ----ASD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-28 10:53:10 ----AHD---- C:\Program Files\WindowsUpdate
2008-12-28 10:48:03 ----D---- C:\Program Files\eMule
2008-12-28 09:02:47 ----D---- C:\Program Files\Azureus
2008-12-28 09:02:45 ----D---- C:\Documents and Settings\ADMIN\Application Data\Azureus
2008-12-27 20:25:55 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-27 20:25:44 ----RSD---- C:\WINDOWS\assembly
2008-12-27 19:38:02 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-27 19:38:00 ----D---- C:\WINDOWS\Downloaded Installations
2008-12-27 18:32:56 ----D---- C:\Program Files\Outlook Express
2008-12-27 18:32:56 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-12-27 18:32:55 ----D---- C:\Program Files\Fichiers communs
2008-12-27 18:31:14 ----D---- C:\WINDOWS\system32\fr-fr
2008-12-27 18:30:20 ----D---- C:\WINDOWS\WinSxS
2008-12-27 18:30:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-27 18:29:27 ----D---- C:\Program Files\MSBuild
2008-12-27 18:29:25 ----RSD---- C:\WINDOWS\Fonts
2008-12-27 18:29:12 ----D---- C:\WINDOWS\system32\spool
2008-12-27 17:56:09 ----D---- C:\Documents and Settings\ADMIN\Application Data\Nikon
2008-12-27 10:48:44 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-22 20:37:10 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-22 19:53:39 ----D---- C:\Program Files\Ad-Aware SE Professional
2008-12-22 19:48:11 ----D---- C:\Program Files\Fichiers communs\Adobe
2008-12-22 19:48:11 ----D---- C:\Program Files\Adobe
2008-12-22 19:45:44 ----D---- C:\WINDOWS\system32\Restore
2008-12-22 19:26:27 ----D---- C:\Program Files\Java
2008-12-22 07:33:56 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-12-19 03:00:22 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-16 04:38:03 ----D---- C:\Program Files\Logitech
2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 14:53:10 ----D---- C:\WINDOWS\Minidump
2008-12-12 14:53:10 ----D---- C:\WINDOWS\Debug
2008-12-12 06:33:54 ----D---- C:\Program Files\Google
2008-12-10 18:12:39 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-12-10 18:11:31 ----D---- C:\Program Files\Internet Explorer
2008-12-10 18:11:14 ----D---- C:\WINDOWS\ie7updates
2008-12-10 04:31:08 ----D---- C:\WINDOWS\BDOSCAN8
2008-12-10 00:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-09 02:48:26 ----D---- C:\Documents and Settings\ADMIN\Application Data\Mozilla
2008-11-30 15:20:07 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-11-30 15:19:25 ----D---- C:\Documents and Settings\ADMIN\Application Data\CyberLink
2008-11-30 15:17:10 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-30 15:16:31 ----D---- C:\Program Files\CyberLink

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Asapi;Asapi; C:\WINDOWS\system32\drivers\Asapi.sys [2002-04-17 11264]
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-12-22 73312]
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2006-10-25 3712]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-06-20 44384]
R2 UltraMonUtility;UltraMon Utility Driver; \??\C:\Program Files\Fichiers communs\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2006-08-17 328285]
R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-08-17 30427]
R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-08-17 851642]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-08-17 45747]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-08-17 65784]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-06-05 230400]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2006-06-01 43264]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidKe;SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-09-05 27136]
R3 LHidUsbK;SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2006-09-05 36736]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-09-05 71936]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2006-11-24 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2008-06-20 10368]
R3 UltraMonMirror;UltraMonMirror; C:\WINDOWS\system32\DRIVERS\UltraMonMirror.sys [2006-09-24 3584]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys []
S1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys []
S2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys []
S3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2003-11-28 11264]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMIN\LOCALS~1\Temp\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 DFUBTUSB;WIDCOMM USB Bluetooth Driver in DFU State; C:\WINDOWS\System32\Drivers\frmupgr.sys [2006-11-23 19372]
S3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
S3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
S3 EUCR;ENE USB Mass Storage; C:\WINDOWS\system32\DRIVERS\EUCR6SK.SYS [2005-08-17 40704]
S3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-09-05 13568]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2006-09-05 56064]
S3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-02 41728]
S3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-05-26 1177032]
S3 usb_rndisx;Carte ISDN USB; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
S3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2005-10-05 18167]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2005-10-05 47104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]
S3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2005-02-09 316040]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2007-10-07 427288]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-08-17 266295]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-22 152984]
R2 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE [2006-10-25 110592]
R2 Logitech Easy Synchronization;Logitech Easy Synchronization; C:\Program Files\Logitech\Easy Synchronization\servicestub.exe [2005-10-05 65536]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2008-12-03 170640]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2007-06-28 1049856]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-08 493200]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UTSCSI;USBest Service Zero; C:\WINDOWS\system32\UTSCSI.EXE [2006-11-23 45568]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2008-12-28 312880]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-09 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-23 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-06-21 69120]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
pas de trace de info.txt rien dans la barre ni sur C:

-----------------EOF-----------------
Celui de MBAM

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1562
Windows 5.1.2600 Service Pack 3

28/12/2008 16:42:05
mbam-log-2008-12-28 (16-42-05).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 309819
Temps écoulé: 54 minute(s), 40 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\ADMIN\Application Data\m (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Documents and Settings\ADMIN\Application Data\drivers\srosa2.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\Documents and Settings\ADMIN\Application Data\m\flec006.exe (Trojan.Agent) -> Delete on reboot.

En esperant que cela suffise

Merci encore et au plaisir

de **MoJac** » 28 Déc 2008, 19:35

Bonsoir,

En esperant que cela suffise

Non ce ne sera pas suffisant :nnn:

Bagle partiellement éradiqué par MBAM.

Origine:

C:\Program Files\eMule
C:\Program Files\Azureus

Il va falloir utiliser l'artillerie lourde.

Attend les prochaines instructions.

de **at920** » 29 Déc 2008, 00:34

Ok des que tu as une minute regarde cela
J'attends la suite des instruction
Encore merci et bonne soirée

de **MoJac** » 29 Déc 2008, 10:31

Bonjour,

On va utiliser un outil anti-bagle qui désinfecte et en plus répare les parties du registre ravagées par Bagle:
:ss)

Télécharge FindyKill de Chiquitine29 sur ton bureau

Double-clique sur l'icone de FindyKill sur ton bureau pour lancer le programme.
Le programme d'installation va se lancer.
Clique sur Next, coche la case "I agree with the above terms and conditions" pour accepter les conditions d'utilisation puis clique sur Next.
Clique sur Next ou OK ou Oui dans les écrans suivants jusqu'à arriver à la fin de l'installation.
Sors du programme d'installation en cliquant sur Exit.
Une nouvelle icone FindyKill va apparaitre sur ton bureau: .
Double clique sur cette icone pour lancer l'outil.
Une fenêtre noire va s'ouvrir. Appuie sur "F" pour passer le programme en français.
Le menu principal du programme va s'afficher.
Appuie sur "1" pour lancer la recherche de fichiers infectieux.
Patiente le temps que l'outil scanne ton disque dur sans rien toucher.
Lorsqu'il a terminé, appuie sur n'importe quelle touche pour faire apparaitre le rapport. Copie-colle ce rapport dans ta prochaine réponse.
Le rapport se trouve aussi à la racine de ta partition système (généralement C:/FindyKill.txt)

Ne fait rien d'autre pour l'instant, coupe le P2P pendant la désinfection ...
Je repasse dés que possible. Un peu de patience

de **at920** » 29 Déc 2008, 14:28

Merci pour ta réponse et prendre sur ton temps pour m'aider a nouveau.
J'avais pris un peut d'avance et j'avais deja passe un coup de FindyKill.

Voila le dernier rapport

----------------- FindyKill V4.710 ------------------

* User : ADMIN - THIERRY
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 13:20:00 le 29/12/2008
* Windows XP - Internet Explorer 7.0.5730.11

((((((((((((((((( *** Recherche *** ))))))))))))))))))

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\UltraMon\UltraMonTaskbar.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\CAERE\OMNIPA~1\OPWARE16.EXE
C:\WINDOWS\SYSTEM32\WOWEXEC.EXE

--------------- [ Fichiers/Dossiers infectieux ] ----------------

»»»» Presence des fichiers dans C:

»»»» Presence des fichiers dans C:\WINDOWS

»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

»»»» Presence des fichiers dans C:\WINDOWS\system32

»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

»»»» Presence des fichiers dans C:\Documents and Settings\ADMIN\Application Data

Found ! [29/12/2008 12:26] - "C:\Documents and Settings\ADMIN\Application Data\drivers"
Found ! [29/12/2008 07:17] - "C:\Documents and Settings\ADMIN\Application Data\drivers\downld"
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\107625.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\108125.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\108375.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\118671.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\119218.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\130703.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\134250.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\134546.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\135031.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\135421.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\135671.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\147078.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\147718.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\148000.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\148703.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\149515.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\149796.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\170625.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\198828.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\199437.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\199718.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\216984.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\217234.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\287421.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\287890.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\299671.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\300640.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\301015.exe.ren
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\301671.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\303500.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\304718.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\311609.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\322656.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\323156.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\323437.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\336468.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\337187.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\346640.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\347453.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\347703.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\347796.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\348187.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\348421.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\349390.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\349765.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\350375.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\350875.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\351812.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\352171.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\353484.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\358640.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\359796.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\360281.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\360984.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\363265.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\363375.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\364359.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\364734.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\364906.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\365578.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\367812.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\369359.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\369531.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\370031.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\370296.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\376484.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\377125.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\377562.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\382703.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\383140.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\383406.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\384625.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\385046.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\385312.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\387703.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\388203.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\388515.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\401125.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\401531.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\401796.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\402218.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\403046.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\406140.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\406546.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\406796.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\407484.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\407687.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\407734.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\412078.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\413046.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\413406.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\429828.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\430093.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\430156.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\436968.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\437265.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\437328.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\47296.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\48796.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\48875.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\49234.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\50000.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\50015.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\51812.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\52390.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\52421.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\525281.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\525687.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\525953.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\568875.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\569250.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\569281.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\60796.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\60968.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\61703.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\61734.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\61781.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\61828.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\63156.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\65531.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\66171.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\66593.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\66671.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\82796.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\83328.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\83609.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\84250.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\84921.exe
Found ! [29/12/2008 07:17] - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\91906.exe

»»»» Presence des fichiers dans C:\DOCUME~1\ADMIN\LOCALS~1\Temp

»»»» Presence des fichiers dans C:\Documents and Settings\ADMIN\Local Settings\Temporary Internet Files\Content.IE5

Found ! [27/12/2008 19:47] - C:\Documents and Settings\ADMIN\Application Data\DxO Labs\DxO Optics Pro\Storage\dxoThumbs\59b6414f-2775-458f-b2fb-143525052c6a.jpg
Found ! [27/12/2008 19:47] - C:\Documents and Settings\ADMIN\Application Data\DxO Labs\DxO Optics Pro\Storage\dxoThumbs\6c22619c-0c80-4599-ac50-a5b64137644f.jpg
Found ! [27/12/2008 19:47] - C:\Documents and Settings\ADMIN\Application Data\DxO Labs\DxO Optics Pro\Storage\dxoThumbs\fdae6a1b-c54a-4763-b0ac-6b6407a8107a.jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
TaskSwitchXP=C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
H/PC Connection Agent="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
AdobeBridge=
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO>=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
SigmatelSysTrayApp=sttray.exe
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz=nwiz.exe /install
OmniPage=C:\Program Files\Caere\OmniPagePro90\opware32.exe
Kernel and Hardware Abstraction Layer=KHALMNPR.EXE
Logitech Hardware Abstraction Layer="C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
Logitech BT Wizard=LBTWiz.exe -silent
Easy Synchronization=C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
UnlockerAssistant="C:\Program Files\Unlocker\UnlockerAssistant.exe"
CloneCDTray="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
NWEReboot=
NeroFilterCheck=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
!AVG Anti-Spyware="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
CTSysVol=C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
P17Helper=Rundll32 P17.dll,P17Helper
UpdReg=C:\WINDOWS\UpdReg.EXE
PCSuiteTrayApplication=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
TrueImageMonitor.exe=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
AcronisTimounterMonitor=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
Acronis Scheduler2 Service="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
OODefragTray=C:\WINDOWS\system32\oodtray.exe
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
UltraMon="C:\Program Files\UltraMon\UltraMon.exe" /auto
AdobeCS4ServiceManager="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
RemoteControl8="C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
PDVD8LanguageShortcut="C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
BDRegion=C:\Program Files\Cyberlink\Shared Files\brs.exe
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Malwarebytes' Anti-Malware="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
egui="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\crac]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\MMDiag]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\NMBgMonitor]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\ShootNum6]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------

Found ! - HKEY_USERS\S-1-5-21-682003330-813497703-725345543-1003\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-682003330-813497703-725345543-1003\Software\FFC
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S

--------------- [ Etat / Services ] ----------------

+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

/!\ wscsvc - Type de démarrage = 4

--------------- [ Recherche dans supports amovibles] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur fixe

F: - Lecteur de CD-ROM

+- Contenu de l'autorun : F:\autorun.inf

[AutoRun]
OPEN = LGE.exe
ICON = ACRORD\LG.ICO

+- presence des fichiers :

Found ! [06/05/2004 01:00][-r-------] - F:\autorun.inf

--------------- [ Registre / Mountpoint2 ] ----------------

-> Not found !

------------------- ! Fin du rapport ! --------------------

Bizzare ils sont toujours la ???????????????
Je suis nul alors j'atteds tes instructions

A bientot

de **MoJac** » 29 Déc 2008, 16:48

Ok,
- Relance FindyKill option 2 cette fois, et poste le rapport.
- Refait un scan HiJackThis et poste aussi le rapport.

Et dis nous ce qui se passe avec ta machine.

A plus.

de **at920** » 29 Déc 2008, 20:06

Voila le nouveau log après désinfection pourtant ça a l'air toujours pareil
Bizzare ???????????????

Pour les symptôme il y en a plus car j'arrive a nouveau a lancer NOD AVG et CCcleaner

Par contre il y a pleins de spyware etc ...........

----------------- FindyKill V4.710 ------------------

* User : ADMIN - THIERRY
* executed from : C:\Program Files\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 18:31:23 the 29/12/2008
* Windows XP - Internet Explorer 7.0.5730.11

((((((((((((((( *** deleting *** ))))))))))))))))))

--------------- [ Active Processes ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe

--------------- [ Infected files / folders ] ----------------

»»»» Supression files in C:

»»»» Supression files in C:\WINDOWS

»»»» Supression files in C:\WINDOWS\Prefetch

»»»» Supression files in C:\WINDOWS\system32

»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming

»»»» Supression files in C:\WINDOWS\system32\drivers

»»»» Supression files in C:\Documents and Settings\ADMIN\Application Data

Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\107625.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\108125.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\108375.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\118671.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\119218.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\130703.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\134250.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\134546.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\135031.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\135421.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\135671.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\147078.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\147718.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\148000.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\148703.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\149515.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\149796.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\170625.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\198828.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\199437.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\199718.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\216984.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\217234.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\287421.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\287890.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\299671.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\300640.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\301015.exe.ren
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\301671.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\303500.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\304718.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\311609.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\322656.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\323156.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\323437.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\336468.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\337187.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\346640.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\347453.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\347703.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\347796.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\348187.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\348421.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\349390.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\349765.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\350375.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\350875.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\351812.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\352171.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\353484.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\358640.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\359796.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\360281.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\360984.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\363265.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\363375.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\364359.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\364734.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\364906.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\365578.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\367812.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\369359.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\369531.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\370031.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\370296.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\376484.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\377125.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\377562.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\382703.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\383140.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\383406.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\384625.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\385046.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\385312.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\387703.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\388203.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\388515.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\401125.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\401531.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\401796.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\402218.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\403046.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\406140.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\406546.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\406796.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\407484.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\407687.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\407734.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\412078.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\413046.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\413406.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\429828.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\430093.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\430156.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\436968.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\437265.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\437328.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\47296.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\48796.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\48875.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\49234.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\50000.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\50015.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\51812.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\52390.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\52421.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\525281.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\525687.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\525953.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\568875.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\569250.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\569281.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\60796.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\60968.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\61703.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\61734.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\61781.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\61828.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\63156.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\65531.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\66171.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\66593.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\66671.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\82796.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\83328.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\83609.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\84250.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\84921.exe
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\drivers\downld\91906.exe
Deleted ! - "C:\Documents and Settings\ADMIN\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\ADMIN\Application Data\drivers"

»»»» Supression files in C:\DOCUME~1\ADMIN\LOCALS~1\Temp

»»»» Supression files in C:\Documents and Settings\ADMIN\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\ADMIN\Application Data\DxO Labs\DxO Optics Pro\Storage\dxoThumbs\59b6414f-2775-458f-b2fb-143525052c6a.jpg
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\DxO Labs\DxO Optics Pro\Storage\dxoThumbs\6c22619c-0c80-4599-ac50-a5b64137644f.jpg
Deleted ! - C:\Documents and Settings\ADMIN\Application Data\DxO Labs\DxO Optics Pro\Storage\dxoThumbs\fdae6a1b-c54a-4763-b0ac-6b6407a8107a.jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-682003330-813497703-725345543-1003\Software\Local AppWizard-Generated Applications\winupgro

--------------- [ States / Restarting of services ] ----------------

+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur fixe

F: - Lecteur de CD-ROM

+- deleting files :

Not deleted !! - F:\autorun.inf

--------------- [ Registry / Mountpoint2 ] ----------------

-> Not found !

--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\ADMIN\Favoris\Informatique\Apprendre a cracker.url
C:\Documents and Settings\ADMIN\Mes documents\Azureus Downloads\DxO Optics Pro 4.5.1 - Elite\Crack
C:\Documents and Settings\ADMIN\Mes documents\Azureus Downloads\DxO Optics Pro 4.5.1 - Elite\Crack\ActivationServices.dll
C:\Documents and Settings\ADMIN\Mes documents\Azureus Downloads\DxO Optics Pro 4.5.1 - Elite\Crack\dopcor.exe
C:\Documents and Settings\ADMIN\Mes documents\Azureus Downloads\DxO Optics Pro 4.5.1 - Elite\Crack\DxOOpticsPro.exe
C:\Documents and Settings\All Users\Application Data\Adobe\Photoshop Elements\7.0\Photo Creations\backgrounds\Cracked Paint.jpg
C:\Documents and Settings\All Users\Application Data\Adobe\Photoshop Elements\7.0\Photo Creations\backgrounds\Cracked Paint.metadata.xml
C:\Documents and Settings\All Users\Application Data\Adobe\Photoshop Elements\7.0\Photo Creations\backgrounds\Cracked Paint.thumbnail.jpg

---------------- ! End of report ! ------------------

Voila le log HijackThis

Logfile of random's system information tool 1.05 (written by random/random)
Run by ADMIN at 2008-12-29 19:04:19
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 7 GB (13%) free of 50 GB
Total RAM: 3062 MB (75% free)

Logfile of Trend Micro v2.0.2
Scan saved at 19:04:27, on 29/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\TELECHARGEMENT\RSIT.exe
C:\Program Files\trend micro\ADMIN.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UltraMon] "C:\Program Files\UltraMon\UltraMon.exe" /auto
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/ ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF8A36C3-F746-4D2F-8484-A7A48CFFD874}: NameServer = 192.168.0.1
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: USBest Service Zero (UTSCSI) - USBest - C:\WINDOWS\system32\UTSCSI.EXE

--
End of file - 12549 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for ADMIN.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2007-02-16 63048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-22 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-22 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2004-07-29 190616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-22 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2007-02-16 161352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=sttray.exe []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"OmniPage"=C:\Program Files\Caere\OmniPagePro90\opware32.exe [1998-10-28 44032]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2006-09-05 94208]
"Logitech Hardware Abstraction Layer"=C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE [2006-09-05 94208]
"Logitech BT Wizard"=LBTWiz.exe -silent []
"Easy Synchronization"=C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe [2005-10-05 53248]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-12-28 15872]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
"NWEReboot"= []
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]
"CTSysVol"=C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344]
"P17Helper"=Rundll32 P17.dll []
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-07 2620336]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-07 904880]
"Acronis Scheduler2 Service"=C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2007-10-07 140568]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2007-06-28 2512128]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"UltraMon"=C:\Program Files\UltraMon\UltraMon.exe [2006-10-12 304640]
"AdobeCS4ServiceManager"=C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-11-13 611712]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-02-18 77824]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2007-11-14 91432]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-22 136600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-12-03 399504]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-07-01 1447168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"TaskSwitchXP"=C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe [2006-08-04 62976]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll [2006-10-25 65536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{FE24CD78-7C63-465D-8787-4EDF7FC79895}"=C:\Program Files\Logitech\Easy Synchronization\shellexecutehook.dll [2005-10-05 69632]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NBF]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nbf.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProtectedStorage]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sglfb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\Sony\Media Manager for PSP 2.5\MediaManager.exe"="C:\Program Files\Sony\Media Manager for PSP 2.5\MediaManager.exe:*:Enabled:Media Manager for PSP 2.5"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe"="C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:*:Enabled:VoipBuster"
"C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======File associations======

.js - edit -
.js - open -
.txt - open -

======List of files/folders created in the last 1 months======

2008-12-29 19:04:19 ----D---- C:\rsit
2008-12-29 18:31:23 ----A---- C:\FindyKill.txt
2008-12-29 13:19:40 ----D---- C:\Program Files\FindyKill
2008-12-29 12:19:45 ----A---- C:\WINDOWS\gmer.exe
2008-12-29 04:26:48 ----A---- C:\WINDOWS\gmer.dll
2008-12-28 19:34:44 ----A---- C:\gmer.ini
2008-12-28 19:06:29 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-12-28 18:47:43 ----A---- C:\TCleaner.txt
2008-12-28 18:47:32 ----SHD---- C:\RECYCLER
2008-12-28 17:54:33 ----A---- C:\kceztu.txt
2008-12-28 12:38:26 ----D---- C:\Avanger
2008-12-28 10:07:38 ----D---- C:\Documents and Settings\All Users\Application Data\DxO_Labs
2008-12-27 19:38:01 ----D---- C:\Program Files\InterLok
2008-12-27 18:33:28 ----D---- C:\Documents and Settings\ADMIN\Application Data\DxO_Labs
2008-12-27 18:33:08 ----D---- C:\Documents and Settings\ADMIN\Application Data\DxO Labs
2008-12-27 18:32:55 ----D---- C:\Program Files\Fichiers communs\PACE Anti-Piracy
2008-12-27 18:32:55 ----D---- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
2008-12-27 18:32:55 ----D---- C:\Documents and Settings\ADMIN\Application Data\PACE Anti-Piracy
2008-12-27 18:31:27 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-27 18:29:30 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-27 18:29:26 ----D---- C:\WINDOWS\system32\en-US
2008-12-27 18:29:22 ----D---- C:\Program Files\Reference Assemblies
2008-12-27 18:28:57 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2008-12-27 18:28:57 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2008-12-27 18:28:57 ----N---- C:\WINDOWS\system32\prntvpt.dll
2008-12-27 18:08:29 ----D---- C:\Program Files\DxO Labs
2008-12-23 18:03:31 ----D---- C:\Documents and Settings\ADMIN\Application Data\Acronis
2008-12-22 19:26:41 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-12 06:33:53 ----A---- C:\WINDOWS\system32\tmp.txt
2008-12-11 04:09:23 ----SHD---- C:\System Volume Information
2008-12-10 04:11:15 ----A---- C:\WINDOWS\system32\VACFix.exe
2008-12-10 04:11:15 ----A---- C:\WINDOWS\system32\o4Patch.exe
2008-12-10 04:11:15 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-12-10 04:11:15 ----A---- C:\WINDOWS\system32\404Fix.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\swxcacls.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\swsc.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\swreg.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\IEDFix.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\dumphive.exe
2008-12-10 04:11:13 ----A---- C:\WINDOWS\system32\Process.exe
2008-12-10 04:01:33 ----D---- C:\WINDOWS\Temp
2008-12-09 02:39:49 ----D---- C:\Program Files\Trend Micro
2008-12-02 20:44:19 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-02 20:44:19 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-02 20:44:18 ----A---- C:\WINDOWS\system32\java.exe

======List of files/folders modified in the last 1 months======

2008-12-29 19:00:33 ----D---- C:\Program Files\eMule
2008-12-29 19:00:00 ----D---- C:\Program Files\Mozilla Firefox
2008-12-29 18:34:22 ----D---- C:\WINDOWS\Prefetch
2008-12-29 18:34:21 ----D---- C:\WINDOWS
2008-12-29 18:30:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-29 13:19:40 ----RD---- C:\Program Files
2008-12-29 07:40:01 ----D---- C:\WINDOWS\system32\drivers
2008-12-29 07:25:37 ----HD---- C:\WINDOWS\inf
2008-12-29 07:16:04 ----SHD---- C:\WINDOWS\Installer
2008-12-29 07:15:51 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-28 23:37:24 ----D---- C:\WINDOWS\system32
2008-12-28 18:59:40 ----D---- C:\WINDOWS\BDOSCAN8
2008-12-28 17:49:51 ----D---- C:\Program Files\SC
2008-12-28 12:31:35 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-28 11:34:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-28 11:13:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-28 11:12:38 ----SD---- C:\WINDOWS\Tasks
2008-12-28 10:58:10 ----D---- C:\WINDOWS\SxsCaPendDel
2008-12-28 10:53:10 ----ASD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-28 10:53:10 ----AHD---- C:\Program Files\WindowsUpdate
2008-12-28 09:02:47 ----D---- C:\Program Files\Azureus
2008-12-28 09:02:45 ----D---- C:\Documents and Settings\ADMIN\Application Data\Azureus
2008-12-27 20:25:55 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-27 20:25:44 ----RSD---- C:\WINDOWS\assembly
2008-12-27 19:38:02 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-27 19:38:00 ----D---- C:\WINDOWS\Downloaded Installations
2008-12-27 18:32:56 ----D---- C:\Program Files\Outlook Express
2008-12-27 18:32:56 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-12-27 18:32:55 ----D---- C:\Program Files\Fichiers communs
2008-12-27 18:31:14 ----D---- C:\WINDOWS\system32\fr-fr
2008-12-27 18:30:20 ----D---- C:\WINDOWS\WinSxS
2008-12-27 18:30:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-27 18:29:27 ----D---- C:\Program Files\MSBuild
2008-12-27 18:29:25 ----RSD---- C:\WINDOWS\Fonts
2008-12-27 18:29:12 ----D---- C:\WINDOWS\system32\spool
2008-12-27 17:56:09 ----D---- C:\Documents and Settings\ADMIN\Application Data\Nikon
2008-12-27 10:48:44 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-22 20:37:10 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-22 19:53:39 ----D---- C:\Program Files\Ad-Aware SE Professional
2008-12-22 19:48:11 ----D---- C:\Program Files\Fichiers communs\Adobe
2008-12-22 19:48:11 ----D---- C:\Program Files\Adobe
2008-12-22 19:45:44 ----D---- C:\WINDOWS\system32\Restore
2008-12-22 19:26:27 ----D---- C:\Program Files\Java
2008-12-22 07:33:56 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-12-19 03:00:22 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-16 04:38:03 ----D---- C:\Program Files\Logitech
2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 14:53:10 ----D---- C:\WINDOWS\Minidump
2008-12-12 14:53:10 ----D---- C:\WINDOWS\Debug
2008-12-12 06:33:54 ----D---- C:\Program Files\Google
2008-12-10 18:12:39 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-12-10 18:11:31 ----D---- C:\Program Files\Internet Explorer
2008-12-10 18:11:14 ----D---- C:\WINDOWS\ie7updates
2008-12-10 00:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-09 02:48:26 ----D---- C:\Documents and Settings\ADMIN\Application Data\Mozilla
2008-11-30 15:20:07 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-11-30 15:19:25 ----D---- C:\Documents and Settings\ADMIN\Application Data\CyberLink
2008-11-30 15:17:10 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-30 15:16:31 ----D---- C:\Program Files\CyberLink

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Asapi;Asapi; C:\WINDOWS\system32\drivers\Asapi.sys [2002-04-17 11264]
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-07-01 53256]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-07-01 34312]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-12-22 73312]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-07-01 39944]
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2006-10-25 3712]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-06-20 44384]
R2 UltraMonUtility;UltraMon Utility Driver; \??\C:\Program Files\Fichiers communs\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2006-08-17 328285]
R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-08-17 30427]
R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-08-17 851642]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-08-17 45747]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-08-17 65784]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-06-05 230400]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2006-06-01 43264]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidKe;SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-09-05 27136]
R3 LHidUsbK;SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2006-09-05 36736]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-09-05 71936]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2006-11-24 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2008-06-20 10368]
R3 UltraMonMirror;UltraMonMirror; C:\WINDOWS\system32\DRIVERS\UltraMonMirror.sys [2006-09-24 3584]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2005-10-05 18167]
R3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2005-02-09 316040]
S3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2003-11-28 11264]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMIN\LOCALS~1\Temp\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 DFUBTUSB;WIDCOMM USB Bluetooth Driver in DFU State; C:\WINDOWS\System32\Drivers\frmupgr.sys [2006-11-23 19372]
S3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
S3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
S3 EUCR;ENE USB Mass Storage; C:\WINDOWS\system32\DRIVERS\EUCR6SK.SYS [2005-08-17 40704]
S3 fsbl-standalone;F-Secure BlackLight Beta Engine Driver; \??\C:\DOCUME~1\ADMIN\LOCALS~1\Temp\F-Secure\BlackLight\fsbldrv.sys []
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-12-29 85969]
S3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-09-05 13568]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2006-09-05 56064]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-02 41728]
S3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-05-26 1177032]
S3 usb_rndisx;Carte ISDN USB; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2005-10-05 47104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2007-10-07 427288]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-08-17 266295]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-07-01 468224]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-22 152984]
R2 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE [2006-10-25 110592]
R2 Logitech Easy Synchronization;Logitech Easy Synchronization; C:\Program Files\Logitech\Easy Synchronization\servicestub.exe [2005-10-05 65536]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2008-12-03 170640]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2007-06-28 1049856]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-08 493200]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UTSCSI;USBest Service Zero; C:\WINDOWS\system32\UTSCSI.EXE [2006-11-23 45568]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-07-01 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-09 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-23 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-06-21 69120]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Et bien bon courage. Je vous felicite pour vous re trouver la dedans
Bon courage et a bientot

de **at920** » 30 Déc 2008, 19:28

Bonsoir

Te manque t'il quelque chose pour pouvoir donner les instructions.
J'ai oublier quelque chose ou simplement un manque de temps ?
Si c'est le cas pas de soucis mon PC fonctionne comme cela je en suis pas pressé

A bientôt

de **at920** » 30 Déc 2008, 19:30

Logfile of random's system information tool 1.05 (written by random/random)
Run by ADMIN at 2008-12-29 19:04:19
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 7 GB (13%) free of 50 GB
Total RAM: 3062 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:04:27, on 29/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\TELECHARGEMENT\RSIT.exe
C:\Program Files\trend micro\ADMIN.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [Easy Synchronization] C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UltraMon] "C:\Program Files\UltraMon\UltraMon.exe" /auto
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/ ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF8A36C3-F746-4D2F-8484-A7A48CFFD874}: NameServer = 192.168.0.1
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: USBest Service Zero (UTSCSI) - USBest - C:\WINDOWS\system32\UTSCSI.EXE

--
End of file - 12549 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for ADMIN.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2007-02-16 63048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-22 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-22 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2004-07-29 190616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-22 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2007-02-16 161352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=sttray.exe []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"OmniPage"=C:\Program Files\Caere\OmniPagePro90\opware32.exe [1998-10-28 44032]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2006-09-05 94208]
"Logitech Hardware Abstraction Layer"=C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE [2006-09-05 94208]
"Logitech BT Wizard"=LBTWiz.exe -silent []
"Easy Synchronization"=C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe [2005-10-05 53248]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-12-28 15872]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
"NWEReboot"= []
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]
"CTSysVol"=C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344]
"P17Helper"=Rundll32 P17.dll []
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-07 2620336]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-07 904880]
"Acronis Scheduler2 Service"=C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2007-10-07 140568]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2007-06-28 2512128]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"UltraMon"=C:\Program Files\UltraMon\UltraMon.exe [2006-10-12 304640]
"AdobeCS4ServiceManager"=C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-11-13 611712]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-02-18 77824]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2007-11-14 91432]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-22 136600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-12-03 399504]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-07-01 1447168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"TaskSwitchXP"=C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe [2006-08-04 62976]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll [2006-10-25 65536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{FE24CD78-7C63-465D-8787-4EDF7FC79895}"=C:\Program Files\Logitech\Easy Synchronization\shellexecutehook.dll [2005-10-05 69632]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NBF]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nbf.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProtectedStorage]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sglfb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\Sony\Media Manager for PSP 2.5\MediaManager.exe"="C:\Program Files\Sony\Media Manager for PSP 2.5\MediaManager.exe:*:Enabled:Media Manager for PSP 2.5"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe"="C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:*:Enabled:VoipBuster"
"C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======File associations======

.js - edit -
.js - open -
.txt - open -

======List of files/folders created in the last 1 months======

2008-12-29 19:04:19 ----D---- C:\rsit
2008-12-29 18:31:23 ----A---- C:\FindyKill.txt
2008-12-29 13:19:40 ----D---- C:\Program Files\FindyKill
2008-12-29 12:19:45 ----A---- C:\WINDOWS\gmer.exe
2008-12-29 04:26:48 ----A---- C:\WINDOWS\gmer.dll
2008-12-28 19:34:44 ----A---- C:\gmer.ini
2008-12-28 19:06:29 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-12-28 18:47:43 ----A---- C:\TCleaner.txt
2008-12-28 18:47:32 ----SHD---- C:\RECYCLER
2008-12-28 17:54:33 ----A---- C:\kceztu.txt
2008-12-28 12:38:26 ----D---- C:\Avanger
2008-12-28 10:07:38 ----D---- C:\Documents and Settings\All Users\Application Data\DxO_Labs
2008-12-27 19:38:01 ----D---- C:\Program Files\InterLok
2008-12-27 18:33:28 ----D---- C:\Documents and Settings\ADMIN\Application Data\DxO_Labs
2008-12-27 18:33:08 ----D---- C:\Documents and Settings\ADMIN\Application Data\DxO Labs
2008-12-27 18:32:55 ----D---- C:\Program Files\Fichiers communs\PACE Anti-Piracy
2008-12-27 18:32:55 ----D---- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
2008-12-27 18:32:55 ----D---- C:\Documents and Settings\ADMIN\Application Data\PACE Anti-Piracy
2008-12-27 18:31:27 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-27 18:29:30 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-27 18:29:26 ----D---- C:\WINDOWS\system32\en-US
2008-12-27 18:29:22 ----D---- C:\Program Files\Reference Assemblies
2008-12-27 18:28:57 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2008-12-27 18:28:57 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2008-12-27 18:28:57 ----N---- C:\WINDOWS\system32\prntvpt.dll
2008-12-27 18:08:29 ----D---- C:\Program Files\DxO Labs
2008-12-23 18:03:31 ----D---- C:\Documents and Settings\ADMIN\Application Data\Acronis
2008-12-22 19:26:41 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-12 06:33:53 ----A---- C:\WINDOWS\system32\tmp.txt
2008-12-11 04:09:23 ----SHD---- C:\System Volume Information
2008-12-10 04:11:15 ----A---- C:\WINDOWS\system32\VACFix.exe
2008-12-10 04:11:15 ----A---- C:\WINDOWS\system32\o4Patch.exe
2008-12-10 04:11:15 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-12-10 04:11:15 ----A---- C:\WINDOWS\system32\404Fix.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\swxcacls.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\swsc.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\swreg.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\IEDFix.exe
2008-12-10 04:11:14 ----A---- C:\WINDOWS\system32\dumphive.exe
2008-12-10 04:11:13 ----A---- C:\WINDOWS\system32\Process.exe
2008-12-10 04:01:33 ----D---- C:\WINDOWS\Temp
2008-12-09 02:39:49 ----D---- C:\Program Files\Trend Micro
2008-12-02 20:44:19 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-02 20:44:19 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-02 20:44:18 ----A---- C:\WINDOWS\system32\java.exe

======List of files/folders modified in the last 1 months======

2008-12-29 19:00:33 ----D---- C:\Program Files\eMule
2008-12-29 19:00:00 ----D---- C:\Program Files\Mozilla Firefox
2008-12-29 18:34:22 ----D---- C:\WINDOWS\Prefetch
2008-12-29 18:34:21 ----D---- C:\WINDOWS
2008-12-29 18:30:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-29 13:19:40 ----RD---- C:\Program Files
2008-12-29 07:40:01 ----D---- C:\WINDOWS\system32\drivers
2008-12-29 07:25:37 ----HD---- C:\WINDOWS\inf
2008-12-29 07:16:04 ----SHD---- C:\WINDOWS\Installer
2008-12-29 07:15:51 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-28 23:37:24 ----D---- C:\WINDOWS\system32
2008-12-28 18:59:40 ----D---- C:\WINDOWS\BDOSCAN8
2008-12-28 17:49:51 ----D---- C:\Program Files\SC
2008-12-28 12:31:35 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-28 11:34:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-28 11:13:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-28 11:12:38 ----SD---- C:\WINDOWS\Tasks
2008-12-28 10:58:10 ----D---- C:\WINDOWS\SxsCaPendDel
2008-12-28 10:53:10 ----ASD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-28 10:53:10 ----AHD---- C:\Program Files\WindowsUpdate
2008-12-28 09:02:47 ----D---- C:\Program Files\Azureus
2008-12-28 09:02:45 ----D---- C:\Documents and Settings\ADMIN\Application Data\Azureus
2008-12-27 20:25:55 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-27 20:25:44 ----RSD---- C:\WINDOWS\assembly
2008-12-27 19:38:02 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-27 19:38:00 ----D---- C:\WINDOWS\Downloaded Installations
2008-12-27 18:32:56 ----D---- C:\Program Files\Outlook Express
2008-12-27 18:32:56 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-12-27 18:32:55 ----D---- C:\Program Files\Fichiers communs
2008-12-27 18:31:14 ----D---- C:\WINDOWS\system32\fr-fr
2008-12-27 18:30:20 ----D---- C:\WINDOWS\WinSxS
2008-12-27 18:30:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-27 18:29:27 ----D---- C:\Program Files\MSBuild
2008-12-27 18:29:25 ----RSD---- C:\WINDOWS\Fonts
2008-12-27 18:29:12 ----D---- C:\WINDOWS\system32\spool
2008-12-27 17:56:09 ----D---- C:\Documents and Settings\ADMIN\Application Data\Nikon
2008-12-27 10:48:44 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-22 20:37:10 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-22 19:53:39 ----D---- C:\Program Files\Ad-Aware SE Professional
2008-12-22 19:48:11 ----D---- C:\Program Files\Fichiers communs\Adobe
2008-12-22 19:48:11 ----D---- C:\Program Files\Adobe
2008-12-22 19:45:44 ----D---- C:\WINDOWS\system32\Restore
2008-12-22 19:26:27 ----D---- C:\Program Files\Java
2008-12-22 07:33:56 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-12-19 03:00:22 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-16 04:38:03 ----D---- C:\Program Files\Logitech
2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 14:53:10 ----D---- C:\WINDOWS\Minidump
2008-12-12 14:53:10 ----D---- C:\WINDOWS\Debug
2008-12-12 06:33:54 ----D---- C:\Program Files\Google
2008-12-10 18:12:39 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-12-10 18:11:31 ----D---- C:\Program Files\Internet Explorer
2008-12-10 18:11:14 ----D---- C:\WINDOWS\ie7updates
2008-12-10 00:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-09 02:48:26 ----D---- C:\Documents and Settings\ADMIN\Application Data\Mozilla
2008-11-30 15:20:07 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-11-30 15:19:25 ----D---- C:\Documents and Settings\ADMIN\Application Data\CyberLink
2008-11-30 15:17:10 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-30 15:16:31 ----D---- C:\Program Files\CyberLink

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Asapi;Asapi; C:\WINDOWS\system32\drivers\Asapi.sys [2002-04-17 11264]
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-07-01 53256]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-07-01 34312]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-12-22 73312]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-07-01 39944]
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2006-10-25 3712]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-06-20 44384]
R2 UltraMonUtility;UltraMon Utility Driver; \??\C:\Program Files\Fichiers communs\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2006-08-17 328285]
R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-08-17 30427]
R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-08-17 851642]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-08-17 45747]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-08-17 65784]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-06-05 230400]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2006-06-01 43264]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidKe;SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-09-05 27136]
R3 LHidUsbK;SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2006-09-05 36736]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-09-05 71936]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2006-11-24 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2008-06-20 10368]
R3 UltraMonMirror;UltraMonMirror; C:\WINDOWS\system32\DRIVERS\UltraMonMirror.sys [2006-09-24 3584]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2005-10-05 18167]
R3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2005-02-09 316040]
S3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2003-11-28 11264]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMIN\LOCALS~1\Temp\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 DFUBTUSB;WIDCOMM USB Bluetooth Driver in DFU State; C:\WINDOWS\System32\Drivers\frmupgr.sys [2006-11-23 19372]
S3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
S3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
S3 EUCR;ENE USB Mass Storage; C:\WINDOWS\system32\DRIVERS\EUCR6SK.SYS [2005-08-17 40704]
S3 fsbl-standalone;F-Secure BlackLight Beta Engine Driver; \??\C:\DOCUME~1\ADMIN\LOCALS~1\Temp\F-Secure\BlackLight\fsbldrv.sys []
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-12-29 85969]
S3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-09-05 13568]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2006-09-05 56064]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-02 41728]
S3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-05-26 1177032]
S3 usb_rndisx;Carte ISDN USB; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2005-10-05 47104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2007-10-07 427288]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-08-17 266295]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-07-01 468224]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-22 152984]
R2 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE [2006-10-25 110592]
R2 Logitech Easy Synchronization;Logitech Easy Synchronization; C:\Program Files\Logitech\Easy Synchronization\servicestub.exe [2005-10-05 65536]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2008-12-03 170640]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2007-06-28 1049856]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-08 493200]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UTSCSI;USBest Service Zero; C:\WINDOWS\system32\UTSCSI.EXE [2006-11-23 45568]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-07-01 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-09 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-23 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-06-21 69120]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.05 2008-12-29 19:04:29

======Uninstall list======

-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative\SBAudigy\Program\Setup.exe" /S /U /W /L:FRN
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
ACDSee 10 Gestionnaire de photos-->MsiExec.exe /I{F8B98EB6-FC06-45BF-87D4-9784E0408611}
Acronis True Image Home-->MsiExec.exe /X{E5343B27-55DF-40BD-9FCF-A643C1331E8A}
Ad-Aware SE Professional-->C:\PROGRA~1\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\AD-AWA~1\INSTALL.LOG
Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}
Adobe After Effects CS4 Template Projects & Footage-->MsiExec.exe /I{F600CCF3-9C88-4A22-B0B4-DDA82E997118}
Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color Common Settings-->C:\Program Files\Fichiers communs\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe Creative Suite 4 Production Premium-->C:\Program Files\Fichiers communs\Adobe\Installers\36ac9dc8c9a94feb9e5886810012e78\Setup.exe --uninstall=1
Adobe Creative Suite 4 Production Premium-->MsiExec.exe /I{70E3A868-C269-4E6D-B225-862AADF7D0AF}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe Encore CS4 Codecs-->MsiExec.exe /I{FB2A5FCC-B81B-48C2-A009-7804694D83E9}
Adobe Encore CS4 Library-->MsiExec.exe /I{B095B0A4-50A5-46D7-9988-D038FEB040C0}
Adobe Encore CS4-->MsiExec.exe /I{5EAD5443-7194-46CC-A055-428E6ABB1BAF}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Fichiers communs\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop Elements 7.0-->msiexec /i {CB6075D9-F912-40AE-BEA6-E590DA24F16B}
Adobe Photoshop Lightroom 2-->MsiExec.exe /I{531BC138-F1F7-496B-879C-F039ECEF438D}
Adobe Premiere Pro CS4 Third Party Content-->MsiExec.exe /I{C938BE91-3BB5-4B84-9EF6-88F0505D0038}
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Setup-->MsiExec.exe /I{CA842D69-22DB-456E-95C7-A5C92593C7C4}
Adobe Soundbooth CS4 Codecs-->MsiExec.exe /I{52232EF4-CC12-4C21-ABCF-ADB79618302D}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Apple Software Update-->MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
Application Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6CDD9FB-9F79-440B-9BE6-20DBA8B5BB93}\Setup.exe" -l0x40c
Application Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FEB328EC-E920-4451-B12A-C4710B85CF0A}\Setup.exe" -l0x40c
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASAPI Update-->C:\WINDOWS\system32\IWUNIN~1.EXE -uninstall C:\WINDOWS\ISUNINST.EXE -fC:\PROGRA~1\VOB\ASAPIU~1\ASAPI.isu
ASAPI-->MsiExec.exe /X{8A7E941F-2BB4-47D0-B732-8AE5F3513B68}
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Auction Sentry Deluxe-->MsiExec.exe /X{01979CA0-B550-47D0-AD16-553B2C3FCF97}
AVG Anti-Spyware 7.5-->C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Azureus-->C:\Program Files\Azureus\Uninstall.exe
Bejeweled 2 Deluxe-->C:\WINDOWS\iun6002ev.exe "C:\Program Files\Bejeweled 2 Deluxe\irunin.ini"
Boulder Dash Treasure Pleasure-->"C:\Program Files\Boulder Dash\unins000.exe"
Canon iP4200-->C:\WINDOWS\system32\CNMCP78.exe "-PRINTERNAMECanon iP4200" "-HELPERDLLC:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmis.dll" "-RCDLLcnmi040c.dll"
Canon ScanGear Toolbox 3.1-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\ScanGear Toolbox Ver3.1\Uninst.isu" -c"C:\Program Files\Canon\ScanGear Toolbox Ver3.1\uninst.dll"
Capture NX 2-->C:\Program Files\Nikon\Capture NX 2\uninstall.exe
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDex extraction audio-->"C:\Program Files\CDex_150\uninstall.exe"
CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
CloneCD-->"C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Program Files\SlySoft\CloneCD"
CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Complément Office 2007 - Microsoft Enregistrer en tant que PDF ou XPS (Beta)-->MsiExec.exe /X{30120000-00B2-040C-0000-0000000FF1CE}
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
coverXP (remove only)-->"C:\Program Files\coverXP\cxp-uninst.exe"
Creative MediaSource 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x40c /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
Creative System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
CyberLink PowerDVD8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall
DiMAGE Viewer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{976EA7B1-7562-483D-88DA-4323D263B7CD}\Setup.exe" -l0x40c anything
DVD Decrypter 3.5.4.0 Fr-->C:\Program Files\DVD Decrypter\UnInstall_DVDdecrypt.exe
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVDFab Platinum 3.0.1.0-->"C:\Program Files\DVDFab Platinum 3\unins000.exe"
DxO Optics Pro 5.3.1-->MsiExec.exe /X{5A0D71BC-3AB0-4BC1-B241-CABE11EEE731}
EasyRecovery Professional-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{268723B7-A994-4286-9F85-B974D5CAFC7B} /l1036
eMule-->"C:\Program Files\eMule\Uninstall.exe"
ESET NOD32 Antivirus-->MsiExec.exe /I{6229EFBA-A122-490C-B660-A5409FA15A31}
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
FlashFXP v3-->"C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u
FlashFXP-->"C:\Program Files\FlashFXP\unins000.exe"
Galerie photo xhtml-->MsiExec.exe /I{09C393BF-FD7A-4B0B-8A43-CAC585ABB22D}
Hex Workshop v4.23-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BreakPoint Software\Hex Workshop 4.2\hw41unin.isu"
HexEdit-->MsiExec.exe /I{16D11547-BD13-4EFA-8A7D-976933A95102}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
ImageMagick 6.4.5-2 Q16 (2008-11-15)-->"C:\Program Files\ImageMagick-6.4.5-Q16\unins000.exe"
Intel A/V Codecs V2.0-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\CDUninst.isu
Intel Audio Studio 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2205E3A5-DCDC-461D-8ED6-D6F2341D3B64}\setup.exe" -l0x40c
Intel(R) Active Client Manager 2.0 HECI Driver-->C:\WINDOWS\system32\heciudlg.exe -uninstall
Intel(R) PRO Network Connections-->MsiExec.exe /I{0A0873E1-D9BA-4994-B85D-A0A331EF1F0C}
Interlok driver setup x32-->MsiExec.exe /X{25613C10-27D2-410B-942B-D922D5C3A7BE}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4

Hello Haribo76

Hello Haribo76

Publicité

Hello Mojac

Qui est en ligne