System guard 2009 qui bloque malwarebyte

laisse tomber ca a redemmarer

je vais essayer un truc, je vais recommencer combofix mais cette fois je vais enlever mon autoprotect de norton pour plus de 15 min, je crois que norton s'est réactivé au mauvais moment

désolé pour ce contre temps :p

bon.. après quelques recherches je me rend compte come un con que je suis l'administrateur :p

voici le rapport:


SmitFraudFix v2.395

Rapport fait à 13:21:40,02, 2009-02-14
Executé à partir de C:\Documents and Settings\user\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\user\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

127.0.0.1 www.legal-at-spybot.info
127.0.0.1 legal-at-spybot.info
127.0.0.1 www.spywareinfo.com
127.0.0.1 spywareinfo.com

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\user


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\user\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\user\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\user\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="http://www.toru-art.com/wallpaper/dragon3-1024.jpg"
"SubscribedURL"="http://www.toru-art.com/wallpaper/dragon3-1024.jpg"
"FriendlyName"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: ASUSTeK/Broadcom 440x 10/100 Integrated Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.100.3
DNS Server Search Order: 192.168.100.3

HKLM\SYSTEM\CCS\Services\Tcpip\..\{25FF2653-4B02-4221-B09B-A9B102412761}: DhcpNameServer=192.168.100.3 192.168.100.3
HKLM\SYSTEM\CS1\Services\Tcpip\..\{25FF2653-4B02-4221-B09B-A9B102412761}: DhcpNameServer=192.168.100.3 192.168.100.3
HKLM\SYSTEM\CS3\Services\Tcpip\..\{25FF2653-4B02-4221-B09B-A9B102412761}: DhcpNameServer=192.168.100.3 192.168.100.3
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.100.3 192.168.100.3
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.100.3 192.168.100.3
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.100.3 192.168.100.3


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

bon.. que dois-je faire maintenant?

raport smithfraud après un RHosts


SmitFraudFix v2.395

Rapport fait à 16:28:45,43, 2009-02-16
Executé à partir de C:\Documents and Settings\user\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: ASUSTeK/Broadcom 440x 10/100 Integrated Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.100.3
DNS Server Search Order: 192.168.100.3

HKLM\SYSTEM\CCS\Services\Tcpip\..\{25FF2653-4B02-4221-B09B-A9B102412761}: DhcpNameServer=192.168.100.3 192.168.100.3
HKLM\SYSTEM\CS1\Services\Tcpip\..\{25FF2653-4B02-4221-B09B-A9B102412761}: DhcpNameServer=192.168.100.3 192.168.100.3
HKLM\SYSTEM\CS3\Services\Tcpip\..\{25FF2653-4B02-4221-B09B-A9B102412761}: DhcpNameServer=192.168.100.3 192.168.100.3
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.100.3 192.168.100.3
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.100.3 192.168.100.3
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.100.3 192.168.100.3


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Voici le log file de RSIT


Logfile of random's system information tool 1.05 (written by random/random)
Run by user at 2009-02-16 17:15:17
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 16 GB (29%) free of 57 GB
Total RAM: 383 MB (61% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2502BBD0-D73B-11DD-B4EC-CEBF56D89593}]
DDSMEkl - C:\WINDOWS\system32\vumer.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\IPSBHO.DLL [2009-02-12 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-04-01 352256]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"=C:\WINDOWS\ATK0100\Hcontrol.exe [2004-01-13 65536]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2003-12-11 88363]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2003-12-11 28672]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2003-12-11 135168]
"RemoteControl"=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2003-12-08 32768]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2004-09-07 1400944]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-10-28 335872]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2007-12-02 185896]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"Veoh"=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2008-09-26 3660848]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2008-07-29 1213680]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-01-15 1830128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-13 409600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2004-09-22 1871872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2006-05-24 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\systemguard]
C:\Program Files\System Guard 2009\systemguard.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2007-12-02 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ccecdfedeffe]
C:\WINDOWS\system32\ccecdfedeffe.dll [2009-02-14 281105]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Valve\Steam\SteamApps\mithos484\garrysmod\hl2.exe"="C:\Program Files\Valve\Steam\SteamApps\mithos484\garrysmod\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c94f250-e5c7-11dd-8d08-00112f740250}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\m.exe /s

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64e685a0-989b-11dc-8b4a-00112f740250}]
shell\AutoRun\command - E:\LaunchU3.exe


======List of files/folders created in the last 2 months======

2009-02-16 17:15:20 ----D---- C:\Program Files\trend micro
2009-02-16 17:15:17 ----DC---- C:\rsit
2009-02-16 17:13:24 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-15 13:23:09 ----D---- C:\WINDOWS\ERUNT
2009-02-15 13:17:55 ----DC---- C:\SDFix
2009-02-14 17:05:58 ----DC---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-02-14 17:03:29 ----D---- C:\Program Files\SUPERAntiSpyware
2009-02-14 17:03:28 ----D---- C:\Documents and Settings\user\Application Data\SUPERAntiSpyware.com
2009-02-14 13:23:53 ----SHDC---- C:\RECYCLER
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\VACFix.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\swxcacls.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\swsc.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\swreg.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\Process.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\o4Patch.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\IEDFix.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\dumphive.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
2009-02-14 13:21:30 ----A---- C:\WINDOWS\system32\404Fix.exe
2009-02-14 13:00:51 ----AC---- C:\ComboFix.txt
2009-02-14 12:50:43 ----AC---- C:\Bug.txt
2009-02-14 12:50:32 ----DC---- C:\32788R22FWJFW
2009-02-14 11:45:53 ----AC---- C:\Boot.bak
2009-02-14 11:45:21 ----RASHDC---- C:\cmdcons
2009-02-14 11:41:49 ----A---- C:\WINDOWS\zip.exe
2009-02-14 11:41:49 ----A---- C:\WINDOWS\SWREG.exe
2009-02-14 11:41:49 ----A---- C:\WINDOWS\NIRCMD.exe
2009-02-14 11:41:48 ----A---- C:\WINDOWS\VFIND.exe
2009-02-14 11:41:48 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-02-14 11:41:48 ----A---- C:\WINDOWS\SWSC.exe
2009-02-14 11:41:48 ----A---- C:\WINDOWS\sed.exe
2009-02-14 11:41:48 ----A---- C:\WINDOWS\grep.exe
2009-02-14 11:41:48 ----A---- C:\WINDOWS\fdsv.exe
2009-02-14 11:41:41 ----D---- C:\WINDOWS\ERDNT
2009-02-14 11:41:41 ----ADC---- C:\Qoobox
2009-02-14 11:04:17 ----A---- C:\WINDOWS\system32\tmp.txt
2009-02-14 11:02:54 ----AC---- C:\rapport.txt
2009-02-14 08:27:16 ----D---- C:\Program Files\System Guard 2009
2009-02-14 08:27:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-13 19:17:58 ----D---- C:\WINDOWS\BDOSCAN8
2009-02-13 17:20:11 ----AC---- C:\windowsupdateagent30-x86.exe
2009-02-13 17:17:34 ----N---- C:\WINDOWS\system32\eb91d8a90bf6de36373a466254a8fdca.TMP
2009-02-13 09:55:23 ----N---- C:\WINDOWS\system32\e603767102c904ea2b3953ff2e511c57.TMP
2009-02-13 09:55:21 ----N---- C:\WINDOWS\system32\5e3f6e9e195aaaaaf421082880897496.TMP
2009-02-13 09:52:03 ----AC---- C:\fix_svchost.bat
2009-02-13 09:31:59 ----A---- C:\WindowsXP-KB927891.exe
2009-02-13 09:31:12 ----A---- C:\fix_svchost.bat.txt
2009-02-13 09:10:48 ----DC---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-12 18:58:39 ----A---- C:\WINDOWS\system32\E3TL.DLL
2009-02-12 18:58:05 ----DC---- C:\Documents and Settings\All Users\Application Data\Zenturi
2009-02-12 18:58:05 ----D---- C:\Program Files\Zenturi
2009-02-12 18:57:31 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-02-12 12:56:38 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-02-12 12:51:55 ----D---- C:\Program Files\Windows Sidebar
2009-02-12 12:51:23 ----DC---- C:\Documents and Settings\All Users\Application Data\Norton
2009-02-12 12:48:03 ----DC---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-02-12 12:48:03 ----D---- C:\Program Files\NortonInstaller
2009-02-12 11:56:19 ----D---- C:\Program Files\Enigma Software Group
2009-02-12 10:37:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-02-12 10:36:28 ----A---- C:\WINDOWS\system32\MRT.INI
2009-02-12 10:36:27 ----D---- C:\WINDOWS\system32\MpEngineStore
2009-02-12 10:30:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-02-12 10:30:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-02-12 10:30:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-02-12 10:29:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-02-12 10:29:50 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-12 10:29:44 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-02-12 10:29:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-02-12 10:29:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-02-12 10:29:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-02-12 08:51:01 ----D---- C:\WINDOWS\E80F62FF5D3C4A1984099721F2928206.TMP
2009-02-12 03:05:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-02-12 03:05:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-02-12 03:04:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-02-11 17:14:06 ----D---- C:\Program Files\Alwil Software
2009-01-18 20:22:47 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-01-18 20:22:47 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-01-18 20:22:47 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-01-18 20:22:47 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-01-18 20:22:46 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-01-18 20:22:46 ----N---- C:\WINDOWS\system32\px.dll
2009-01-18 20:22:27 ----D---- C:\WINDOWS\system32\IOSUBSYS
2009-01-18 20:22:04 ----D---- C:\Program Files\Google

======List of files/folders modified in the last 2 months======

2009-02-16 17:15:20 ----RD---- C:\Program Files
2009-02-16 17:13:24 ----D---- C:\WINDOWS
2009-02-16 17:11:42 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-16 16:58:23 ----D---- C:\WINDOWS\Temp
2009-02-16 16:48:31 ----D---- C:\WINDOWS\Prefetch
2009-02-16 16:28:53 ----D---- C:\WINDOWS\system32
2009-02-15 13:27:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-14 17:04:51 ----SHD---- C:\WINDOWS\Installer
2009-02-14 17:04:47 ----SHDC---- C:\Config.Msi
2009-02-14 16:57:30 ----A---- C:\WINDOWS\system32\ccecdfedeffe.dll
2009-02-14 12:57:21 ----AC---- C:\WINDOWS\system.ini
2009-02-14 12:54:51 ----D---- C:\WINDOWS\AppPatch
2009-02-14 12:54:39 ----D---- C:\WINDOWS\system32\drivers
2009-02-14 12:54:36 ----D---- C:\Program Files\Fichiers communs
2009-02-14 11:45:53 ----RASHC---- C:\boot.ini
2009-02-14 11:41:49 ----D---- C:\WINDOWS\system32\Restore
2009-02-14 11:41:48 ----SHD---- C:\System Volume Information
2009-02-14 09:28:00 ----D---- C:\Program Files\Mozilla Firefox
2009-02-14 08:53:34 ----D---- C:\Program Files\Internet Explorer
2009-02-13 19:18:03 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-13 19:17:57 ----HD---- C:\WINDOWS\inf
2009-02-13 17:39:36 ----D---- C:\WINDOWS\SoftwareDistribution
2009-02-13 17:19:49 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-13 16:49:07 ----A---- C:\WINDOWS\win.ini
2009-02-13 09:49:48 ----DC---- C:\Documents and Settings
2009-02-12 14:18:37 ----ADC---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-02-12 13:19:04 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-02-12 12:56:39 ----D---- C:\Program Files\Symantec
2009-02-12 12:51:56 ----D---- C:\Program Files\Norton AntiVirus
2009-02-12 11:01:48 ----D---- C:\WINDOWS\Debug
2009-02-12 10:37:53 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-12 10:25:56 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-02-12 08:57:38 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-12 08:50:45 ----DC---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-02-12 08:41:12 ----SD---- C:\WINDOWS\Tasks
2009-02-12 03:06:31 ----D---- C:\WINDOWS\ie7updates
2009-02-12 03:00:53 ----D---- C:\WINDOWS\WinSxS
2009-02-11 19:27:06 ----D---- C:\WINDOWS\system32\config
2009-02-11 16:52:30 ----D---- C:\Program Files\NavigationEnhancer
2009-02-11 16:46:27 ----D---- C:\WINDOWS\Help
2009-02-03 15:21:14 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-26 17:10:45 ----DC---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-26 17:10:22 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-01-26 17:10:22 ----D---- C:\Program Files\Adobe
2009-01-16 21:15:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-20 17:47:04 ----A---- C:\WINDOWS\system32\wininet.dll
2008-12-20 17:47:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-12-20 17:47:03 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-12-20 17:47:02 ----A---- C:\WINDOWS\system32\url.dll
2008-12-20 17:47:02 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-12-20 17:47:02 ----A---- C:\WINDOWS\system32\occache.dll
2008-12-20 17:47:02 ----A---- C:\WINDOWS\system32\mstime.dll
2008-12-20 17:47:01 ----A---- C:\WINDOWS\system32\msrating.dll
2008-12-20 17:47:01 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-12-20 17:46:57 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-12-20 17:46:56 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-12-20 17:46:56 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-12-20 17:46:54 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-12-20 17:46:54 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-12-20 17:46:54 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-12-20 17:46:50 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-12-20 17:46:50 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-12-20 17:46:49 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-12-20 17:46:49 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-12-20 17:46:49 ----A---- C:\WINDOWS\system32\icardie.dll
2008-12-20 17:46:49 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-12-20 17:46:48 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-12-20 17:46:48 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-12-20 17:46:48 ----A---- C:\WINDOWS\system32\advpack.dll
2008-12-19 04:11:12 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-12-19 04:10:15 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-12-19 00:23:56 ----A---- C:\WINDOWS\system32\ieakui.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-09-07 28544]
R1 SMBHC;Pilote de contrôleur hôte du bus de gestion du système Microsoft; C:\WINDOWS\system32\DRIVERS\SMBHC.sys [2001-08-17 6784]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2003-12-11 78225]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2004-01-13 5786]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 BHDrvx86;Symantec Heuristics Driver; \??\C:\WINDOWS\system32\drivers\NAV\1002000.007\BHDrvx86.sys []
S1 ccHP;Symantec Hash Provider; \??\C:\WINDOWS\system32\drivers\NAV\1002000.007\ccHPx86.sys []
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
S1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090212.003\IDSxpx86.sys []
S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
S1 SRTSP;Symantec Real Time Storage Protection; \??\C:\WINDOWS\system32\drivers\NAV\1002000.007\SRTSP.SYS []
S1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NAV\1002000.007\SRTSPX.SYS []
S1 SYMTDI;SYMTDI; \??\C:\WINDOWS\system32\drivers\NAV\1002000.007\SYMTDI.SYS []
S2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
S2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-02-06 4816]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2003-12-11 1197740]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2003-12-11 619520]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 bcm4sbxp;ASUSTeK/Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-12-11 43136]
S3 catchme;catchme; \??\C:\DOCUME~1\user\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2003-01-10 30921]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090216.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090216.005\NAVEX15.SYS []
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 RT25USBAP;Nintendo Wi-Fi USB Connector Service; C:\WINDOWS\system32\DRIVERS\rt25usbap.sys [2006-04-10 162816]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-02-06 594048]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NAV\1002000.007\SYMDNS.SYS []
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 SYMFW;SYMFW; \??\C:\WINDOWS\system32\drivers\NAV\1002000.007\SYMFW.SYS []
S3 SYMIDS;SYMIDS; \??\C:\WINDOWS\system32\drivers\NAV\1002000.007\SYMIDS.SYS []
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-02-12 36272]
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-02-12 36272]
S3 SYMNDIS;SYMNDIS; \??\C:\WINDOWS\system32\drivers\NAV\1002000.007\SYMNDIS.SYS []
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NAV\1002000.007\SYMREDRV.SYS []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 w22n51;Pilote Intel(R) PRO/Wireless 2200 Adapter; C:\WINDOWS\system32\DRIVERS\w22n51.sys [2004-03-23 1657344]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2004-09-07 91136]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2003-12-11 376832]
S2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-08-31 243064]
S2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-09-07 1151090]
S2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
S2 Norton AntiVirus;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe [2009-02-12 115560]
S2 UStorage Server Service;UStorage Server Service; C:\WINDOWS\system32\UStorSrv.exe [2006-02-17 139264]
S2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-31 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2007-08-23 3192184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

et voila le info.
Je vous revient demain.


info.txt logfile of random's system information tool 1.05 2009-02-16 17:15:27

======Uninstall list======

-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe® Photoshop® Album Edition Découverte 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Agere Systems AC'97 Modem v2134D-->agrsmdel
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft PhotoImpression-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35B8CC58-F128-4169-82EB-0E6CB0C3AFE6}\setup.exe" -l0x40c -uninst
ArcSoft VideoImpression 1.6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEF2E5A3-0317-4822-B930-8B721EB483E4}\setup.exe" -l0x40c -uninst
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
BitLord 1.1-->C:\Program Files\BitLord\uninst.exe
Canon PhotoRecord-->MsiExec.exe /X{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Dev-C++ 5 beta 9 release (4.9.9.2)-->"C:\Dev-Cpp\uninstall.exe"
Dictionnaires essentiels-->"C:\Program Files\Anuman Interactive\Dictionnaires essentiels\unins000.exe"
DVD Solution-->"C:\Program Files\Uninstall_CDS.exe"
EuphRO-->C:\Program Files\EuphRO\Uninstall EuphRO.exe
Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Formation Microsoft Interactive-->C:\Program Files\MSPress\Training\lunins32_s.exe
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 4.16.6-->"C:\Program Files\LimeWire\uninstall.exe"
LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash Player 8-->MsiExec.exe /X{885A63EA-382B-4DD4-A755-14809B8557D6}
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Medi@Show-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\CyberLink\MediaShow\Uninst.isu"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Media Content-->MsiExec.exe /I{9030040C-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Professional-->MsiExec.exe /I{9111040C-6000-11D3-8CFE-0050048383C9}
Microsoft Platform SDK (R2) (3790.2075)-->MsiExec.exe /I{9A0ED01E-FD18-457A-AB9C-0835DCDB17BB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Express - FRA-->C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual C++ 2005 Express Edition - FRA\setup.exe
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Multimedia Launcher-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
My DSC-->C:\Program Files\InstallShield Installation Information\{225af9a1-b556-88d5-94aa-0010b5426419}\setup.exe
NavigationEnhancer-->C:\Program Files\NavigationEnhancer\uninstall.exe
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Norton AntiVirus-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\562C4DD5\16.2.0.7\InstStub.exe /X
OpenGL-->C:\WINDOWS\uninst.exe -f"C:\Program Files\OGLSDK\DeIsL1.isu" -c"C:\Program Files\OGLSDK\_ISREG32.DLL"
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Pilotes ATI-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A3B9-08C3-4A2F-B2CB-8EAC3F17F440}\setup.exe"
Pivot Stickfigure Animator-->MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}
PowerDirector-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" -uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
Quake III Arena Point Release 1.32-->C:\WINDOWS\unvise32.exe c:\program files\quakeiii arena\quake3\uninstal5.log
Quake III Arena-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Quake III Arena\QIII.isu"
QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036
Ragnarok Online-->"C:\WINDOWS\IFinst27.exe" -UC:\Program Files\Gravity\RO\IFU80.inf
Ragnarok Sakray-->"C:\WINDOWS\IFinst27.exe" -UC:\Program Files\Gravity\RO\IFU1B.inf
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Symantec Technical Support Web Controls-->MsiExec.exe /X{DDC63227-BA06-4855-B002-BDB49E9F677E}
System Guard 2009-->C:\Program Files\System Guard 2009\uninstall.exe
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Security center information======

AV: Norton AntiVirus

System event log

Computer Name: PORTABLE
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk0\D au cours d'une opération de pagination.

Record Number: 18969
Source Name: Disk
Time Written: 20090213165616.000000-300
Event Type: Avertissement
User:

Computer Name: PORTABLE
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk0\D au cours d'une opération de pagination.

Record Number: 18968
Source Name: Disk
Time Written: 20090213165615.000000-300
Event Type: Avertissement
User:

Computer Name: PORTABLE
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk0\D au cours d'une opération de pagination.

Record Number: 18967
Source Name: Disk
Time Written: 20090213165615.000000-300
Event Type: Avertissement
User:

Computer Name: PORTABLE
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk0\D au cours d'une opération de pagination.

Record Number: 18966
Source Name: Disk
Time Written: 20090213165615.000000-300
Event Type: Avertissement
User:

Computer Name: PORTABLE
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk0\D au cours d'une opération de pagination.

Record Number: 18965
Source Name: Disk
Time Written: 20090213165615.000000-300
Event Type: Avertissement
User:

Application event log

Computer Name: PORTABLE
Event Code: 34
Message:
Record Number: 27650
Source Name: ccSvcHst
Time Written: 20081026203937.000000-240
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: PORTABLE
Event Code: 35
Message:
Record Number: 27649
Source Name: ccSvcHst
Time Written: 20081026203937.000000-240
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: PORTABLE
Event Code: 34
Message:
Record Number: 27648
Source Name: ccSvcHst
Time Written: 20081026203936.000000-240
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: PORTABLE
Event Code: 35
Message:
Record Number: 27647
Source Name: ccSvcHst
Time Written: 20081026203936.000000-240
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: PORTABLE
Event Code: 34
Message:
Record Number: 27646
Source Name: ccSvcHst
Time Written: 20081026203935.000000-240
Event Type: Informations
User: AUTORITE NT\SYSTEM

======Environment variables======

"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=1
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Microsoft Platform SDK for Windows Server 2003 R2\Lib;C:\Program Files\OGLSDK;C:\Program Files\glut-3.7.6-bin\lib
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 6, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0d06
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"sourcesdk"=c:\program files\valve\steam\steamapps\mithos484\sourcesdk
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"VS80COMNTOOLS"=C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\
"windir"=%SystemRoot%
"SAFEBOOT_OPTION"=MINIMAL

-----------------EOF-----------------

En cherchant un peu sur internet j'ai appris comment faire marcher malwarebytes
j'ai suprimé 16 menaces et voici le rapport(je crois que le problème est reglé)

Si vous aidez qqun qui a le mème problème que moi dites leurs de "Télécharger" le programme malwarebytes du "mode sans echecs avec reseau" d'internet. Utiliser un installeur téléchargé à toute autres endroits ne fonctionnera pas.



Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1774
Windows 5.1.2600 Service Pack 3

2009-02-18 10:18:04
mbam-log-2009-02-18 (10-18-04).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 181950
Temps écoulé: 36 minute(s), 20 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 10

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{624f9012-d73b-11dd-95af-61c156d89593} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{52cde0e4-d73b-11dd-9b90-fcc056d89593} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a2c73e36-f635-4b4e-a19a-0dd0fdadecea} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\System Guard 2009 (Rogue.SpywareGuard2009) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\System Guard 2009 (Rogue.SystemGuard2009) -> Quarantined and deleted successfully.
C:\Program Files\System Guard 2009\quarantine (Rogue.SystemGuard2009) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\FBrowsingAdvisor\XPCOMEvents.dll.vir (Adware.PlayMp3z) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7869A54A-64D4-4603-ABB3-E1BB5F1A940A}\RP2\A0000074.dll (Adware.PlayMp3z) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7869A54A-64D4-4603-ABB3-E1BB5F1A940A}\RP3\A0000266.exe (Trojan.Systemguard) -> Quarantined and deleted successfully.
C:\Program Files\System Guard 2009\conf.cfg (Rogue.SystemGuard2009) -> Quarantined and deleted successfully.
C:\Program Files\System Guard 2009\mbase.vdb (Rogue.SystemGuard2009) -> Quarantined and deleted successfully.
C:\Program Files\System Guard 2009\quarantine.vdb (Rogue.SystemGuard2009) -> Quarantined and deleted successfully.
C:\Program Files\System Guard 2009\queue.vdb (Rogue.SystemGuard2009) -> Quarantined and deleted successfully.
C:\Program Files\System Guard 2009\vbase.vdb (Rogue.SystemGuard2009) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\DLLs\ylhuoumtch.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.