Win32:Swizzor[Trj] retrouvé par avast (x2)

voici le rapport :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : BIOS Date: 08/27/04 11:09:23 Ver: 08.00.09
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090505-0] 4.8.1335 (Activated)
Firewall : Sunbelt Personal Firewall 4.5.916 T (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:67 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 05/05/2009|21:56 )

--------------------\\ Listing des dossiers dans APPLIC~1

[21/01/2009|23:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Acreon
[27/12/2008|20:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[15/10/2008|20:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[05/03/2007|21:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\ArcSoft
[17/10/2008|16:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Atari
[10/01/2008|21:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
[23/11/2007|20:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Azureus
[19/01/2009|19:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Bioshock
[04/07/2007|23:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\CamfrogWEB
[13/01/2008|21:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Canon
[30/04/2009|14:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Creative
[18/10/2007|14:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\GetRight
[17/10/2007|20:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\GetRightToGo
[31/08/2007|04:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[26/08/2008|19:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Hamachi
[22/06/2007|21:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[20/08/2003|23:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[05/12/2007|16:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\InstallShield
[17/03/2007|14:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterVideo
[29/03/2007|20:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\ItsLabel
[04/05/2007|20:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[03/07/2008|18:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
[16/03/2007|21:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Logitech
[10/03/2007|12:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[28/10/2007|20:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Media Player Classic
[19/01/2009|17:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[29/08/2008|21:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[22/11/2008|02:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\MSN6
[21/08/2003|03:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
[05/12/2007|16:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\SecuROM
[07/10/2008|19:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
[31/10/2007|17:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[21/08/2003|05:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[28/10/2008|17:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\SystemRequirementsLab
[18/04/2009|14:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\teamspeak2
[19/03/2007|21:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[11/11/2007|22:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\WhenU
[21/08/2008|11:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Desktop Search
[23/08/2008|00:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Search
[12/04/2008|22:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR

[27/12/2008|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/10/2008|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[15/10/2008|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[09/11/2007|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[17/01/2009|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[08/12/2008|02:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CCP
[31/08/2007|04:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/07/2007|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[21/08/2003|01:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[30/04/2009|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[05/04/2008|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[16/02/2009|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/11/2007|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[07/03/2007|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[01/04/2007|23:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[20/08/2003|23:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[13/03/2009|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[11/01/2008|01:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[25/12/2007|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[07/04/2007|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/03/2007|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[13/01/2008|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[22/11/2008|02:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[21/08/2003|01:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[20/08/2003|23:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[21/08/2003|01:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[20/08/2003|23:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[21/08/2003|03:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[21/08/2003|01:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[21/08/2003|05:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[21/08/2008|11:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[20/08/2003|23:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[05/05/2009 21:14][--a------] C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[11/02/2009 09:56][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[20/08/2003 00:47][-rah-----] C:\WINDOWS\tasks\desktop.ini
[05/05/2009 17:40][--ah-----] C:\WINDOWS\tasks\SA.DAT

--------------------\\ Listing des dossiers dans C:\Program Files

[05/12/2007|16:37] C:\Program Files\2K Games
[27/12/2008|20:42] C:\Program Files\Adobe
[07/10/2008|19:28] C:\Program Files\Ahead
[11/01/2008|04:43] C:\Program Files\AlienGUIse
[08/03/2007|20:48] C:\Program Files\Alwil Software
[15/10/2008|19:56] C:\Program Files\Apple Software Update
[05/02/2007|10:38] C:\Program Files\Arcsoft
[16/10/2008|20:26] C:\Program Files\Atari
[11/01/2008|00:32] C:\Program Files\ATI Technologies
[13/04/2008|15:36] C:\Program Files\AxBx
[09/11/2007|15:34] C:\Program Files\Azureus
[07/04/2008|16:30] C:\Program Files\CA Yahoo! Anti-Spy
[05/04/2008|18:22] C:\Program Files\CCleaner
[08/12/2008|02:04] C:\Program Files\CCP
[04/07/2007|23:23] C:\Program Files\CFWebAdvancedU_BOBTV.FR
[04/05/2009|18:41] C:\Program Files\Circle Developement
[13/04/2008|14:41] C:\Program Files\Common Files
[20/08/2003|23:43] C:\Program Files\ComPlus Applications
[02/03/2008|16:05] C:\Program Files\Creative
[12/11/2007|15:42] C:\Program Files\DAEMON Tools
[09/04/2008|18:17] C:\Program Files\directx
[30/04/2009|14:35] C:\Program Files\Dofus
[14/11/2008|21:22] C:\Program Files\Doom 3
[22/07/2007|23:00] C:\Program Files\EA GAMES
[17/04/2008|00:17] C:\Program Files\Easy Internet signup
[06/04/2008|20:07] C:\Program Files\Electronic Arts
[16/04/2009|13:27] C:\Program Files\emule
[30/04/2009|14:18] C:\Program Files\Fichiers communs
[23/09/2007|22:56] C:\Program Files\Foolish Entertainment
[19/10/2008|17:57] C:\Program Files\Full Tilt Poker
[11/01/2008|02:07] C:\Program Files\GameFace Messenger
[12/03/2007|19:58] C:\Program Files\GameSpy
[06/09/2007|17:24] C:\Program Files\Google
[02/05/2007|20:57] C:\Program Files\Grisoft
[21/08/2003|01:18] C:\Program Files\Hewlett-Packard
[16/06/2008|15:44] C:\Program Files\Hits Collection
[21/08/2003|01:08] C:\Program Files\HP
[24/12/2007|20:55] C:\Program Files\id Software
[30/04/2009|14:18] C:\Program Files\InstallShield Installation Information
[11/01/2008|01:02] C:\Program Files\Intel
[16/04/2009|04:31] C:\Program Files\Internet Explorer
[21/08/2003|01:32] C:\Program Files\InterVideo
[02/04/2009|22:27] C:\Program Files\Java
[21/08/2003|04:03] C:\Program Files\Java Web Start
[04/11/2007|17:09] C:\Program Files\K-Lite Codec Pack
[12/04/2008|17:50] C:\Program Files\Konami
[04/05/2007|20:17] C:\Program Files\Lavasoft
[03/07/2008|18:06] C:\Program Files\LimeWire
[16/03/2007|21:49] C:\Program Files\Logitech
[13/04/2008|16:05] C:\Program Files\Lopxp
[30/04/2009|13:47] C:\Program Files\ma-config.com
[25/03/2008|21:00] C:\Program Files\Mafia
[19/05/2007|19:03] C:\Program Files\Maxis
[21/08/2008|11:10] C:\Program Files\Messenger
[22/02/2009|16:40] C:\Program Files\Messenger Plus! Live
[19/01/2009|17:47] C:\Program Files\Microsoft
[20/08/2003|23:50] C:\Program Files\microsoft frontpage
[27/12/2008|15:07] C:\Program Files\Microsoft Office
[21/08/2003|01:48] C:\Program Files\Microsoft Picture It! 7
[01/11/2007|19:50] C:\Program Files\Microsoft Platform SDK
[27/02/2009|22:17] C:\Program Files\Microsoft Silverlight
[13/01/2008|14:03] C:\Program Files\Microsoft SQL Server Compact Edition
[01/11/2007|19:46] C:\Program Files\Microsoft Visual Studio .NET 2003
[21/08/2003|01:46] C:\Program Files\Microsoft Works
[21/08/2003|01:42] C:\Program Files\Microsoft Works Suite 2003
[21/08/2008|10:35] C:\Program Files\Movie Maker
[05/05/2009|21:52] C:\Program Files\Mozilla Firefox
[17/11/2007|13:24] C:\Program Files\MSBuild
[11/11/2008|03:03] C:\Program Files\MSECACHE
[20/08/2003|23:43] C:\Program Files\MSN
[20/08/2003|23:41] C:\Program Files\MSN Gaming Zone
[25/12/2007|20:07] C:\Program Files\MSN Messenger
[02/04/2007|18:02] C:\Program Files\MSXML 4.0
[17/11/2007|13:26] C:\Program Files\MSXML 6.0
[05/02/2007|01:44] C:\Program Files\Multimedia Card Reader
[16/03/2007|22:11] C:\Program Files\MUSICMATCH
[22/06/2007|19:55] C:\Program Files\My Company Name
[21/08/2008|10:31] C:\Program Files\NetMeeting
[21/08/2008|10:31] C:\Program Files\Outlook Express
[15/10/2008|19:57] C:\Program Files\QuickTime
[20/08/2008|17:08] C:\Program Files\Realtek
[21/08/2003|01:33] C:\Program Files\RecordNow!
[17/11/2007|13:20] C:\Program Files\Reference Assemblies
[28/03/2007|16:20] C:\Program Files\Rockstar Games
[13/01/2008|15:27] C:\Program Files\SEC
[21/08/2003|04:06] C:\Program Files\Services en ligne
[25/12/2007|03:55] C:\Program Files\Setup
[03/09/2008|18:08] C:\Program Files\Sierra Entertainment
[25/05/2007|22:56] C:\Program Files\Sophos
[13/03/2009|20:49] C:\Program Files\Spybot - Search & Destroy
[08/08/2008|20:23] C:\Program Files\Sun
[03/05/2007|21:21] C:\Program Files\Sunbelt Software
[11/01/2008|01:33] C:\Program Files\Symantec
[28/10/2008|17:54] C:\Program Files\SystemRequirementsLab
[13/05/2008|21:33] C:\Program Files\TeamSpeak 3
[01/07/2007|23:23] C:\Program Files\Teamspeak2_RC2
[12/01/2008|05:19] C:\Program Files\TeamSpeak3
[05/05/2009|19:47] C:\Program Files\Trend Micro
[20/08/2003|23:55] C:\Program Files\Uninstall Information
[09/04/2008|18:02] C:\Program Files\Universal Interactive
[19/03/2007|21:50] C:\Program Files\VideoLAN
[25/05/2007|14:07] C:\Program Files\VirusTotalUploader
[30/04/2009|14:18] C:\Program Files\vtplus
[25/12/2007|17:52] C:\Program Files\WinAce
[21/08/2008|11:08] C:\Program Files\Windows Desktop Search
[16/02/2009|21:48] C:\Program Files\Windows Live
[13/01/2008|14:02] C:\Program Files\Windows Live Favorites
[10/01/2009|01:17] C:\Program Files\Windows Live Safety Center
[16/02/2009|21:44] C:\Program Files\Windows Live Toolbar
[21/08/2008|10:49] C:\Program Files\Windows Media Player
[21/08/2008|10:31] C:\Program Files\Windows NT
[11/01/2008|01:32] C:\Program Files\WindowsUpdate
[12/04/2008|22:47] C:\Program Files\WinRAR
[30/04/2009|16:24] C:\Program Files\WinTV
[24/01/2009|02:57] C:\Program Files\WowCartographe
[20/08/2003|23:50] C:\Program Files\xerox
[12/04/2008|17:31] C:\Program Files\Xplosiv
[06/10/2008|20:26] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[27/12/2008|20:42] C:\Program Files\Fichiers communs\Adobe
[15/10/2008|19:57] C:\Program Files\Fichiers communs\Apple
[22/06/2007|19:50] C:\Program Files\Fichiers communs\ATI Technologies
[17/01/2009|18:55] C:\Program Files\Fichiers communs\Blizzard Entertainment
[30/04/2009|14:09] C:\Program Files\Fichiers communs\Creative Labs Shared
[21/08/2003|01:45] C:\Program Files\Fichiers communs\Designer
[21/08/2003|01:04] C:\Program Files\Fichiers communs\HP
[21/08/2003|03:54] C:\Program Files\Fichiers communs\InstallShield
[30/04/2009|14:18] C:\Program Files\Fichiers communs\IviSDK
[14/10/2007|02:04] C:\Program Files\Fichiers communs\Java
[16/03/2007|21:48] C:\Program Files\Fichiers communs\Logitech
[27/12/2008|15:07] C:\Program Files\Fichiers communs\Microsoft Shared
[20/08/2003|23:45] C:\Program Files\Fichiers communs\MSSoap
[21/08/2003|00:37] C:\Program Files\Fichiers communs\ODBC
[16/10/2008|20:38] C:\Program Files\Fichiers communs\PocketSoft
[07/04/2008|16:28] C:\Program Files\Fichiers communs\Scanner
[20/08/2003|23:45] C:\Program Files\Fichiers communs\Services
[21/08/2003|01:33] C:\Program Files\Fichiers communs\Sonic
[21/08/2003|00:37] C:\Program Files\Fichiers communs\SpeechEngines
[03/11/2007|06:13] C:\Program Files\Fichiers communs\Stardock
[11/01/2008|01:33] C:\Program Files\Fichiers communs\Symantec Shared
[21/08/2008|10:31] C:\Program Files\Fichiers communs\System
[19/01/2009|00:48] C:\Program Files\Fichiers communs\Windows Live
[25/12/2007|20:27] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 68 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsj7F.tmp
C:\Program Files\Circle Developement

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 10476 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-05 22:00:54
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 9

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:383][D:65]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[F:26][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:869][D:9]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 05/05/2009|22:03 - Option : [1]

--------------------\\ Fin du rapport a 22:03:30

Voici le nouveau rapport :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : BIOS Date: 08/27/04 11:09:23 Ver: 08.00.09
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090505-0] 4.8.1335 (Activated)
Firewall : Sunbelt Personal Firewall 4.5.916 T (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:67 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [3] ( 05/05/2009|22:46 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsj7F.tmp
Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[21/01/2009|23:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Acreon
[27/12/2008|20:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[15/10/2008|20:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[05/03/2007|21:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\ArcSoft
[17/10/2008|16:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Atari
[10/01/2008|21:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
[23/11/2007|20:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Azureus
[19/01/2009|19:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Bioshock
[04/07/2007|23:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\CamfrogWEB
[13/01/2008|21:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Canon
[30/04/2009|14:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Creative
[18/10/2007|14:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\GetRight
[17/10/2007|20:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\GetRightToGo
[31/08/2007|04:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[26/08/2008|19:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Hamachi
[22/06/2007|21:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[20/08/2003|23:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[05/12/2007|16:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\InstallShield
[17/03/2007|14:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterVideo
[29/03/2007|20:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\ItsLabel
[04/05/2007|20:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[03/07/2008|18:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
[16/03/2007|21:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Logitech
[10/03/2007|12:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[28/10/2007|20:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Media Player Classic
[19/01/2009|17:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[29/08/2008|21:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[22/11/2008|02:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\MSN6
[21/08/2003|03:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
[05/12/2007|16:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\SecuROM
[07/10/2008|19:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
[31/10/2007|17:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[21/08/2003|05:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[28/10/2008|17:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\SystemRequirementsLab
[18/04/2009|14:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\teamspeak2
[19/03/2007|21:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[11/11/2007|22:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\WhenU
[21/08/2008|11:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Desktop Search
[23/08/2008|00:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Search
[12/04/2008|22:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR

[27/12/2008|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/10/2008|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[15/10/2008|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[09/11/2007|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[17/01/2009|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[08/12/2008|02:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CCP
[31/08/2007|04:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/07/2007|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[21/08/2003|01:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[30/04/2009|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[05/04/2008|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[16/02/2009|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/11/2007|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[07/03/2007|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[01/04/2007|23:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[20/08/2003|23:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[13/03/2009|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[11/01/2008|01:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[25/12/2007|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[07/04/2007|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/03/2007|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[13/01/2008|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[22/11/2008|02:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[21/08/2003|01:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[20/08/2003|23:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[21/08/2003|01:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[20/08/2003|23:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[21/08/2003|03:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[21/08/2003|01:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[21/08/2003|05:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[21/08/2008|11:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[20/08/2003|23:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[05/05/2009 22:14][--a------] C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[11/02/2009 09:56][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[20/08/2003 00:47][-rah-----] C:\WINDOWS\tasks\desktop.ini
[05/05/2009 17:40][--ah-----] C:\WINDOWS\tasks\SA.DAT

--------------------\\ Listing des dossiers dans C:\Program Files

[05/12/2007|16:37] C:\Program Files\2K Games
[27/12/2008|20:42] C:\Program Files\Adobe
[07/10/2008|19:28] C:\Program Files\Ahead
[11/01/2008|04:43] C:\Program Files\AlienGUIse
[08/03/2007|20:48] C:\Program Files\Alwil Software
[15/10/2008|19:56] C:\Program Files\Apple Software Update
[05/02/2007|10:38] C:\Program Files\Arcsoft
[16/10/2008|20:26] C:\Program Files\Atari
[11/01/2008|00:32] C:\Program Files\ATI Technologies
[13/04/2008|15:36] C:\Program Files\AxBx
[09/11/2007|15:34] C:\Program Files\Azureus
[07/04/2008|16:30] C:\Program Files\CA Yahoo! Anti-Spy
[05/04/2008|18:22] C:\Program Files\CCleaner
[08/12/2008|02:04] C:\Program Files\CCP
[04/07/2007|23:23] C:\Program Files\CFWebAdvancedU_BOBTV.FR
[13/04/2008|14:41] C:\Program Files\Common Files
[20/08/2003|23:43] C:\Program Files\ComPlus Applications
[02/03/2008|16:05] C:\Program Files\Creative
[12/11/2007|15:42] C:\Program Files\DAEMON Tools
[09/04/2008|18:17] C:\Program Files\directx
[30/04/2009|14:35] C:\Program Files\Dofus
[14/11/2008|21:22] C:\Program Files\Doom 3
[22/07/2007|23:00] C:\Program Files\EA GAMES
[17/04/2008|00:17] C:\Program Files\Easy Internet signup
[06/04/2008|20:07] C:\Program Files\Electronic Arts
[16/04/2009|13:27] C:\Program Files\emule
[30/04/2009|14:18] C:\Program Files\Fichiers communs
[23/09/2007|22:56] C:\Program Files\Foolish Entertainment
[19/10/2008|17:57] C:\Program Files\Full Tilt Poker
[11/01/2008|02:07] C:\Program Files\GameFace Messenger
[12/03/2007|19:58] C:\Program Files\GameSpy
[06/09/2007|17:24] C:\Program Files\Google
[02/05/2007|20:57] C:\Program Files\Grisoft
[21/08/2003|01:18] C:\Program Files\Hewlett-Packard
[16/06/2008|15:44] C:\Program Files\Hits Collection
[21/08/2003|01:08] C:\Program Files\HP
[24/12/2007|20:55] C:\Program Files\id Software
[30/04/2009|14:18] C:\Program Files\InstallShield Installation Information
[11/01/2008|01:02] C:\Program Files\Intel
[16/04/2009|04:31] C:\Program Files\Internet Explorer
[21/08/2003|01:32] C:\Program Files\InterVideo
[02/04/2009|22:27] C:\Program Files\Java
[21/08/2003|04:03] C:\Program Files\Java Web Start
[04/11/2007|17:09] C:\Program Files\K-Lite Codec Pack
[12/04/2008|17:50] C:\Program Files\Konami
[04/05/2007|20:17] C:\Program Files\Lavasoft
[03/07/2008|18:06] C:\Program Files\LimeWire
[16/03/2007|21:49] C:\Program Files\Logitech
[13/04/2008|16:05] C:\Program Files\Lopxp
[30/04/2009|13:47] C:\Program Files\ma-config.com
[25/03/2008|21:00] C:\Program Files\Mafia
[19/05/2007|19:03] C:\Program Files\Maxis
[21/08/2008|11:10] C:\Program Files\Messenger
[22/02/2009|16:40] C:\Program Files\Messenger Plus! Live
[19/01/2009|17:47] C:\Program Files\Microsoft
[20/08/2003|23:50] C:\Program Files\microsoft frontpage
[27/12/2008|15:07] C:\Program Files\Microsoft Office
[21/08/2003|01:48] C:\Program Files\Microsoft Picture It! 7
[01/11/2007|19:50] C:\Program Files\Microsoft Platform SDK
[27/02/2009|22:17] C:\Program Files\Microsoft Silverlight
[13/01/2008|14:03] C:\Program Files\Microsoft SQL Server Compact Edition
[01/11/2007|19:46] C:\Program Files\Microsoft Visual Studio .NET 2003
[21/08/2003|01:46] C:\Program Files\Microsoft Works
[21/08/2003|01:42] C:\Program Files\Microsoft Works Suite 2003
[21/08/2008|10:35] C:\Program Files\Movie Maker
[05/05/2009|22:40] C:\Program Files\Mozilla Firefox
[17/11/2007|13:24] C:\Program Files\MSBuild
[11/11/2008|03:03] C:\Program Files\MSECACHE
[20/08/2003|23:43] C:\Program Files\MSN
[20/08/2003|23:41] C:\Program Files\MSN Gaming Zone
[25/12/2007|20:07] C:\Program Files\MSN Messenger
[02/04/2007|18:02] C:\Program Files\MSXML 4.0
[17/11/2007|13:26] C:\Program Files\MSXML 6.0
[05/02/2007|01:44] C:\Program Files\Multimedia Card Reader
[16/03/2007|22:11] C:\Program Files\MUSICMATCH
[22/06/2007|19:55] C:\Program Files\My Company Name
[21/08/2008|10:31] C:\Program Files\NetMeeting
[21/08/2008|10:31] C:\Program Files\Outlook Express
[15/10/2008|19:57] C:\Program Files\QuickTime
[20/08/2008|17:08] C:\Program Files\Realtek
[21/08/2003|01:33] C:\Program Files\RecordNow!
[17/11/2007|13:20] C:\Program Files\Reference Assemblies
[28/03/2007|16:20] C:\Program Files\Rockstar Games
[13/01/2008|15:27] C:\Program Files\SEC
[21/08/2003|04:06] C:\Program Files\Services en ligne
[25/12/2007|03:55] C:\Program Files\Setup
[03/09/2008|18:08] C:\Program Files\Sierra Entertainment
[25/05/2007|22:56] C:\Program Files\Sophos
[13/03/2009|20:49] C:\Program Files\Spybot - Search & Destroy
[08/08/2008|20:23] C:\Program Files\Sun
[03/05/2007|21:21] C:\Program Files\Sunbelt Software
[11/01/2008|01:33] C:\Program Files\Symantec
[28/10/2008|17:54] C:\Program Files\SystemRequirementsLab
[13/05/2008|21:33] C:\Program Files\TeamSpeak 3
[01/07/2007|23:23] C:\Program Files\Teamspeak2_RC2
[12/01/2008|05:19] C:\Program Files\TeamSpeak3
[05/05/2009|19:47] C:\Program Files\Trend Micro
[20/08/2003|23:55] C:\Program Files\Uninstall Information
[09/04/2008|18:02] C:\Program Files\Universal Interactive
[19/03/2007|21:50] C:\Program Files\VideoLAN
[25/05/2007|14:07] C:\Program Files\VirusTotalUploader
[30/04/2009|14:18] C:\Program Files\vtplus
[25/12/2007|17:52] C:\Program Files\WinAce
[21/08/2008|11:08] C:\Program Files\Windows Desktop Search
[16/02/2009|21:48] C:\Program Files\Windows Live
[13/01/2008|14:02] C:\Program Files\Windows Live Favorites
[10/01/2009|01:17] C:\Program Files\Windows Live Safety Center
[16/02/2009|21:44] C:\Program Files\Windows Live Toolbar
[21/08/2008|10:49] C:\Program Files\Windows Media Player
[21/08/2008|10:31] C:\Program Files\Windows NT
[11/01/2008|01:32] C:\Program Files\WindowsUpdate
[12/04/2008|22:47] C:\Program Files\WinRAR
[30/04/2009|16:24] C:\Program Files\WinTV
[24/01/2009|02:57] C:\Program Files\WowCartographe
[20/08/2003|23:50] C:\Program Files\xerox
[12/04/2008|17:31] C:\Program Files\Xplosiv
[06/10/2008|20:26] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[27/12/2008|20:42] C:\Program Files\Fichiers communs\Adobe
[15/10/2008|19:57] C:\Program Files\Fichiers communs\Apple
[22/06/2007|19:50] C:\Program Files\Fichiers communs\ATI Technologies
[17/01/2009|18:55] C:\Program Files\Fichiers communs\Blizzard Entertainment
[30/04/2009|14:09] C:\Program Files\Fichiers communs\Creative Labs Shared
[21/08/2003|01:45] C:\Program Files\Fichiers communs\Designer
[21/08/2003|01:04] C:\Program Files\Fichiers communs\HP
[21/08/2003|03:54] C:\Program Files\Fichiers communs\InstallShield
[30/04/2009|14:18] C:\Program Files\Fichiers communs\IviSDK
[14/10/2007|02:04] C:\Program Files\Fichiers communs\Java
[16/03/2007|21:48] C:\Program Files\Fichiers communs\Logitech
[27/12/2008|15:07] C:\Program Files\Fichiers communs\Microsoft Shared
[20/08/2003|23:45] C:\Program Files\Fichiers communs\MSSoap
[21/08/2003|00:37] C:\Program Files\Fichiers communs\ODBC
[16/10/2008|20:38] C:\Program Files\Fichiers communs\PocketSoft
[07/04/2008|16:28] C:\Program Files\Fichiers communs\Scanner
[20/08/2003|23:45] C:\Program Files\Fichiers communs\Services
[21/08/2003|01:33] C:\Program Files\Fichiers communs\Sonic
[21/08/2003|00:37] C:\Program Files\Fichiers communs\SpeechEngines
[03/11/2007|06:13] C:\Program Files\Fichiers communs\Stardock
[11/01/2008|01:33] C:\Program Files\Fichiers communs\Symantec Shared
[21/08/2008|10:31] C:\Program Files\Fichiers communs\System
[19/01/2009|00:48] C:\Program Files\Fichiers communs\Windows Live
[25/12/2007|20:27] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 66 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 10476 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-05 22:51:47
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 9

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:383][D:66]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[F:26][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:869][D:9]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 05/05/2009|22:03 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 05/05/2009|22:53 - Option : [3]

--------------------\\ Fin du rapport a 22:53:59

voici le rapport de malwarebytes :

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2079
Windows 5.1.2600 Service Pack 3

06/05/2009 00:44:56
mbam-log-2009-05-06 (00-44-56).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 260275
Temps écoulé: 1 hour(s), 5 minute(s), 26 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3 (Adware.Zango) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

voici les 2 rapports RSIT demandés :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-05-06 18:43:42
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 69 GB (47%) free of 147 GB
Total RAM: 1535 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:44:00, on 06/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\System32\rsvp.exe
C:\program files\mozilla firefox\firefox.exe
C:\Documents and Settings\Administrateur\Mes documents\Mes fichiers reçus\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Heck Glue] C:\DOCUME~1\ADMINI~1\APPLIC~1\INFOKE~1\BOOB BIAS.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
O4 - Startup: NaturalColorLoad.lnk = ?
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D1CB5E2-D519-4E54-89C5-DB326AFFF50B}: NameServer = 212.27.40.240,212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{1D1CB5E2-D519-4E54-89C5-DB326AFFF50B}: NameServer = 212.27.40.240,212.27.40.241
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

Le voici :

info.txt logfile of random's system information tool 1.06 2009-05-06 18:44:05

======Uninstall list======

-->"C:\Program Files\Creative\SBAudigy2ZS\Program\Ctzapxx.EXE" /W /U /S /L:FRN
-->"C:\Program Files\Creative\SBAudigy2ZS\Program\SETUP.EXE" /S /U /W /L:FRN
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{236FADD8-58FD-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{236FADD8-58FD-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5933921D-4253-40B6-B4D9-B7D680F1B6EC}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5933921D-4253-40B6-B4D9-B7D680F1B6EC}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87499F38-FD69-4A2B-B41A-BAB8DE9B94FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9154ED7C-926E-49CC-B677-0CF3C5267457}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9154ED7C-926E-49CC-B677-0CF3C5267457}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
AlienGUIse Theme Manager-->C:\PROGRA~1\ALIENG~1\thememgr.exe /uninstallwise
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft ShowBiz 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}\setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ASUS Utilities-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{43C67D92-F56E-4729-8673-9A2D5A6036F8} /l1036
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->MsiExec.exe /I{B9EEA623-5396-4489-B542-6E6606286DD6}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Parental Control & Encoder-->MsiExec.exe /I{9862B19F-4CAD-4EED-920F-2F378D84393F}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVG Anti-Spyware 7.5-->C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
AVIVO Codecs-->MsiExec.exe /X{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}
Battlefield 2142-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}\setup.exe" -l0x40c -removeonly
BF2142 1.40 Clan mod v 3.0-->C:\Program Files\Electronic Arts\Battlefield 2142\Uninstall_clanmod.exe
BF2142 1.50 Clan mod v 3.02-->C:\Program Files\Electronic Arts\Battlefield 2142\Uninstall_clanmod.exe
BioShock-->C:\Program Files\InstallShield Installation Information\{E280923D-C5D9-4728-8C79-AC9A0DC75875}\Setup.exe -runfromtemp -l0x040c -removeonly
CA Yahoo! Anti-Spy (remove only)-->"C:\Program Files\CA Yahoo! Anti-Spy\uninstall.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{F6B1CD0F-DB2D-4666-A168-C46390AD8C4A}
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{0613467F-A45E-4CB1-9ECE-1F3DD79FB927} /l1036
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Creative Audio Console-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove
Creative Audio Console-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x40c /remove
Creative MediaSource-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\SETUP.EXE" -l0x40c /remove
Creative System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87499F38-FD69-4A2B-B41A-BAB8DE9B94FE}\setup.exe" -l0x40c /remove
Démonstration Mise en route-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{77ACE67A-0D21-4CEF-8A97-ED20A61B978B}\setup.exe" -l0x40c
Dofus 1.27.0-->C:\Program Files\Dofus\uninstall.exe
EAX Unified-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu"
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EVE-ONLINE (remove only)-->C:\Program Files\CCP\EVE\Uninstall.exe
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Hauppauge French Help Files and Resources-->C:\PROGRA~1\WinTV\UNHLPfra.EXE C:\PROGRA~1\WinTV\WTV2Kfra.LOG
Hauppauge WinTV Radio-->C:\PROGRA~1\WinTV\UNrad32.EXE C:\PROGRA~1\WinTV\RADIO32.LOG
Hauppauge WinTV Scheduler-->C:\PROGRA~1\WinTV\\SCHEDU~1\uniSCHED.exe C:\PROGRA~1\WinTV\\SCHEDU~1\uniSCHED.log
Hauppauge WinTV-->C:\PROGRA~1\WinTV\UNTV6.EXE C:\PROGRA~1\WinTV\WINTV6.LOG
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format SDK (KB902344)-->"C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Photo & Imaging 3.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photo and Imaging 2.0 - Photosmart Cameras-->MsiExec.exe /X{5D7F0A0E-369E-46C0-9F99-FAB21A064781}
HP Software Update-->MsiExec.exe /X{C05E10AC-BD86-4564-9D16-EF11D7314FB2}
HPImageZone-->MsiExec.exe /X{11946FA8-329A-4DDF-B867-A32781FED8EE}
Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
InterVideo FilterSDK for Hauppauge-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2227E1FA-01F5-483C-AB0E-2A308E900B3D}\setup.exe" REMOVEALL
InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
Java 2 Runtime Environment, SE v1.4.1_02-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFCE5837-FC21-11D6-9D24-00010240CE95}\setup.exe" Anytext
Java Web Start-->"C:\Program Files\Java Web Start\uninst-javaws.exe"
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
KBD-->C:\HP\KBD\KBD.EXE uninstalled
LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.80 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Ma-Config.com-->MsiExec.exe /X{E780E536-16CE-4CD1-8FE0-2D5E52FAA65B}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Picture It! Photo 7.0-->MsiExec.exe /I{369B36BE-3D64-4641-9AEA-808D436FE132}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Microsoft Works 7.0-->MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951618-v2)-->"C:\WINDOWS\$NtUninstallKB951618-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.10)-->C:\program files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Multi Virus Cleaner 2008-->"C:\Program Files\AxBx\Multi Virus Cleaner 2008\unins000.exe"
Multimedia Card Reader-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E05895C5-FE97-4334-8D73-B0089FD07CE3}
Natural Color-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}\setup.exe"
Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Photosmart 140,240,7200,7600,7700,7900 Series-->C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat
Pilotes Canon MP-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58F8C6D9-5B55-486A-A322-4E8D87670031}\Setup.exe" -l0x40c -Uninstall
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
REALTEK GbE & FE Ethernet PCI NIC Driver-->C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x040c -removeonly
RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
RollerCoaster Tycoon® 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\Setup.exe" -l0x40c
Sélecteur d'installation de Microsoft Works Suite 2003-->C:\Program Files\Microsoft Works Suite 2003\Setup\Launcher.exe E:\
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SimCity 4 Deluxe-->C:\Program Files\Maxis\SimCity 4 Deluxe\EAUninstall.exe
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Sound Blaster Audigy 2 ZS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E2514D9-DC24-4634-B348-61F3EF0F1628}\SETUP.EXE" -l0x40c
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Sunbelt Personal Firewall-->MsiExec.exe /X{BFD080F6-3BF0-40E1-9507-9CA969C35870}
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
TeamSpeak 3-->C:\Program Files\TeamSpeak 3\uninstall.exe
TimeShift-->C:\Program Files\InstallShield Installation Information\{1367FA2F-2B3D-430F-872F-588B93420BFC}\setup.exe -runfromtemp -l0x040c -removeonly
VTPlus32 pour WinTV (French)-->C:\PROGRA~1\vtplus\UNVTplus.exe C:\PROGRA~1\vtplus\VTPlus.LOG
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
Wow Cartographe 1.09-->C:\Program Files\WowCartographe\uninst.exe
XviD MPEG-4 Video Codec-->C:\WINDOWS\System32\rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:\WINDOWS\INF\xvid.inf
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Hosts File======

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090505-0]
FW: Sunbelt Personal Firewall

======System event log======

Computer Name: ORDI-DAMIEN
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

Record Number: 30802
Source Name: Service Control Manager
Time Written: 20090321232939.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ORDI-DAMIEN
Event Code: 7036
Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.

Record Number: 30801
Source Name: Service Control Manager
Time Written: 20090321164642.000000+060
Event Type: Informations
User:

Computer Name: ORDI-DAMIEN
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l'état : arrêté.

Record Number: 30800
Source Name: Service Control Manager
Time Written: 20090321164641.000000+060
Event Type: Informations
User:

Computer Name: ORDI-DAMIEN
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l'état : en cours d'exécution.

Record Number: 30799
Source Name: Service Control Manager
Time Written: 20090321164640.000000+060
Event Type: Informations
User:

Computer Name: ORDI-DAMIEN
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Carte de performance WMI.

Record Number: 30798
Source Name: Service Control Manager
Time Written: 20090321164640.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

=====Application event log=====

Computer Name: ORDI-DAMIEN
Event Code: 105
Message: The service was started.

Record Number: 8148
Source Name: Creative Service for CDROM Access
Time Written: 20090129090033.000000+060
Event Type: Informations
User:

Computer Name: ORDI-DAMIEN
Event Code: 101
Message: MsnMsgr (1236) Le moteur de base de données est arrêté.

Record Number: 8147
Source Name: ESENT
Time Written: 20090128172916.000000+060
Event Type: Informations
User:

Computer Name: ORDI-DAMIEN
Event Code: 103
Message: MsnMsgr (1236) \\.\C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\sebastien.t.95@hotmail.fr\SharingMetadata\Working\database_400C_A599_CA5_8B0C\dfsr.db: Le moteur de base de données a arrêté une instance (0).

Record Number: 8146
Source Name: ESENT
Time Written: 20090128172916.000000+060
Event Type: Informations
User:

Computer Name: ORDI-DAMIEN
Event Code: 302
Message: MsnMsgr (1236) \\.\C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\sebastien.t.95@hotmail.fr\SharingMetadata\Working\database_400C_A599_CA5_8B0C\dfsr.db: Le moteur de base de données a exécuté la procédure de récupération avec succès.

Record Number: 8145
Source Name: ESENT
Time Written: 20090128151254.000000+060
Event Type: Informations
User:

Computer Name: ORDI-DAMIEN
Event Code: 301
Message: MsnMsgr (1236) \\.\C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\sebastien.t.95@hotmail.fr\SharingMetadata\Working\database_400C_A599_CA5_8B0C\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\sebastien.t.95@hotmail.fr\SharingMetadata\Working\database_400C_A599_CA5_8B0C\fsr.log.

Record Number: 8144
Source Name: ESENT
Time Written: 20090128151253.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;c:\Python22;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

rapport :

ComboFix 09-05-05.05 - Administrateur 06/05/2009 20:13.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1535.887 [GMT 2:00]
Lancé depuis: c:\documents and settings\Administrateur\Mes documents\Mes fichiers reçus\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090505-0] *On-access scanning disabled* (Updated)
FW: Sunbelt Personal Firewall *enabled*
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\patch.exe
C:\xcrashdump.dat

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-04-06 au 2009-05-06 ))))))))))))))))))))))))))))))))))))
.

2009-05-06 16:43 . 2009-05-06 16:44 -------- d-----w C:\rsit
2009-05-05 21:34 . 2009-05-05 21:34 -------- d-----w c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-05-05 21:34 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-05 21:34 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-05 21:34 . 2009-05-05 21:34 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-05 21:34 . 2009-05-05 21:34 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-05 19:54 . 2009-05-05 20:53 -------- d-----w C:\Lop SD
2009-04-30 12:18 . 2009-04-30 12:18 -------- d-----w c:\program files\vtplus
2009-04-30 12:18 . 2009-04-30 12:18 -------- d-----w c:\program files\Fichiers communs\IviSDK
2009-04-30 12:18 . 2006-05-08 07:55 28672 ----a-w c:\windows\system32\hcwsched.dll
2009-04-30 12:18 . 2006-01-25 15:38 69632 ----a-w c:\windows\system32\3DES.dll
2009-04-30 12:17 . 2006-05-08 07:54 65536 ----a-w c:\windows\system32\dmcrypto.dll
2009-04-30 12:16 . 2009-04-30 14:21 -------- d-----w C:\MyVideos
2009-04-30 12:16 . 2004-01-26 12:49 90190 ----a-w c:\windows\system32\Bt848WST.DLL
2009-04-30 12:16 . 2008-03-26 12:54 30720 ----a-w c:\windows\system32\hcwWinTVCI.dll
2009-04-30 12:16 . 2008-05-29 15:00 806985 ------w c:\windows\system32\hcwtvwnd.dll
2009-04-30 12:16 . 2008-04-22 12:53 163840 ----a-w c:\windows\system32\hcwChDB.dll
2009-04-30 12:16 . 2008-03-20 15:50 282680 ------w c:\windows\system32\hcwpnp32.dll
2009-04-30 12:16 . 1999-04-27 14:26 11264 ----a-w c:\windows\system32\hcwhook.dll
2009-04-30 12:16 . 2008-03-11 17:36 106552 ----a-w c:\windows\system32\hcwi2c32.dll
2009-04-30 12:16 . 2004-12-20 10:11 213050 ----a-w c:\windows\system32\hcwChan.dll
2009-04-30 12:16 . 2003-11-07 10:45 106559 ----a-w c:\windows\system32\hcwTVDlg.dll
2009-04-30 12:15 . 2001-07-19 06:44 393216 ----a-w c:\windows\system32\hcwsnbd9.dll
2009-04-30 12:15 . 2009-04-30 14:24 -------- d-----w c:\program files\WinTV
2009-04-30 12:12 . 2002-09-23 17:11 40960 ----a-w c:\windows\system32\hcwXDS.dll
2009-04-30 12:12 . 2009-04-30 12:12 -------- d-----w C:\Hauppauge
2009-04-30 12:09 . 2009-04-30 12:09 -------- d-----w c:\program files\Fichiers communs\Creative Labs Shared
2009-04-16 00:32 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 00:32 . 2009-03-06 14:20 286720 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-16 00:32 . 2009-02-09 11:23 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-16 00:32 . 2009-02-09 10:53 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 00:32 . 2009-02-09 10:53 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 00:32 . 2009-02-09 10:53 685568 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 00:32 . 2009-02-09 10:53 735744 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 00:32 . 2009-02-09 10:53 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 00:32 . 2009-02-09 10:53 739840 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 00:27 . 2008-12-16 12:31 354304 -c----w c:\windows\system32\dllcache\winhttp.dll
2009-04-16 00:24 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-05 17:47 . 2007-10-28 14:49 -------- d-----w c:\program files\Trend Micro
2009-05-02 17:35 . 2008-04-06 19:08 137992 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-05-02 17:29 . 2008-04-06 19:07 201816 ----a-w c:\windows\system32\PnkBstrB.exe
2009-04-30 12:35 . 2008-07-12 16:56 -------- d-----w c:\program files\Dofus
2009-04-30 12:18 . 2003-08-20 23:32 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-30 12:08 . 2008-08-20 14:26 444952 ----a-w c:\windows\system32\wrap_oal.dll
2009-04-30 12:08 . 2008-01-12 00:17 109080 ----a-w c:\windows\system32\OpenAL32.dll
2009-04-30 11:47 . 2008-08-20 14:11 -------- d-----w c:\program files\ma-config.com
2009-04-30 11:47 . 2008-08-20 14:11 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com
2009-04-16 18:28 . 2003-08-21 06:32 73366 ----a-w c:\windows\system32\perfc00C.dat
2009-04-16 18:28 . 2003-08-21 06:32 469070 ----a-w c:\windows\system32\perfh00C.dat
2009-04-16 11:27 . 2007-03-08 19:06 -------- d-----w c:\program files\emule
2009-04-02 20:27 . 2003-08-21 02:03 -------- d-----w c:\program files\Java
2009-03-28 20:59 . 2008-02-22 18:28 43520 ----a-w c:\windows\system32\CmdLineExt03.dll
2009-03-13 18:49 . 2007-05-04 18:30 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-09 03:19 . 2008-12-04 18:15 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-06 14:20 . 2003-08-21 06:31 286720 ----a-w c:\windows\system32\pdh.dll
2009-03-04 12:47 . 2009-03-04 12:47 15896 ----a-w c:\windows\system32\drivers\pfmodnt.sys
2009-03-04 12:46 . 2009-03-04 12:46 189464 ----a-w c:\windows\system32\drivers\haP17v2k.sys
2009-03-04 12:46 . 2009-03-04 12:46 162840 ----a-w c:\windows\system32\drivers\haP16v2k.sys
2009-03-04 12:46 . 2009-03-04 12:46 798744 ----a-w c:\windows\system32\drivers\ha10kx2k.sys
2009-03-04 12:46 . 2009-03-04 12:46 92696 ----a-w c:\windows\system32\drivers\emupia2k.sys
2009-03-04 12:46 . 2009-03-04 12:46 157208 ----a-w c:\windows\system32\drivers\ctsfm2k.sys
2009-03-04 12:45 . 2009-03-04 12:45 14360 ----a-w c:\windows\system32\drivers\ctprxy2k.sys
2009-03-04 12:45 . 2009-03-04 12:45 127512 ----a-w c:\windows\system32\drivers\ctoss2k.sys
2009-03-04 12:45 . 2009-03-04 12:45 1395992 ----a-w c:\windows\system32\drivers\CTMMFILT.SYS
2009-03-04 12:45 . 2009-03-04 12:45 18840 ----a-w c:\windows\system32\drivers\CTGAME.SYS
2009-03-04 12:44 . 2009-03-04 12:44 347080 ----a-w c:\windows\system32\drivers\ctdvda2k.sys
2009-03-04 12:44 . 2009-03-04 12:44 528408 ----a-w c:\windows\system32\drivers\ctaud2k.sys
2009-03-04 12:44 . 2009-03-04 12:44 511000 ----a-w c:\windows\system32\drivers\ctac32k.sys
2009-03-04 12:44 . 2009-03-04 12:44 1366424 ----a-w c:\windows\system32\drivers\CT0531FL.SYS
2009-03-04 12:42 . 2009-03-04 12:42 100888 ----a-w c:\windows\system32\drivers\CTERFXFX.sys
2009-03-04 12:42 . 2009-03-04 12:42 566296 ----a-w c:\windows\system32\drivers\CTSBLFX.sys
2009-03-04 12:42 . 2009-03-04 12:42 555032 ----a-w c:\windows\system32\drivers\CTAUDFX.sys
2009-03-04 12:42 . 2009-03-04 12:42 99352 ----a-w c:\windows\system32\drivers\COMMONFX.sys
2009-03-04 10:47 . 2009-03-04 10:47 43520 ----a-w c:\windows\system32\CTBurst.dll
2009-03-04 10:47 . 2009-03-04 10:47 11776 ----a-w c:\windows\system32\inres.dll
2009-03-04 10:47 . 2007-04-09 11:33 182272 ----a-w c:\windows\system32\ctdvinst.dll
2009-03-04 10:47 . 2007-04-09 11:33 86528 ----a-w c:\windows\system32\ctcoinst.dll
2009-03-04 10:46 . 2009-03-04 10:46 11776 ----a-w c:\windows\system32\ac3api.dll
2009-03-04 10:45 . 2009-03-04 10:45 38400 ----a-w c:\windows\system32\readreg.exe
2009-03-04 10:45 . 2009-03-04 10:45 37888 ----a-w c:\windows\system32\psconv.exe
2009-03-04 10:45 . 2009-03-04 10:45 19456 ----a-w c:\windows\system32\CtHelper.exe
2009-03-04 10:45 . 2009-03-04 10:45 8704 ----a-w c:\windows\system32\ctagent.dll
2009-03-04 10:45 . 2009-03-04 10:45 45568 ----a-w c:\windows\system32\ctspkhlp.dll
2009-03-04 10:45 . 2009-03-04 10:45 56832 ----a-w c:\windows\system32\CTpcmcia.dll
2009-03-04 10:45 . 2009-03-04 10:45 12800 ----a-w c:\windows\system32\ctmmep.dll
2009-03-04 10:45 . 2009-03-04 10:45 9216 ----a-w c:\windows\system32\ctpres.dll
2009-03-04 10:45 . 2009-03-04 10:45 32768 ----a-w c:\windows\system32\ctthxcal.dll
2009-03-04 10:44 . 2009-03-04 10:44 41472 ----a-w c:\windows\system32\ctscal.dll
2009-03-04 10:44 . 2009-03-04 10:44 131072 ----a-w c:\windows\system32\ctdcifce.dll
2009-03-04 10:44 . 2009-03-04 10:44 330752 ----a-w c:\windows\system32\ctdc0001.dll
2009-03-04 10:44 . 2009-03-04 10:44 227840 ----a-w c:\windows\system32\ctdc0000.dll
2009-03-04 10:44 . 2009-03-04 10:44 10240 ----a-w c:\windows\system32\ctdcres.dll
2009-03-04 10:33 . 2009-03-04 10:33 51787 ----a-w c:\windows\system32\ctdlang.dat
2009-03-04 10:33 . 2009-03-04 10:33 386852 ----a-w c:\windows\system32\ctdnlstr.dat
2009-03-04 10:33 . 2009-03-04 10:33 196096 ----a-w c:\windows\system32\ctemupia.dll
2009-03-04 10:30 . 2009-03-04 10:30 176128 ----a-w c:\windows\system32\ct_oal.dll
2009-03-04 10:30 . 2009-03-04 10:30 46592 ----a-w c:\windows\system32\ctasio.dll
2009-03-04 10:30 . 2009-03-04 10:30 49152 ----a-w c:\windows\system32\ctdproxy.dll
2009-03-04 10:29 . 2009-03-04 10:29 69632 ----a-w c:\windows\system32\ctosuser.dll
2009-03-04 10:29 . 2009-03-04 10:29 6144 ----a-w c:\windows\system32\sfman32.dll
2009-03-04 10:29 . 2009-03-04 10:29 125952 ----a-w c:\windows\system32\sfms32.dll
2009-03-04 10:28 . 2009-03-04 10:28 13312 ----a-w c:\windows\system32\regplib.exe
2009-03-04 10:28 . 2009-03-04 10:28 64512 ----a-w c:\windows\system32\piaproxy.dll
2009-03-04 10:28 . 2009-03-04 10:28 149838 ----a-w c:\windows\system32\ctbas2w.dat
2009-03-04 10:26 . 2009-03-04 10:26 274587 ----a-w c:\windows\system32\ctsbas2w.dat
2009-03-04 10:26 . 2009-03-04 10:26 241084 ----a-w c:\windows\system32\CTSBASW.DAT
2009-03-04 10:26 . 2009-03-04 10:26 115166 ----a-w c:\windows\system32\CTBASICW.DAT
2009-03-04 10:25 . 2009-03-04 10:25 53932 ----a-w c:\windows\system32\ctdaught.dat
2009-03-04 10:25 . 2009-03-04 10:25 313207 ----a-w c:\windows\system32\ctstatic.dat
2009-03-04 10:25 . 2009-03-04 10:25 5120 ----a-w c:\windows\system32\enlocstr.exe
2009-03-04 10:25 . 2009-03-04 10:25 10240 ----a-w c:\windows\system32\killapps.exe
2009-03-04 10:25 . 2009-03-04 10:25 28672 ----a-w c:\windows\system32\MIDIDEF.EXE
2009-03-04 10:25 . 2009-03-04 10:25 33792 ----a-w c:\windows\system32\devreg.dll
2009-03-03 00:13 . 2006-06-23 12:28 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-20 17:10 . 2008-01-12 14:33 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-13 12:50 . 2009-02-13 12:50 87712 ----a-w c:\windows\system32\ctpxst32.exe
2009-02-10 17:06 . 2008-01-11 18:56 2068096 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 14:05 . 2003-08-21 06:31 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:24 . 2008-01-10 21:11 2191104 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2003-08-21 06:31 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:53 . 2008-01-11 18:55 735744 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:53 . 2005-07-26 04:38 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:53 . 2003-08-21 06:31 739840 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:53 . 2003-08-21 06:30 685568 ----a-w c:\windows\system32\advapi32.dll
2009-02-06 10:39 . 2003-08-21 06:31 35328 ----a-w c:\windows\system32\sc.exe
2007-05-04 18:16 . 2007-05-04 18:16 2855080 ----a-w c:\program files\aawsepersonal.exe
2007-05-04 18:00 . 2007-05-04 18:00 11470608 ----a-w c:\program files\avgas-setup-7.5.0.50.exe
2005-08-16 13:44 . 2007-02-05 08:37 0 --sha-w c:\windows\SMINST\HPCD.SYS
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BackupNotify"="c:\program files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe" [2003-06-22 24576]
"RemoteCenter"="c:\program files\Creative\MediaSource\RemoteControl\RCMan.EXE" [2003-10-08 139264]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2008-04-14 50176]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"CamMonitor"="c:\program files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe" [2002-10-07 90112]
"HPHUPD05"="c:\program files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-05-23 49152]
"HPHmon05"="c:\windows\System32\hphmon05.exe" [2003-05-23 483328]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"StorageGuard"="c:\program files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-02-13 155648]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-13 212992]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-07-10 114688]
"Sunkist2k"="c:\program files\Multimedia Card Reader\shwicon2k.exe" [2003-08-09 139264]
"PS2"="c:\windows\system32\ps2.exe" [2002-10-16 81920]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 90112]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"CTSysVol"="c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"SBDrvDet"="c:\program files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 45056]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"NeroCheck"="c:\windows\system32\\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"CTHelper"="CTHELPER.EXE" - c:\windows\system32\CtHelper.exe [2009-03-04 19456]

c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Alienware Dock.lnk - c:\program files\AlienGUIse\AlienwareDock\ObjectDock.exe [2008-1-11 2074360]
NaturalColorLoad.lnk - c:\program files\SEC\Natural Color\NaturalColorLoad.exe [2008-1-13 155715]
Outil de notification Live Search.lnk - c:\documents and settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2009-1-19 143360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2003-6-13 233472]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-3-16 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\KEM.exe [2007-3-16 581632]
NaturalColorLoad.lnk - c:\program files\SEC\Natural Color\NaturalColorLoad.exe [2008-1-13 155715]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 22:34 24576 ----a-w c:\program files\AlienGUIse\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\emule\\emule.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\Sierra Entertainment\\TimeShift\\bin\\TimeShift.Exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Fichiers communs\\PocketSoft\\RTPatch\\AutoRTP\\artpschd.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\Binaries\\helpctr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6112:TCP"= 6112:TCP:Blizzard downloader
"3724:UDP"= 3724:UDP:Blizzard downloader

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [03/04/2008 18:03 114768]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26/04/2007 11:21 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26/04/2007 11:21 72624]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [03/04/2008 18:03 20560]
R2 PfDetNT;PfDetNT;c:\windows\system32\drivers\pfmodnt.sys [04/03/2009 14:47 15896]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [14/01/2009 18:53 226656]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [26/04/2007 10:21 1234480]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [04/03/2009 14:42 99352]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [04/03/2009 14:42 555032]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [04/03/2009 14:42 566296]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [04/03/2009 14:42 99352]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Fichiers communs\Creative Labs Shared\Service\CTAELicensing.exe [30/04/2009 14:09 79360]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [04/03/2009 14:42 555032]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [04/03/2009 14:42 100888]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [04/03/2009 14:42 100888]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [04/03/2009 14:42 566296]
S3 gkmixern;gkmixern;\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\gkmixern.sys --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\gkmixern.sys [?]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [21/04/2009 15:36 216232]
.
Contenu du dossier 'Tâches planifiées'

2009-02-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-05-06 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Heck Glue - c:\docume~1\ADMINI~1\APPLIC~1\INFOKE~1\BOOB BIAS.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://google.fr/
uDefault_Search_URL = hxxp://srch-fr9.hpwis.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://srch-fr9.hpwis.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
Trusted Zone: clubic.com\www
TCP: {1D1CB5E2-D519-4E54-89C5-DB326AFFF50B} = 212.27.40.240,212.27.40.241
FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ne6xtaq0.default\
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
FF - plugin: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\ne6xtaq0.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-06 20:19
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTHelper = CTHELPER.EXE?

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-3381462172-2251267874-774157113-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
@SACL=

[HKEY_USERS\S-1-5-21-3381462172-2251267874-774157113-500\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:4e,41,bf,b2,15,98,4d,af,31,c1,e2,cf,9e,f2,d4,4e,21,44,6a,20,cb,9d,ce,
d9,83,b4,b6,93,e6,d2,43,ca,f3,26,b5,aa,cb,44,76,f6,ce,ba,56,23,36,6c,89,34,\
"??"=hex:cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b,19,52,fe,22
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(844)
c:\windows\system32\Ati2evxx.dll
c:\program files\AlienGUIse\fastload.dll
.
Heure de fin: 2009-05-06 20:22
ComboFix-quarantined-files.txt 2009-05-06 18:22

Avant-CF: 72 275 132 416 octets libres
Après-CF: 72 580 792 320 octets libres

291 --- E O F --- 2009-04-16 02:31

je n'ai eu droit qu'à un rapport cette fois !! le voici, le log.txt :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-05-06 22:29:18
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 69 GB (47%) free of 147 GB
Total RAM: 1535 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:29:42, on 06/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\program files\mozilla firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
O4 - Startup: NaturalColorLoad.lnk = ?
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D1CB5E2-D519-4E54-89C5-DB326AFFF50B}: NameServer = 212.27.40.240,212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{1D1CB5E2-D519-4E54-89C5-DB326AFFF50B}: NameServer = 212.27.40.240,212.27.40.241
O20 - AppInit_DLLs: C:\WINDOWS\system32\wbsys.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

Ok, je ferai ça demain car là j'ai fermé l'ordi concerné (celui de mon fils qui dort).
Mais il me semble que antivir demande plus de surveillance et de mise à jour qu'avast ? car mon fils ayant un peu tendance à ne pas prendre le temps de passer d'antivirus et antispywares, je cherche le plus pratique pour lui. Mais ceci dit s'il est plus efficace, il faudra bien qu'il s'y mette !
Merci en attendant. Bonne nuit si ce n'est déjà en cours. A demain.

Voilà, j'ai fait la dernière opération et j'ai terminé en passant ccleaner. Mais je garde ton lien pour antivir sous la main car je le teste déjà sur mon ordi (AVG 8 -version 30 j gratuit- allait se terminer). C'est par erreur, en croyant télécharger une mise à jour pour mon AVG 7.5 que je l'avais téléchargé !! donc c'était l'occasion de le changer.
Cependant j'ai un souci car j'ai désinstallé AVG, puis passer ccleaner, mais en recherchant j'ai encore plein de fichiers AVG !!!! donc un que je ne peux même pas supprimer car ça me dit qu'il doit être en cours d'exécution, sans que je n'ai rien d'ouvert pourtant !! il s'agit du fichier : avg_free_stf_eu_85_278a1439.exe. Bizarre non ?

toujours même problème !

non non, avg remover inefficace apparemment (voir ton post 18)
Pour l'ordi de mon fils, ça semble ok. Je n'ai pas oté avast encore. J'expérimente d'abord antivir sur mon ordi !

oui déjà essayé sans succès. Mais comme c'était la version payante après essai de 30 jours, je pense que c'est plus résistant à virer !!!

C'est bon mais je n'ai plus que le fichier "avg_free_stf_eu_85_278a1439.exe" que tu peux retrouver sur le lien ci-dessous (voir "si rien ne se passe, aller sur serveur 1 ou 2, juste au dessus. C'est depuis ce téléchargement que j'ai ce fichier et il résiste !!!

http://www.commentcamarche.net/telecharger/telechargement 118 avg antivirus free edition

Non, il ne figure pas dans les processus

Tu me conseilles d'ouvrir un nouveau post pour voir si quelqu'un d'autre pourrait avoir une solution ? ou bien tu continues de chercher ?

Apparemment non, mais c'est juste que ce n'est pas normal que ça m'indique que le fichier doit être occupé par un autre programme !!! enfin, comme tu dis, s'il n'y a pas de conséquence !!
Mais j'ai cru apercevoir, lors de la dernière fermeture (pour redémarrage) de mon ordi, une fenêtre m'indiquant que l'application n'a pas pu s'exécuter car la station était en train de se fermer. Et il me semble que c'était la dll drwtsn32.exe. Il faudra que je regarde lors des prochaines fermetures et je te confirmerai.
Il faut te dire que je venais de fermer un post pour m'oter le même problème que ci-dessus mais avec la dll dwwin.exe qui provenait d'une mise à jour du pilote logitech pour ma web cam apparemment non compatible !
Je te tiendrai au courant lors de ma fermeture.
En attendant, si tu ne vois plus rien à faire d'autre, je te souhaite une bonne nuit et peut être à demain ou sinon bon 8 mai.

Je peux faire tout ce que tu m'indiques sur les 2 ordis, car je te rappelle que, en dernier, tu intervenais sur un problème sur mon ordi (initialement problèmes traités sur l'ordi de mon fils).
Est ce que ça va éliminer Ccleaner car j'aimerais le garder, je m'en sers régulièrement ?
Merci pour tout, je ferai fermer mon post après cette dernière réponse.
Bon week end.

Voici le petit rapport final, pour mon ordi et je vais faire de même pour l'ordi de mon fils (cf prochain post) :

[ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

--> Recherche:


---------------------------------
--> Suppression:


Fichiers temporaires nettoyés !
Corbeille vidée!

et voici pour le rapport de l'ordi de mon fils :

[ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Combofix.txt: trouvé !
C:\fixnavi.txt: trouvé !
C:\lopR.txt: trouvé !
C:\Combofix: trouvé !
C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Administrateur\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\Administrateur\Bureau\HJTInstall.exe: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\fixnavi.txt: supprimé !
C:\lopR.txt: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Combofix: supprimé !
C:\Lop SD: supprimé !
C:\Qoobox: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !