Désinstaller system security virus

re,
en mode normal ca marche; OTViewlt est bloquer au lancement

re,
je voulais plutot dire en mode normal ca marche pas; OTViewlt est systematiquement bloquer au lancement

voici le rapport OTViewlt:


OTViewIt logfile created on: 13/05/2009 00:59:41 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Hugues Miere\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

991.48 Mb Total Physical Memory | 731.71 Mb Available Physical Memory | 73.80% Memory free
1.21 Gb Paging File | 1.03 Gb Available in Paging File | 84.82% Paging File free
Paging file location(s): C:\pagefile.sys 336 672;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 7.73 Gb Free Space | 20.75% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KIMBOULI
Current User Name: Hugues Miere
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Whitelist: On
File Age = 90 Days

[color=orange]========== Processes ==========[/color]

[2006/11/03 19:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
[2007/12/06 11:01:26 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\internet explorer\iexplore.exe
[2009/05/13 00:57:54 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hugues Miere\Desktop\OTViewIt.exe

[color=orange]========== (O23) Win32 Services ==========[/color]

[2005/09/23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2007/06/26 21:32:56 | 00,068,608 | ---- | M] () -- C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe -- (Autodata Limited License Service [Auto | Stopped])
[2004/03/29 16:08:16 | 00,049,152 | ---- | M] () -- C:\Program Files\Belkin\F5D7051\WLService.exe -- (Belkin High-Speed Mode Wireless G USB Network Adapter Service [Auto | Stopped])
[2005/09/23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2009/04/21 15:36:50 | 00,216,232 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice [On_Demand | Stopped])
[2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2005/11/04 10:21:52 | 00,229,376 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe -- (RoxLiveShare [Auto | Stopped])
[2005/11/04 10:20:00 | 00,864,256 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe -- (RoxMediaDB [On_Demand | Stopped])
[2005/11/04 10:16:58 | 00,155,648 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe -- (RoxWatch [Auto | Stopped])
[2007/10/12 09:33:38 | 00,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\TalkTalk\bin\sprtsvc.exe -- (sprtsvc_TalkTalk [Auto | Stopped])
[2007/08/02 14:42:16 | 00,382,320 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist [On_Demand | Stopped])
[2004/11/02 16:59:50 | 00,316,544 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC [Auto | Stopped])
[2007/08/02 14:42:14 | 00,148,768 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe -- (tgsrvc_TalkTalk [Auto | Stopped])
[2008/12/10 00:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe -- (wampapache [On_Demand | Stopped])
[2009/02/15 00:22:12 | 06,558,336 | ---- | M] () -- c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe -- (wampmysqld [On_Demand | Stopped])
[2006/11/03 19:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend [Auto | Running])
[2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[color=orange]========== Driver Services ==========[/color]

[2004/06/29 09:07:18 | 01,268,204 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Stopped])
[2003/12/08 11:53:48 | 00,053,600 | ---- | M] (THOMSON) -- C:\WINDOWS\system32\DRIVERS\alcan5wn.sys -- (alcan5wn [On_Demand | Stopped])
[2003/12/08 11:53:46 | 00,070,688 | ---- | M] (THOMSON) -- C:\WINDOWS\system32\DRIVERS\alcaudsl.sys -- (alcaudsl [On_Demand | Stopped])
[2004/02/24 11:08:52 | 00,400,384 | ---- | M] (Sensaura) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS [On_Demand | Stopped])
[2004/05/14 23:24:10 | 00,622,172 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Stopped])
[2004/08/04 05:00:00 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\amdk7.sys -- (AmdK7 [System | Stopped])
File not found -- -- (catchme [Disabled | Running])
[2005/10/22 16:05:00 | 00,311,680 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp [System | Stopped])
[2009/04/21 15:39:26 | 00,014,336 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2 [On_Demand | Stopped])
[2005/10/22 16:05:00 | 00,027,264 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\dvd_2k.sys -- (dvd_2K [On_Demand | Stopped])
[2005/10/22 16:05:00 | 00,027,136 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\mmc_2k.sys -- (mmc_2K [On_Demand | Stopped])
[2001/08/17 13:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Stopped])
[2007/01/31 09:01:16 | 00,256,000 | R--- | M] (Ralink Technology Inc.) -- C:\WINDOWS\system32\DRIVERS\netr73.sys -- (netr73 [On_Demand | Stopped])
[2005/05/11 03:49:44 | 00,006,912 | ---- | M] (NewTech Infosystems, Inc.) -- C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
[2004/08/04 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
[2005/10/22 16:05:00 | 00,119,168 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\Pwd_2k.sys -- (pwd_2k [System | Running])
[2009/04/15 21:25:42 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
[2005/11/04 09:49:30 | 00,050,176 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DRIVERS\RxFilter.sys -- (RxFilter [System | Stopped])
[2006/05/01 13:16:22 | 00,061,600 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys -- (SE2Ebus [On_Demand | Stopped])
[2006/05/01 13:17:12 | 00,009,360 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys -- (SE2Emdfl [On_Demand | Stopped])
[2006/05/01 13:17:16 | 00,097,184 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys -- (SE2Emdm [On_Demand | Stopped])
[2007/11/13 10:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2004/07/08 20:12:00 | 00,217,600 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisgrp.sys -- (SiS315 [On_Demand | Stopped])
[2004/02/28 10:58:42 | 00,036,992 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP [Boot | Running])
[2003/03/25 17:50:46 | 00,004,096 | R--- | M] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\system32\DRIVERS\siside.sys -- (SiSide [Boot | Running])
[2002/10/17 15:14:46 | 00,049,024 | R--- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\system32\drivers\sisidex.sys -- (sisidex [Boot | Running])
[2004/07/08 20:11:00 | 00,012,416 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\srvkp.sys -- (SiSkp [System | Stopped])
[2004/02/28 10:57:14 | 00,032,256 | ---- | M] (SiS Corporation) -- C:\WINDOWS\system32\DRIVERS\sisnic.sys -- (SISNIC [On_Demand | Running])
[2002/08/20 17:19:08 | 00,009,472 | R--- | M] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\system32\drivers\sisperf.sys -- (sisperf [Boot | Running])
[2004/08/04 05:00:00 | 00,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usb8023.sys -- (USB_RNDIS [On_Demand | Stopped])

[color=orange]========== (R ) Internet Explorer ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=https://www.msn.com/fr-fr/?ocid=iehp
"Default_Search_URL"=https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
"Security Risk Page"=about:SecurityRisk
"Start Page"=https://www.msn.com/fr-fr/?ocid=iehp

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=https://fr.yahoo.com/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=https://www.acer.com/worldwide/selection.html

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=https://www.acer.com/worldwide/selection.html

[HKEY_USERS\S-1-5-21-681764103-436321949-3341562259-1005\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=https://fr.yahoo.com/

[HKEY_USERS\S-1-5-21-681764103-436321949-3341562259-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-681764103-436321949-3341562259-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-21-681764103-436321949-3341562259-500\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=https://www.acer.com/worldwide/selection.html

[HKEY_USERS\S-1-5-21-681764103-436321949-3341562259-500\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=

[HKEY_USERS\S-1-5-21-681764103-436321949-3341562259-500\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[color=orange]========== (O1) Hosts File ==========[/color]

HOSTS File = (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

[color=orange]========== (O2) BHO's ==========[/color]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

[color=orange]========== (O3) Toolbars ==========[/color]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-681764103-436321949-3341562259-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[color=orange]========== (O4) Run Keys ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"10955314"=C:\Documents and Settings\All Users\Application Data\10955314\10955314.exe ()
"60975309"=C:\Documents and Settings\All Users\Application Data\60975309\60975309.exe ()
"AGRSMMSG"=AGRSMMSG.exe (Agere Systems)
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (InstallShield Software Corporation)
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
"RoxioDragToDisc"="C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe" (Sonic Solutions)
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe" ()
"SoundMan"=SOUNDMAN.EXE (Realtek Semiconductor Corp.)
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon (THOMSON Telecom Belgium)
"TalkTalk"="C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk (SupportSoft, Inc.)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (Microsoft Corporation)

[color=orange]========== (O4) Startup Folders ==========[/color]

[1999/02/17 21:05:56 | 00,065,588 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

[color=orange]========== (O6 & O7) Current Version Policies ==========[/color]

[HKEY_LOCAL_MACHINE\Software\policies\microsoft\internet explorer\Infodelivery\Restrictions]
"nosplash"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableRegistryTools"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-681764103-436321949-3341562259-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_USERS\S-1-5-21-681764103-436321949-3341562259-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[color=orange]========== (O9) IE Extensions ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\Network Diagnostic\xpnetdiag.exe [2006/10/10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/10/13 17:24:38 | 01,694,208 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/10/13 17:24:38 | 01,694,208 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 17:24:38 | 01,694,208 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 17:24:38 | 01,694,208 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 17:24:38 | 01,694,208 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-681764103-436321949-3341562259-1005\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 17:24:38 | 01,694,208 | ---- | M] (Microsoft Corporation)

[color=orange]========== (O12) Internet Explorer Plugins ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

[color=orange]========== (O13) Default Prefixes ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[color=orange]========== (O15) Trusted Sites ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

[color=orange]========== (O16) DPF ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{17492023-C23A-453E-A040-C7C580BBF700}: http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab -- Windows Genuine Advantage Validation Tool
{4871A87A-BFDD-4106-8153-FFDE2BAC2967}: http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab -- DLM Control
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://update.microsoft.com/... -- MUWebControl Class
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF}: http://fichiers.touslesdrivers.com/hardwaredetection/hardwaredetection_3_1_2_0.cab -- HardwareDetection Control
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object

[color=orange]========== (O17) DNS Name Servers ==========[/color]

{04AD6DB8-0C45-4EE2-ABF4-9AE627D6037D} (Servers: | Description: Belkin High-Speed Mode Wireless G USB Network Adapter)
{FDE6503C-1BD7-4964-BECA-E308C9B4DD72} (Servers: | Description: SiS 900 PCI Fast Ethernet Adapter)

[color=orange]========== Shell Execute Hooks ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" (HKLM) -- C:\PROGRA~1\WIFD1F~1\MpShHook.dll (Microsoft Corporation)

[color=orange]========== Safeboot Options ==========[/color]

"AlternateShell"=cmd.exe

[color=orange]========== CDRom AutoRun Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

[color=orange]========== Autorun Files on Drives ==========[/color]

AUTOEXEC.BAT []
[2004/04/09 16:42:08 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ FAT32 ]

[color=orange]========== Files/Folders - Created Within 90 Days ==========[/color]

[3 C:\WINDOWS\System32\*.tmp files]
[3 C:\Documents and Settings\Hugues Miere\My Documents\*.tmp files]
[2009/05/13 00:57:51 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hugues Miere\Desktop\OTViewIt.exe
[2009/05/13 00:51:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009/05/13 00:47:39 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/05/13 00:47:37 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/05/13 00:47:35 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/05/13 00:34:07 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/05/13 00:34:07 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/05/13 00:34:07 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/05/13 00:34:07 | 00,117,248 | ---- | C] () -- C:\WINDOWS\vFind.exe
[2009/05/13 00:34:07 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/05/13 00:34:07 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/05/13 00:34:07 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/05/13 00:34:07 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/05/13 00:34:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/13 00:27:25 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/05/13 00:14:52 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/13 00:14:20 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\Desktop\Rooter.exe
[2009/05/12 23:51:05 | 03,021,595 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\lion.exe
[2009/05/12 23:16:31 | 00,020,593 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\LanguesDiag.ini
[2009/05/12 23:16:31 | 00,000,231 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\ConfigDiag.ini
[2009/05/12 21:40:43 | 03,021,595 | R--- | C] () -- C:\Documents and Settings\Hugues Miere\Desktop\ComboFix.exe
[2009/05/12 21:31:09 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Hugues Miere\Desktop\spybotsd162.exe
[2009/05/12 21:29:33 | 03,227,248 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Hugues Miere\Desktop\ccsetup219.exe
[2009/05/12 21:27:42 | 19,153,264 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\Desktop\Lavasoft_Adaware_multi.exe
[2009/05/12 21:25:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/05/12 04:59:08 | 00,000,032 | --S- | C] () -- C:\WINDOWS\System32\2023729596.dat
[2009/05/12 04:37:54 | 00,000,003 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\os60975309.ini
[2009/05/12 04:37:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\60975309
[2009/05/12 04:37:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\10955314
[2009/05/12 01:56:59 | 00,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Player.lnk
[2009/05/12 01:56:52 | 00,000,739 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Converter.lnk
[2009/05/12 01:56:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2009/05/12 01:56:32 | 00,001,398 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\Desktop\DivX Movies.lnk
[2009/05/12 01:56:32 | 00,000,000 | ---D | C] -- C:\Program Files\DivX
[2009/05/12 01:55:03 | 19,387,336 | ---- | C] (DivX, Inc.) -- C:\Documents and Settings\Hugues Miere\Desktop\DivXInstaller.exe
[2009/05/10 23:19:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Desktop\Unused Desktop Shortcuts
[2009/05/07 01:59:10 | 00,021,504 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\Desktop\Ne pas s arreter.doc
[2009/05/03 02:20:30 | 00,027,136 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\Desktop\Les Plenitudes.doc
[2009/05/02 12:35:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\My Documents\My Received Files
[2009/05/02 05:11:24 | 00,054,784 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\Desktop\separation.doc
[2009/05/02 05:03:52 | 00,042,496 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\Desktop\LE MYSTERE DE LA SEMENCE.doc
[2009/05/02 04:48:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Application Data\vlc
[2009/05/02 04:47:37 | 00,000,627 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2009/05/02 04:33:09 | 00,058,880 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\Desktop\Citations.doc
[2009/05/02 00:36:39 | 16,742,799 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\vlc-0.9.9-win32.exe
[2009/04/28 01:51:34 | 00,001,408 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\eaglespace_bientot.html
[2009/04/28 01:28:07 | 01,912,320 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\voiture selection.doc
[2009/04/28 01:11:16 | 01,912,320 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\1996 MITSUBISHI SHOGUN 2.doc
[2009/04/15 21:24:40 | 00,090,112 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2009/04/15 21:24:38 | 00,823,296 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll
[2009/04/15 21:24:38 | 00,823,296 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll
[2009/04/15 21:24:38 | 00,815,104 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll
[2009/04/15 21:24:38 | 00,802,816 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll
[2009/04/15 21:24:38 | 00,684,032 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll
[2009/04/14 13:31:28 | 00,483,840 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\TOYOTA SEQUOIA.doc
[2009/04/12 13:12:25 | 00,489,472 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\TOYOTA SEQUOIA 4.doc
[2009/04/06 23:16:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\My Documents\Adobe CS4
[2009/04/06 23:03:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Desktop\Adobe CS4
[2009/04/06 22:23:29 | 12,150,42899 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\ADBEFLPRCS4_LS4.7z
[2009/04/06 22:23:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Application Data\Download Manager
[2009/04/06 22:06:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\My Documents\3588
[2009/04/06 22:06:12 | 05,409,924 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\3588.zip
[2009/04/06 21:01:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Application Data\VoipDiscount
[2009/04/06 20:58:32 | 00,000,000 | ---D | C] -- C:\Program Files\VoipDiscount.com
[2009/04/06 20:56:55 | 04,116,848 | ---- | C] (Finarea S.A. Switzerland ) -- C:\Documents and Settings\Hugues Miere\My Documents\setupvoipdiscount.exe
[2009/04/05 10:57:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Local Settings\Application Data\{A63E302F-17E1-4831-A300-723481916564}
[2009/04/05 00:01:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/04/05 00:01:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Local Settings\Application Data\Mozilla
[2009/04/05 00:01:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Application Data\Mozilla
[2009/04/05 00:01:40 | 00,001,510 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/04/05 00:01:36 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/04/05 00:00:49 | 07,618,040 | ---- | C] (Mozilla) -- C:\Documents and Settings\Hugues Miere\My Documents\Firefox Setup 3.0.8.exe
[2009/03/31 05:25:36 | 00,008,102 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\3529.html
[2009/03/31 05:09:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\My Documents\images
[2009/03/29 17:08:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\My Documents\toyota
[2009/03/29 17:08:09 | 00,489,652 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\toyota.rar
[2009/03/28 14:20:09 | 00,570,368 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\Echantillon Church's.doc
[2009/03/25 23:49:08 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Hugues Miere\My Documents\Shareaza Downloads
[2009/03/23 02:33:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\My Documents\New Folder (2)
[2009/03/23 01:33:29 | 00,000,397 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\Desktop\WampServer.lnk
[2009/03/23 01:32:45 | 00,000,000 | ---D | C] -- C:\wamp
[2009/03/21 13:24:49 | 00,081,408 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\JEEP GRAND CHEROKEE 2002 147000 Miles.doc
[2009/03/21 00:55:35 | 00,000,000 | ---D | C] -- C:\Program Files\Shareaza
[2009/03/21 00:55:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Local Settings\Application Data\Shareaza
[2009/03/21 00:55:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Application Data\Shareaza
[2009/03/20 00:38:52 | 00,047,104 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\53-1213M.doc
[2009/03/19 01:09:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/03/18 12:22:21 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\0870.doc
[2009/03/12 17:49:45 | 00,068,608 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\lettre de Benoit 16.doc
[2009/03/04 23:55:53 | 00,000,028 | ---- | C] () -- C:\WINDOWS\bibpdfsuite.ini
[2009/02/23 00:50:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Local Settings\Application Data\Sony Ericsson
[2009/02/23 00:49:11 | 00,000,000 | ---D | C] -- C:\Program Files\Avanquest update
[2009/02/23 00:48:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009/02/23 00:48:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
[2009/02/23 00:48:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Application Data\InstallShield
[2009/02/23 00:47:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Application Data\Sony
[2009/02/23 00:47:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony
[2009/02/23 00:46:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Local Settings\Application Data\Sony
[2009/02/23 00:45:28 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
[2009/02/23 00:45:19 | 00,000,000 | ---D | C] -- C:\Program Files\Sony
[2009/02/23 00:45:18 | 00,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2009/02/23 00:44:23 | 00,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/02/23 00:43:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Local Settings\Application Data\Apple
[2009/02/23 00:43:13 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/02/23 00:43:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/02/23 00:39:37 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/02/23 00:38:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/02/23 00:37:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Application Data\Sony Setup
[2009/02/23 00:36:57 | 00,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2009/02/23 00:04:48 | 00,097,184 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Emdm.sys
[2009/02/23 00:04:48 | 00,061,600 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Ebus.sys
[2009/02/23 00:04:48 | 00,009,360 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Emdfl.sys
[2009/02/23 00:04:48 | 00,006,240 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Ecmnt.sys
[2009/02/23 00:04:48 | 00,006,240 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Ecm.sys
[2009/02/23 00:04:48 | 00,005,872 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Ewhnt.sys
[2009/02/23 00:04:48 | 00,005,872 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\SE2Ewh.sys
[2009/02/21 12:02:40 | 00,549,888 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\2001 51 Reg MITSUBISHI Shogun Sport 2 ORIG..doc
[2009/02/21 11:59:29 | 00,514,560 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\MITSUBISHI Shogun Sport 2.doc
[2009/02/21 10:41:50 | 00,047,104 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\LAREDO 2.doc
[2009/02/21 01:56:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Desktop\New Folder
[2009/02/20 23:57:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Desktop\Alfa Romeo
[2009/02/18 23:02:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Desktop\focus
[2009/02/18 00:20:48 | 00,072,679 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\billet.pdf
[2009/02/17 12:59:05 | 01,234,432 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\Sans titre-1.psd
[2009/02/17 00:15:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hugues Miere\Desktop\site internet
[2009/02/14 00:55:16 | 00,133,632 | ---- | C] () -- C:\Documents and Settings\Hugues Miere\My Documents\toyota pickup.doc

[color=orange]========== Files - Modified Within 90 Days ==========[/color]

[3 C:\WINDOWS\System32\*.tmp files]
[3 C:\Documents and Settings\Hugues Miere\My Documents\*.tmp files]
[2009/05/13 00:57:54 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hugues Miere\Desktop\OTViewIt.exe
[2009/05/13 00:50:24 | 00,000,243 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/13 00:47:40 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/05/13 00:47:22 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/05/13 00:46:02 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/13 00:44:10 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/13 00:43:24 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/13 00:33:40 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/05/13 00:14:22 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\Desktop\Rooter.exe
[2009/05/12 23:51:14 | 03,021,595 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\lion.exe
[2009/05/12 21:40:50 | 03,021,595 | R--- | M] () -- C:\Documents and Settings\Hugues Miere\Desktop\ComboFix.exe
[2009/05/12 21:31:10 | 16,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Hugues Miere\Desktop\spybotsd162.exe
[2009/05/12 21:29:40 | 03,227,248 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Hugues Miere\Desktop\ccsetup219.exe
[2009/05/12 21:27:44 | 19,153,264 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\Desktop\Lavasoft_Adaware_multi.exe
[2009/05/12 14:56:22 | 00,000,032 | --S- | M] () -- C:\WINDOWS\System32\2023729596.dat
[2009/05/12 04:58:56 | 00,000,003 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\os60975309.ini
[2009/05/12 04:37:02 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/12 01:57:00 | 00,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Player.lnk
[2009/05/12 01:56:54 | 00,000,739 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Converter.lnk
[2009/05/12 01:56:34 | 00,001,398 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\Desktop\DivX Movies.lnk
[2009/05/12 01:55:36 | 19,387,336 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\Hugues Miere\Desktop\DivXInstaller.exe
[2009/05/09 12:41:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/07 01:59:12 | 00,021,504 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\Desktop\Ne pas s arreter.doc
[2009/05/07 01:39:10 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\Desktop\Microsoft Word.lnk
[2009/05/03 02:20:32 | 00,027,136 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\Desktop\Les Plenitudes.doc
[2009/05/02 14:47:18 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\Application Data\AVSDVDPlayer.m3u
[2009/05/02 14:47:10 | 00,054,784 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\Desktop\separation.doc
[2009/05/02 05:13:12 | 00,058,880 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\Desktop\Citations.doc
[2009/05/02 05:04:28 | 00,042,496 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\Desktop\LE MYSTERE DE LA SEMENCE.doc
[2009/05/02 04:47:38 | 00,000,627 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2009/05/02 00:37:02 | 16,742,799 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\vlc-0.9.9-win32.exe
[2009/05/01 22:50:28 | 00,018,432 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/01 15:36:48 | 00,117,248 | ---- | M] () -- C:\WINDOWS\vFind.exe
[2009/04/28 01:51:36 | 00,001,408 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\eaglespace_bientot.html
[2009/04/28 01:28:08 | 01,912,320 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\voiture selection.doc
[2009/04/28 01:25:36 | 01,912,320 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\1996 MITSUBISHI SHOGUN 2.doc
[2009/04/27 14:46:46 | 00,020,593 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\LanguesDiag.ini
[2009/04/25 23:34:58 | 00,000,231 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\ConfigDiag.ini
[2009/04/22 09:23:28 | 00,169,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/20 12:56:28 | 00,031,232 | ---- | M] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/04/15 21:24:40 | 00,090,112 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2009/04/15 21:24:38 | 00,823,296 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll
[2009/04/15 21:24:38 | 00,823,296 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll
[2009/04/15 21:24:38 | 00,815,104 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll
[2009/04/15 21:24:38 | 00,802,816 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll
[2009/04/15 21:24:38 | 00,684,032 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll
[2009/04/14 13:31:30 | 00,483,840 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\TOYOTA SEQUOIA.doc
[2009/04/13 02:27:16 | 00,489,472 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\TOYOTA SEQUOIA 4.doc
[2009/04/06 22:54:20 | 12,150,42899 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\ADBEFLPRCS4_LS4.7z
[2009/04/06 22:06:14 | 05,409,924 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\3588.zip
[2009/04/06 20:56:56 | 04,116,848 | ---- | M] (Finarea S.A. Switzerland ) -- C:\Documents and Settings\Hugues Miere\My Documents\setupvoipdiscount.exe
[2009/04/05 00:01:50 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/04/05 00:01:42 | 00,001,510 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/04/05 00:01:04 | 07,618,040 | ---- | M] (Mozilla) -- C:\Documents and Settings\Hugues Miere\My Documents\Firefox Setup 3.0.8.exe
[2009/03/31 05:25:38 | 00,008,102 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\3529.html
[2009/03/29 17:08:12 | 00,489,652 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\toyota.rar
[2009/03/28 14:20:10 | 00,570,368 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\Echantillon Church's.doc
[2009/03/23 01:33:30 | 00,000,397 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\Desktop\WampServer.lnk
[2009/03/21 13:24:50 | 00,081,408 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\JEEP GRAND CHEROKEE 2002 147000 Miles.doc
[2009/03/20 01:01:04 | 00,047,104 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\53-1213M.doc
[2009/03/18 12:22:24 | 00,019,456 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\0870.doc
[2009/03/12 17:49:46 | 00,068,608 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\lettre de Benoit 16.doc
[2009/03/04 23:55:54 | 00,000,028 | ---- | M] () -- C:\WINDOWS\bibpdfsuite.ini
[2009/02/23 00:44:24 | 00,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/02/23 00:42:02 | 00,404,410 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/02/23 00:42:02 | 00,392,296 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/02/23 00:42:02 | 00,058,596 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/02/21 12:02:42 | 00,549,888 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\2001 51 Reg MITSUBISHI Shogun Sport 2 ORIG..doc
[2009/02/21 11:59:32 | 00,514,560 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\MITSUBISHI Shogun Sport 2.doc
[2009/02/21 10:41:52 | 00,047,104 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\LAREDO 2.doc
[2009/02/18 00:20:50 | 00,072,679 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\billet.pdf
[2009/02/17 12:59:08 | 01,234,432 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\Sans titre-1.psd
[2009/02/14 00:55:18 | 00,133,632 | ---- | M] () -- C:\Documents and Settings\Hugues Miere\My Documents\toyota pickup.doc
< End of report >

re
ca y es je msuis inscrit sur le forum.
J'ai essayer d'installer ZHP Diag mais il et bloquer comme les autres. impossible de le lancer...
ca devient dure, je ne peux meme plus ouvrir le gestionnaire de tache ni meme une console....

re
merci pour ton aide.
j'ai essayer en suivant tes instruction mais rien ni fait; ce logiciel non plus ne se lance pas.
ca devient dure car je ne peut meme plus lancer le gestionnaire de tache ni meme une console....

re,
meme resultat impossible de lancer quelconque programme...

je ne sais pas si j'ai acces au mode sans echec. j'ai telecharger combofix. J'essai ca tout de suite

voila:

ComboFix 09-05-12.04 - Hugues Miere 13/05/2009 0:49.2 - [color=red][b]FAT32[/b][/color]x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.991.748 [GMT 1:00]
Running from: c:\documents and settings\Hugues Miere\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\recycled\Recycled
c:\windows\hosts
c:\windows\opuwulaq.dll
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\l_intlc.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\ovfsthlfoobyfwbxwpuvqxyhitnqlltsrqxaqx.dat
c:\windows\system32\ovfsthqckjfmpgiyaaexcmsdaqctwtspnypjrk.dat
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
c:\windows\system32\xbox.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ROXMEDIADBSPOOLER
-------\Service_RoxMediaDBSpooler


((((((((((((((((((((((((( Files Created from 2009-04-12 to 2009-05-12 )))))))))))))))))))))))))))))))
.

2009-05-12 23:44 . 2009-05-12 23:44 -------- d-----w c:\documents and settings\Administrator
2009-05-12 23:14 . 2009-05-12 23:14 -------- d-----w C:\Rooter$
2009-05-12 03:59 . 2009-05-12 13:56 32 --s-a-w c:\windows\system32\2023729596.dat
2009-05-12 03:37 . 2009-05-12 03:37 -------- d-----w c:\documents and settings\All Users\Application Data\10955314
2009-05-12 03:37 . 2009-05-12 03:37 -------- d-----w c:\documents and settings\All Users\Application Data\60975309
2009-05-12 00:56 . 2009-04-15 20:25 120056 ------w c:\windows\system32\pxcpyi64.exe
2009-05-12 00:56 . 2009-04-15 20:25 118520 ------w c:\windows\system32\pxinsi64.exe
2009-05-12 00:56 . 2009-04-15 20:25 129784 ------w c:\windows\system32\pxafs.dll
2009-05-12 00:56 . 2009-05-12 00:56 -------- d-----w c:\program files\Common Files\DivX Shared
2009-05-12 00:56 . 2009-05-12 00:56 -------- d-----w c:\program files\DivX
2009-05-09 11:41 . 2009-05-09 11:41 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-05-02 03:48 . 2009-05-02 03:48 -------- d-----w c:\documents and settings\Hugues Miere\Application Data\vlc
2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w c:\windows\system32\dpl100.dll
2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w c:\windows\system32\DivX.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w c:\windows\system32\divx_xx0c.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w c:\windows\system32\divx_xx07.dll
2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w c:\windows\system32\divx_xx11.dll
2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w c:\windows\system32\divx_xx0a.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-15 20:25 . 2005-11-03 11:00 43528 ------w c:\windows\system32\drivers\pxhelp20.sys
2009-04-06 19:58 . 2009-04-06 19:58 -------- d-----w c:\program files\VoipDiscount.com
2009-04-04 23:01 . 2009-04-04 23:01 0 ----a-w c:\windows\nsreg.dat
2009-03-20 23:55 . 2009-03-20 23:55 -------- d-----w c:\program files\Shareaza
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoxioDragToDisc"="c:\program files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe" [2005-11-04 1687552]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe" [2005-11-04 163840]
"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-28 81920]
"TalkTalk"="c:\program files\TalkTalk\bin\sprtcmd.exe" [2007-10-12 202016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"10955314"="c:\documents and settings\All Users\Application Data\10955314\10955314.exe" [2009-05-12 356901]
"60975309"="c:\documents and settings\All Users\Application Data\60975309\60975309.exe" [2009-05-12 13861]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-05-14 67072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave"= serwvdrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\VoipCheap\\VoipCheap.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont.exe"=
"c:\\Program Files\\Common Files\\SupportSoft\\bin\\tgsrvc.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont_nm.exe"=
"c:\\Program Files\\TalkTalk\\bin\\sprtcmd.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=

R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 19:19 13592]
S2 sprtsvc_TalkTalk;SupportSoft Sprocket Service (TalkTalk);c:\program files\TalkTalk\bin\sprtsvc.exe [12/10/2007 09:33 202016]
S2 tgsrvc_TalkTalk;SupportSoft Repair Service (TalkTalk);c:\program files\Common Files\SupportSoft\bin\tgsrvc.exe [02/08/2007 14:42 148768]
S3 DMSKSSRh;DMSKSSRh;\??\c:\docume~1\HUGUES~1\LOCALS~1\Temp\DMSKSSRh.sys --> c:\docume~1\HUGUES~1\LOCALS~1\Temp\DMSKSSRh.sys [?]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [21/04/2009 15:36 216232]
S3 netr73;D-Link DWA-111 Wireless G USB Adapter Driver;c:\windows\system32\drivers\netr73.sys [31/03/2008 21:11 256000]
.
Contents of the 'Scheduled Tasks' folder

2007-06-15 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-05-11 16:17]

2009-05-12 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2009-05-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-RavAV - c:\documents and settings\Hugues Miere\Start Menu\Programs\Startup\RavMonE.exe
HKLM-Run-Userinit - c:\windows\system32\cologsver.exe
HKLM-Run-Hsekihumevixi - c:\windows\Kmasirumecahal.dll
HKLM-Run-90965306 - c:\documents and settings\All Users\Application Data\90965306\90965306.exe
HKLM-Run-NWEReboot - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://fr.yahoo.com/
FF - ProfilePath - c:\documents and settings\Hugues Miere\Application Data\Mozilla\Firefox\Profiles\92s12rw1.default\
FF - plugin: c:\documents and settings\Hugues Miere\Application Data\Mozilla\Firefox\Profiles\92s12rw1.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-13 00:50
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(452)
c:\windows\system32\scg726.acm
c:\windows\system32\alf2cd.acm
c:\windows\system32\AC3ACM.acm

- - - - - - - > 'winlogon.exe'(864)
c:\windows\system32\scg726.acm
c:\windows\system32\alf2cd.acm
c:\windows\system32\AC3ACM.acm
.
Completion time: 2009-05-12 0:51
ComboFix-quarantined-files.txt 2009-05-12 23:51

Pre-Run: 8,292,827,136 bytes free
Post-Run: 8,287,551,488 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

166 --- E O F --- 2009-05-01 11:46

re,
Le scan de MalwareByte's Anti-Malware est en cour...

Voici le rapport de MalwareByte's Anti-Malware

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2118
Windows 5.1.2600 Service Pack 2

13/05/2009 01:46:40
mbam-log-2009-05-13 (01-46-40).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Eléments examinés: 183258
Temps écoulé: 16 minute(s), 56 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\10955314 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\60975309 (Rogue.Multiple.H) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\10955314 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\60975309 (Rogue.Multiple.H) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\10955314\10955314.exe (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\10955314\10955314.glu (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\10955314\pc10955314cnf (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\10955314\pc10955314ins (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\60975309\60975309.exe (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\60975309\10959531.exe (Rogue.Multiple.H) -> Quarantined and deleted successfully.

ok; voici le rapport ZHPDiag:

il ya un souci; j'arrice ps a te send le rapport

Comme ca marchait pas Je te le send en 2 partie. Voici donc la 2eme partie du rapport:


---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Common Files\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Common Files\System
O43 - CFD:Common File Directory - C:\Program Files\Common Files\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory - C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Symantec Shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Roxio Shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Sonic Shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Autodata Limited Shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Designer
O43 - CFD:Common File Directory - C:\Program Files\Common Files\AVSMedia
O43 - CFD:Common File Directory - C:\Program Files\Common Files\eLanguage
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Cosmi
O43 - CFD:Common File Directory - C:\Program Files\Common Files\SupportSoft
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Macromedia
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\DivX Shared

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->13/05/2009 - 00:48:30
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->22/02/2009 - 23:42:02
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->22/02/2009 - 23:42:02
O44 - LFC:Last File Created - C:\WINDOWS\System32\dpl100.dll -->15/04/2009 - 20:24:40
O44 - LFC:Last File Created - C:\WINDOWS\System32\CONFIG.NT -->12/05/2009 - 23:33:40
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->22/04/2009 - 08:23:28
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->22/02/2009 - 23:42:02
O44 - LFC:Last File Created - C:\WINDOWS\System32\2023729596.dat -->12/05/2009 - 13:56:22
O44 - LFC:Last File Created - C:\WINDOWS\System32\DivX.dll -->15/04/2009 - 20:24:38
O44 - LFC:Last File Created - C:\WINDOWS\System32\divx_xx0c.dll -->15/04/2009 - 20:24:38
O44 - LFC:Last File Created - C:\WINDOWS\System32\divx_xx07.dll -->15/04/2009 - 20:24:38
O44 - LFC:Last File Created - C:\WINDOWS\System32\divx_xx11.dll -->15/04/2009 - 20:24:38
O44 - LFC:Last File Created - C:\WINDOWS\System32\divx_xx0a.dll -->15/04/2009 - 20:24:38
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->06/04/2009 - 14:32:54
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbam.sys -->06/04/2009 - 14:32:46

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\QTTASK.EXE-342507FB.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32.EXE-20C463C1.pf -->05/05/2009 - 11:17:02
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf -->12/05/2009 - 23:12:34
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->12/05/2009 - 00:57:14
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BCONT_NM.EXE-34F3734B.pf -->12/05/2009 - 13:41:08
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IPCONFIG.EXE-2395F30B.pf -->12/05/2009 - 23:41:04
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DW20.EXE-143E02DB.pf -->12/05/2009 - 00:33:56
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-44E79D54.pf -->06/05/2009 - 21:14:44
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PCARMDRV.EXE-35D01613.pf -->13/05/2009 - 00:14:20
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ROXWATCH.EXE-03B696DD.pf -->11/05/2009 - 09:30:22
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->13/05/2009 - 00:15:18
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4AE849A8.pf -->06/05/2009 - 23:06:30
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPRTCMD.EXE-09E5018C.pf -->11/05/2009 - 23:12:14
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHMAISV.EXE-12E27032.pf -->11/05/2009 - 09:30:38
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-267C5814.pf -->06/05/2009 - 23:29:38
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA2.pf -->07/05/2009 - 00:07:50
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf -->13/05/2009 - 00:55:34
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf -->12/05/2009 - 04:09:04
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CPSHELPRUNNER.EXE-22868065.pf -->11/05/2009 - 23:11:24
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2C078A36.pf -->09/05/2009 - 03:29:28
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-29B1E5C2.pf -->09/05/2009 - 03:29:34
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOFTWAREUPDATE.EXE-1415D1B8.pf -->09/05/2009 - 11:41:06
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DLLHOST.EXE-205D880D.pf -->09/05/2009 - 11:41:08
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ISUSPM.EXE-1ED0B23B.pf -->13/05/2009 - 00:49:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AGENT.EXE-10B4BAEA.pf -->13/05/2009 - 00:49:56
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ROXIO_CENTRAL.EXE-0E211AF2.pf -->10/05/2009 - 02:44:26
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEF9F.pf -->10/05/2009 - 02:45:16
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP_WM.EXE-3135CBD6.pf -->10/05/2009 - 02:47:56
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SERVICES.EXE-2F433351.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ROXLIVESHARE.EXE-0FF4F6F1.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPRTSVC.EXE-14187B3C.pf -->11/05/2009 - 09:30:28
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TGSRVC.EXE-04A90F7A.pf -->11/05/2009 - 09:30:28
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SYMWSC.EXE-321AAE19.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LSASS.EXE-20DB6D1B.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSMPENG.EXE-273B5E0F.pf -->13/05/2009 - 00:08:48
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASWUPDSV.EXE-040CB91E.pf -->11/05/2009 - 09:29:56
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHSERV.EXE-3B661600.pf -->11/05/2009 - 09:29:56
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPOOLSV.EXE-282F76A7.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADCDLICSVC.EXE-19FF9A09.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WLSERVICE.EXE-244174EE.pf -->13/05/2009 - 00:14:22
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WLANCFGG.EXE-11093D29.pf -->13/05/2009 - 00:14:50
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATER.EXE-29743DD2.pf -->12/05/2009 - 00:52:06
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPER.EXE-0415776D.pf -->12/05/2009 - 00:52:18
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DIVXINSTALLER.EXE-1B46195F.pf -->12/05/2009 - 00:56:08
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DIVXCONNECTIONTESTER.EXE-1B95EB9F.pf -->12/05/2009 - 00:56:08
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DIVXCOMPONENT.EXE-01874DCE.pf -->12/05/2009 - 00:56:18
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PXHPINST.EXE-19CAC65A.pf -->12/05/2009 - 00:56:56
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PXSETUP.EXE-082E93B7.pf -->12/05/2009 - 00:56:58
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DIVX PLAYER.EXE-2B5FB89F.pf -->12/05/2009 - 00:57:00
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4733C239.pf -->12/05/2009 - 02:47:48
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVAST.SETUP-032170A8.pf -->12/05/2009 - 11:22:30
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INSTALL[1].EXE-0BF59420.pf -->12/05/2009 - 03:38:04
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\60975309.EXE-11BF7F4C.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\10955314.EXE-05B9BF3B.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->12/05/2009 - 23:17:10
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHAVAST.EXE-12F63458.pf -->12/05/2009 - 21:47:02
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHSIMPL.EXE-14F851AB.pf -->12/05/2009 - 21:47:16
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTVDM.EXE-1A10A423.pf -->12/05/2009 - 03:54:08
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\20959532.EXE-02261029.pf -->12/05/2009 - 03:59:00
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\L_INTLC.EXE-33C69388.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHQUICK.EXE-2A0533AE.pf -->12/05/2009 - 21:46:44
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHWEBSV.EXE-0548EF0A.pf -->11/05/2009 - 09:30:38
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ROXMEDIADB.EXE-2F72A026.pf -->12/05/2009 - 20:11:22
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->12/05/2009 - 22:30:38
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BC55A4F.pf -->12/05/2009 - 19:30:08
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHCHEST.EXE-0FED8209.pf -->12/05/2009 - 19:30:46
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2CD85FD3.pf -->12/05/2009 - 23:13:06
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-13CC3015.pf -->12/05/2009 - 19:40:44
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf -->12/05/2009 - 21:36:58
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSHTA.EXE-331DF029.pf -->12/05/2009 - 19:40:44
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINLOGON.EXE-32C57D49.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CSRSS.EXE-12B63473.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NEROCHECK.EXE-092C6DFA.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->13/05/2009 - 00:49:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTSD.EXE-0A9BC67B.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-40CAABC9.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->13/05/2009 - 00:49:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOUNDMAN.EXE-19745A34.pf -->12/05/2009 - 20:11:22
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ISSCH.EXE-3ACEF8DC.pf -->12/05/2009 - 20:11:22
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DRGTODSC.EXE-17103D9D.pf -->12/05/2009 - 20:11:22
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSASCUI.EXE-08BEC8D8.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2905E326.pf -->12/05/2009 - 23:13:24
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-37BEE96E.pf -->12/05/2009 - 23:13:16
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSCONFIG.EXE-35E4DAE9.pf -->12/05/2009 - 20:45:22
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LAVASOFT_ADAWARE_MULTI.EXE-14BCBACA.pf -->12/05/2009 - 20:32:02
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OSA9.EXE-27CD7DB8.pf -->12/05/2009 - 23:41:04
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CCSETUP219.EXE-123ADFB7.pf -->12/05/2009 - 20:29:46
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPYBOTSD162.EXE-0DAB8FD3.pf -->12/05/2009 - 20:31:30
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPYBOTSD162.TMP-1CD252BC.pf -->12/05/2009 - 20:31:20
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LAVASOFT_ADAWARE_MULTI.EXE-15AFC664.pf -->12/05/2009 - 22:36:04
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPYBOTSD162.EXE-0225C77B.pf -->12/05/2009 - 22:36:06
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPYBOTSD162.TMP-10FF9549.pf -->12/05/2009 - 20:36:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\COMBOFIX.EXE-2BF0CF56.pf -->12/05/2009 - 23:41:04
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CCSETUP219.EXE-390594EF.pf -->12/05/2009 - 22:59:52
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPYBOTSD162.TMP-0587FE2D.pf -->12/05/2009 - 20:45:52
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM-SETUP.EXE-1D01CA32.pf -->13/05/2009 - 00:14:44
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPYBOTSD162.TMP-2273C599.pf -->12/05/2009 - 21:05:44
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-12E27DD0.pf -->12/05/2009 - 21:11:42
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WGATRAY.EXE-0ED38BED.pf -->11/05/2009 - 23:11:24
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2576181F.pf -->12/05/2009 - 21:13:00
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SMITFRAUDFIX.EXE-0B483E4D.pf -->12/05/2009 - 22:35:58
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SMIUPDATE.EXE-15DDCCE4.pf -->12/05/2009 - 21:24:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REBOOT.EXE-36952AC5.pf -->12/05/2009 - 21:25:00
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWSC.EXE-34DB98D9.pf -->12/05/2009 - 21:25:10
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SMITFRAUDFIX.EXE-36B05EE3.pf -->12/05/2009 - 21:37:22
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPYBOTSD162.EXE-2E2DFEF0.pf -->12/05/2009 - 21:37:32
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LAVASOFT_ADAWARE_MULTI.EXE-2C688686.pf -->12/05/2009 - 21:37:34
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->13/05/2009 - 00:08:58
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CCSETUP219.EXE-2929D5F3.pf -->12/05/2009 - 21:37:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\COMBOFIX.EXE-38E7D39A.pf -->12/05/2009 - 21:37:50
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEDW.EXE-1880380E.pf -->12/05/2009 - 22:55:10
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2C7B5C4A.pf -->12/05/2009 - 23:13:12
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OTVIEWIT.EXE-2B4B9242.pf -->13/05/2009 - 00:08:48
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf -->12/05/2009 - 23:17:10
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AGRSMMSG.EXE-0034A7F7.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CSCRIPT.EXE-1C26180C.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->12/05/2009 - 04:53:18
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHKNTFS.EXE-31921D64.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->12/05/2009 - 22:30:36
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MPCMDRUN.EXE-1F9D1CA1.pf -->12/05/2009 - 00:32:12
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->13/05/2009 - 00:55:24
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->11/05/2009 - 14:09:42
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGFAT.EXE-03D95883.pf -->11/05/2009 - 14:09:42
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf -->12/05/2009 - 09:34:02
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->13/05/2009 - 00:08:48
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-10D55173.pf -->12/05/2009 - 21:34:50

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WIFD1F~1\MpShHook.dll

---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export - "C:\Program Files\VoipCheap\VoipCheap.exe"="C:\Program Files\VoipCheap\VoipCheap.exe:*:Enabled:VoipCheap"
O47 - AAKE:Key Export - "C:\Program Files\TalkTalk\agent\bin\bcont.exe"="C:\Program Files\TalkTalk\agent\bin\bcont.exe:*:Enabled:bcont.exe"
O47 - AAKE:Key Export - "C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe"="C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe:*:Enabled:tgsrvc.exe"
O47 - AAKE:Key Export - "C:\Program Files\TalkTalk\agent\bin\bcont_nm.exe"="C:\Program Files\TalkTalk\agent\bin\bcont_nm.exe:*:Enabled:bcont_nm.exe"
O47 - AAKE:Key Export - "C:\Program Files\TalkTalk\bin\sprtcmd.exe"="C:\Program Files\TalkTalk\bin\sprtcmd.exe:*:Enabled:sprtcmd.exe"
O47 - AAKE:Key Export - "C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2"
O47 - AAKE:Key Export - "C:\Program Files\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza"
O47 - AAKE:Key Export - "C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe"="C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe:*:Enabled:Dreamweaver 8"
O47 - AAKE:Key Export - "C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe"="C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe:*:Enabled:Apache HTTP Server"
O47 - AAKE:Key Export - "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe"="C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount"
O47 - AAKE:Key Export - "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys

---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.I420"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave"="serwvdrv.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.voxacm160"="vct3216.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.scg726"="scg726.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.alf2cd"="alf2cd.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.ac3acm"="AC3ACM.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.dvsd"="mcdvd_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.xvid"="xvidvfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mpg4"="mpg4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mp42"="mpg4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mp43"="mpg4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.DIVX"="DivX.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="DivX.dll"

---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0


End of the scan:

re,
Le pc va mieux mnt, tout semble a nouveau marcher. Grand merci
J'ai reussi a faire marcher combofix en mode normal. je sais pas si ta besoin que je post le rapport?

ok voici d'abord le rapport combofix

ComboFix 09-05-12.04 - Hugues Miere 13/05/2009 2:21.3 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.991.681 [GMT 1:00]
Running from: c:\documents and settings\Hugues Miere\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2009-04-13 to 2009-05-13 )))))))))))))))))))))))))))))))
.

2009-05-13 00:17 . 2009-05-13 00:17 -------- d-----w c:\documents and settings\Hugues Miere\Application Data\Malwarebytes
2009-05-13 00:17 . 2009-04-06 14:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-13 00:17 . 2009-04-06 14:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-13 00:17 . 2009-05-13 00:17 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-13 00:17 . 2009-05-13 00:17 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-12 23:44 . 2009-05-12 23:44 -------- d-----w c:\documents and settings\Administrator
2009-05-12 23:14 . 2009-05-12 23:14 -------- d-----w C:\Rooter$
2009-05-12 03:59 . 2009-05-12 13:56 32 --s-a-w c:\windows\system32\2023729596.dat
2009-05-12 00:56 . 2009-04-15 20:25 120056 ------w c:\windows\system32\pxcpyi64.exe
2009-05-12 00:56 . 2009-04-15 20:25 118520 ------w c:\windows\system32\pxinsi64.exe
2009-05-12 00:56 . 2009-04-15 20:25 129784 ------w c:\windows\system32\pxafs.dll
2009-05-12 00:56 . 2009-05-12 00:56 -------- d-----w c:\program files\Common Files\DivX Shared
2009-05-12 00:56 . 2009-05-12 00:56 -------- d-----w c:\program files\DivX
2009-05-09 11:41 . 2009-05-09 11:41 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-05-02 03:48 . 2009-05-02 03:48 -------- d-----w c:\documents and settings\Hugues Miere\Application Data\vlc
2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w c:\windows\system32\dpl100.dll
2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w c:\windows\system32\DivX.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w c:\windows\system32\divx_xx0c.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w c:\windows\system32\divx_xx07.dll
2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w c:\windows\system32\divx_xx11.dll
2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w c:\windows\system32\divx_xx0a.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-15 20:25 . 2005-11-03 11:00 43528 ------w c:\windows\system32\drivers\pxhelp20.sys
2009-04-06 19:58 . 2009-04-06 19:58 -------- d-----w c:\program files\VoipDiscount.com
2009-04-04 23:01 . 2009-04-04 23:01 0 ----a-w c:\windows\nsreg.dat
2009-03-20 23:55 . 2009-03-20 23:55 -------- d-----w c:\program files\Shareaza
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoxioDragToDisc"="c:\program files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe" [2005-11-04 1687552]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe" [2005-11-04 163840]
"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-28 81920]
"TalkTalk"="c:\program files\TalkTalk\bin\sprtcmd.exe" [2007-10-12 202016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-05-14 67072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave"= serwvdrv.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\VoipCheap\\VoipCheap.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont.exe"=
"c:\\Program Files\\Common Files\\SupportSoft\\bin\\tgsrvc.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont_nm.exe"=
"c:\\Program Files\\TalkTalk\\bin\\sprtcmd.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=

R2 sprtsvc_TalkTalk;SupportSoft Sprocket Service (TalkTalk);c:\program files\TalkTalk\bin\sprtsvc.exe [12/10/2007 09:33 202016]
R2 tgsrvc_TalkTalk;SupportSoft Repair Service (TalkTalk);c:\program files\Common Files\SupportSoft\bin\tgsrvc.exe [02/08/2007 14:42 148768]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 19:19 13592]
S3 DMSKSSRh;DMSKSSRh;\??\c:\docume~1\HUGUES~1\LOCALS~1\Temp\DMSKSSRh.sys --> c:\docume~1\HUGUES~1\LOCALS~1\Temp\DMSKSSRh.sys [?]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [21/04/2009 15:36 216232]
S3 netr73;D-Link DWA-111 Wireless G USB Adapter Driver;c:\windows\system32\drivers\netr73.sys [31/03/2008 21:11 256000]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - GTNDIS5
.
Contents of the 'Scheduled Tasks' folder

2007-06-15 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-05-11 16:17]

2009-05-13 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2009-05-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://fr.yahoo.com/
FF - ProfilePath - c:\documents and settings\Hugues Miere\Application Data\Mozilla\Firefox\Profiles\92s12rw1.default\
FF - plugin: c:\documents and settings\Hugues Miere\Application Data\Mozilla\Firefox\Profiles\92s12rw1.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-13 02:23
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1156)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\browselc.dll
c:\program files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
.
Completion time: 2009-05-13 2:24
ComboFix-quarantined-files.txt 2009-05-13 01:24
ComboFix2.txt 2009-05-12 23:51

Pre-Run: 7,227,998,208 bytes free
Post-Run: 7,234,650,112 bytes free

124 --- E O F --- 2009-05-01 11:46

voici le rapport HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:32:56, on 13/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\Program Files\Belkin\F5D7051\WLService.exe
C:\Program Files\Belkin\F5D7051\WLanCfgG.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\Program Files\TalkTalk\bin\sprtsvc.exe
C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\TalkTalk\bin\sprtcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/hardwaredetection/hardwaredetection_3_1_2_0.cab
O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\F5D7051\WLService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: SupportSoft Sprocket Service (TalkTalk) (sprtsvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\TalkTalk\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: SupportSoft Repair Service (TalkTalk) (tgsrvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe

Voici les rapports pour RSIT:
Preimer rapport "log"

Logfile of random's system information tool 1.06 (written by random/random)
Run by Hugues Miere at 2009-05-13 02:35:56
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 7 GB (18%) free of 38 GB
Total RAM: 991 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:35:57, on 13/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\Program Files\Belkin\F5D7051\WLService.exe
C:\Program Files\Belkin\F5D7051\WLanCfgG.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\Program Files\TalkTalk\bin\sprtsvc.exe
C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\TalkTalk\bin\sprtcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Hugues Miere\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Hugues Miere.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.acer.com/worldwide/selection.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/hardwaredetection/hardwaredetection_3_1_2_0.cab
O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\F5D7051\WLService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: SupportSoft Sprocket Service (TalkTalk) (sprtsvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\TalkTalk\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: SupportSoft Repair Service (TalkTalk) (tgsrvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe

rapport info resit:

info.txt logfile of random's system information tool 1.06 2009-05-13 02:35:58

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{6D4F02C4-F6AF-4659-A933-7FC06235A8D5}
-->MsiExec.exe /I{7FD9FD10-9F7F-4DDF-B9F0-911209FF0CEA}
-->MsiExec.exe /I{8C60949A-46F9-4DD7-BA9F-78C00D9D4C8D}
-->MsiExec.exe /I{EB748B9B-F872-4E95-98E8-5CA7E5425DAF}
-->MsiExec.exe /I{F0EACC27-A729-406C-9BF6-C8F10CEC36F8}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Reader 6.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-000000000001}
Agere Systems PCI Soft Modem-->agrsmdel
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x040c -removeonly
AVS Audio Tools version 4.4-->"C:\Program Files\AVSMedia\AudioTools\unins000.exe"
AVS DVD Player version 2.4-->"C:\Program Files\AVSMedia\DVDPlayer\unins000.exe"
Belkin High-Speed Mode Wireless G USB Network Adapter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Belkin\F5D7051\setup.exe" -l0x9
Bible Suite- Disk 1-->MsiExec.exe /I{B6F50EFF-0EA7-4A63-868D-2C02C1B9EABF}
Bible Suite PDF Texts-->MsiExec.exe /I{6C405BCD-8941-4FE4-B4AC-9C2B55414E18}
Concise Oxford English Dictionary (Eleventh Edition)-->C:\Program Files\COED11\Uninstal.exe
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver Updater Pro-->"C:\Documents and Settings\All Users\Application Data\{CC51AE54-B346-4954-ADDB-30BD4F138CF2}\DriverUpdaterPro.exe" REMOVE=TRUE MODIFY=FALSE
Driver Updater Pro-->C:\Documents and Settings\All Users\Application Data\{CC51AE54-B346-4954-ADDB-30BD4F138CF2}\DriverUpdaterPro.exe
Driving Test Complete-->"C:\WINDOWS\Driving Test Complete\uninstall.exe" "/U:C:\Program Files\Driving Test Complete\Uninstall\uninstall.xml"
English Grammar in Use-->C:\CAMBRI~1\EGU\REMOVE.EXE C:\CAMBRI~1\EGU\Install.log
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Le Message et la Sainte Bible-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF11779E-3A03-11D8-9EAE-0020E0623A55}\setup.exe" -l0x40c -uninst
Le Monde diplomatique (remove only)-->"C:\Program Files\LeMondediplomatique\uninstall.exe"
Learn to Speak English Deluxe 9.5-->MsiExec.exe /I{7E9E798E-58CF-468E-B6DC-4EDEB857DB91}
Letts Practise Maths Stage 1-->C:\LETTS\PRACTISE\MATHSKS1\UNWISE.EXE C:\LETTS\PRACTISE\MATHSKS1\INSTALL.LOG
LiveUpdate 1.90 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Ma-Config.com-->MsiExec.exe /X{E780E536-16CE-4CD1-8FE0-2D5E52FAA65B}
Macromedia Dreamweaver 8-->MsiExec.exe /I{5FD788ED-1A37-4496-9BDD-463F493B27FA}
Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 Professional-->MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Music Coach Player-->MsiExec.exe /I{61C7F2BD-A9CE-464D-8B45-873FAED5B33B}
My First Dictionary 2.0-->C:\WINDOWS\uninst.exe -r"DK Multimedia\My First Dictionary 2.0\2.00" -n"My First Dictionary 2.0" -fC:\PROGRA~1\DKMULT~1\MYFIRS~1.0\DeIsL2.isu -cC:\PROGRA~1\DKMULT~1\MYFIRS~1.0\uninst.dll
Nero Suite-->C:\Program Files\Common Files\Ahead\Uninstall\Setup.exe /uninstall
NetZero Internet and Voice Offer-->MsiExec.exe /X{8BBA35B6-E1A9-4FE0-892B-8F7980584D52}
Norton WMI Update-->MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
NTI Backup NOW! 3-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4E68EAA3-775A-4542-A08A-47DB8E8E74A6} /l1033 BUNText
NTI CD & DVD-Maker Gold -->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778} /l1033 AnyText
Oxford First Encyclopedia-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{D1F60B9D-30CD-45F3-9797-7F7AB06F8820}
Photoshop CS2 -->C:\Program Files\Adobe\Adobe Photoshop CS2\uninst.exe
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Roxio Easy Media Creator 8 Essentials-->MsiExec.exe /I{21EC1B12-888F-44D3-8C77-14FCF8CAE383}
Security Update for Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Security Update for Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Security Update for Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Shareaza 2.4.0.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe"
SiS 900 PCI Fast Ethernet Adapter Driver-->C:\Progra~1\SiSLan\Uninst.exe
Sony Ericsson Media Manager 1.2-->MsiExec.exe /X{5F1ECBFB-048E-406E-A7AB-A81F9E359961}
Sony Ericsson PC Suite 4.010.00-->C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe -runfromtemp -l0x040c -removeonly
SpeedTouch USB Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\setup.exe" /l0009 -Control_Panel
TalkTalk Assist & Go-->MsiExec.exe /X{D084B1A9-153B-409D-AEBF-C40FCEF925EA}
Teaching-you Guitar Skills-->MsiExec.exe /I{424CB226-23FE-4429-A85F-C893D381897F}
The Human body-->C:\WINDOWS\unvise32.exe C:\Program Files\QA International\The Human body\uninstal.log
The Junior Visual-->C:\WINDOWS\unvise32.exe C:\Program Files\QA International\The Junior Visual\uninstal.log
Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update for Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update for Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VoipCheap-->"C:\Program Files\VoipCheap\unins000.exe"
VoipDiscount-->"C:\Program Files\VoipDiscount.com\VoipDiscount\unins000.exe"
WampServer 2.0-->"c:\wamp\unins000.exe"
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe

======System event log======

Computer Name: KIMBOULI
Event Code: 7031
Message: The Belkin High-Speed Mode Wireless G USB Driver service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Record Number: 78403
Source Name: Service Control Manager
Time Written: 20090513004234.000000+060
Event Type: error
User:

Computer Name: KIMBOULI
Event Code: 7031
Message: The Belkin High-Speed Mode Wireless G USB Driver service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Record Number: 78401
Source Name: Service Control Manager
Time Written: 20090513004234.000000+060
Event Type: error
User:

Computer Name: KIMBOULI
Event Code: 7031
Message: The Belkin High-Speed Mode Wireless G USB Driver service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Record Number: 78399
Source Name: Service Control Manager
Time Written: 20090513004233.000000+060
Event Type: error
User:

Computer Name: KIMBOULI
Event Code: 7031
Message: The Belkin High-Speed Mode Wireless G USB Driver service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Record Number: 78397
Source Name: Service Control Manager
Time Written: 20090513004233.000000+060
Event Type: error
User:

Computer Name: KIMBOULI
Event Code: 7031
Message: The Belkin High-Speed Mode Wireless G USB Driver service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Record Number: 78395
Source Name: Service Control Manager
Time Written: 20090513004232.000000+060
Event Type: error
User:

=====Application event log=====

Computer Name: KIMBOULI
Event Code: 1524
Message: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.



Record Number: 4733
Source Name: Userenv
Time Written: 20080826220733.000000+060
Event Type: warning
User: KIMBOULI\Hugues Miere

Computer Name: KIMBOULI
Event Code: 5000
Message:
Record Number: 4732
Source Name: MPSampleSubmission
Time Written: 20080826202152.000000+060
Event Type: error
User:

Computer Name: KIMBOULI
Event Code: 1517
Message: Windows saved user KIMBOULI\Hugues Miere registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 4717
Source Name: Userenv
Time Written: 20080824005405.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: KIMBOULI
Event Code: 1524
Message: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.



Record Number: 4716
Source Name: Userenv
Time Written: 20080824005404.000000+060
Event Type: warning
User: KIMBOULI\Hugues Miere

Computer Name: KIMBOULI
Event Code: 1517
Message: Windows saved user KIMBOULI\Hugues Miere registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 4699
Source Name: Userenv
Time Written: 20080822232955.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Common Files\DivX Shared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\Roxio Central\
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

Ok
voici le rapport:

ComboFix 09-05-12.04 - Hugues Miere 13/05/2009 3:04.4 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.991.660 [GMT 1:00]
Running from: c:\documents and settings\Hugues Miere\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Hugues Miere\Desktop\CFScript.txt
.

((((((((((((((((((((((((( Files Created from 2009-04-13 to 2009-05-13 )))))))))))))))))))))))))))))))
.

2009-05-13 01:35 . 2009-05-13 01:35 -------- d-----w C:\rsit
2009-05-13 01:32 . 2009-05-13 01:32 -------- d-----w c:\program files\Trend Micro
2009-05-13 00:17 . 2009-05-13 00:17 -------- d-----w c:\documents and settings\Hugues Miere\Application Data\Malwarebytes
2009-05-13 00:17 . 2009-04-06 14:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-13 00:17 . 2009-04-06 14:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-13 00:17 . 2009-05-13 00:17 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-13 00:17 . 2009-05-13 00:17 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-12 23:44 . 2009-05-12 23:44 -------- d-----w c:\documents and settings\Administrator
2009-05-12 23:14 . 2009-05-12 23:14 -------- d-----w C:\Rooter$
2009-05-12 03:59 . 2009-05-12 13:56 32 --s-a-w c:\windows\system32\2023729596.dat
2009-05-12 00:56 . 2009-04-15 20:25 120056 ------w c:\windows\system32\pxcpyi64.exe
2009-05-12 00:56 . 2009-04-15 20:25 118520 ------w c:\windows\system32\pxinsi64.exe
2009-05-12 00:56 . 2009-04-15 20:25 129784 ------w c:\windows\system32\pxafs.dll
2009-05-12 00:56 . 2009-05-12 00:56 -------- d-----w c:\program files\Common Files\DivX Shared
2009-05-12 00:56 . 2009-05-12 00:56 -------- d-----w c:\program files\DivX
2009-05-09 11:41 . 2009-05-09 11:41 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-05-02 03:48 . 2009-05-02 03:48 -------- d-----w c:\documents and settings\Hugues Miere\Application Data\vlc
2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w c:\windows\system32\dpl100.dll
2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w c:\windows\system32\DivX.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w c:\windows\system32\divx_xx0c.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w c:\windows\system32\divx_xx07.dll
2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w c:\windows\system32\divx_xx11.dll
2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w c:\windows\system32\divx_xx0a.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-15 20:25 . 2005-11-03 11:00 43528 ------w c:\windows\system32\drivers\pxhelp20.sys
2009-04-06 19:58 . 2009-04-06 19:58 -------- d-----w c:\program files\VoipDiscount.com
2009-04-04 23:01 . 2009-04-04 23:01 0 ----a-w c:\windows\nsreg.dat
2009-03-20 23:55 . 2009-03-20 23:55 -------- d-----w c:\program files\Shareaza
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-05-12_23.50.22 )))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoxioDragToDisc"="c:\program files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe" [2005-11-04 1687552]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe" [2005-11-04 163840]
"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-28 81920]
"TalkTalk"="c:\program files\TalkTalk\bin\sprtcmd.exe" [2007-10-12 202016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-05-14 67072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave"= serwvdrv.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\VoipCheap\\VoipCheap.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont.exe"=
"c:\\Program Files\\Common Files\\SupportSoft\\bin\\tgsrvc.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont_nm.exe"=
"c:\\Program Files\\TalkTalk\\bin\\sprtcmd.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=

R2 sprtsvc_TalkTalk;SupportSoft Sprocket Service (TalkTalk);c:\program files\TalkTalk\bin\sprtsvc.exe [12/10/2007 09:33 202016]
R2 tgsrvc_TalkTalk;SupportSoft Repair Service (TalkTalk);c:\program files\Common Files\SupportSoft\bin\tgsrvc.exe [02/08/2007 14:42 148768]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 19:19 13592]
S3 DMSKSSRh;DMSKSSRh;\??\c:\docume~1\HUGUES~1\LOCALS~1\Temp\DMSKSSRh.sys --> c:\docume~1\HUGUES~1\LOCALS~1\Temp\DMSKSSRh.sys [?]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [21/04/2009 15:36 216232]
S3 netr73;D-Link DWA-111 Wireless G USB Adapter Driver;c:\windows\system32\drivers\netr73.sys [31/03/2008 21:11 256000]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - GTNDIS5
.
Contents of the 'Scheduled Tasks' folder

2007-06-15 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-05-11 16:17]

2009-05-13 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2009-05-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://fr.yahoo.com/
FF - ProfilePath - c:\documents and settings\Hugues Miere\Application Data\Mozilla\Firefox\Profiles\92s12rw1.default\
FF - plugin: c:\documents and settings\Hugues Miere\Application Data\Mozilla\Firefox\Profiles\92s12rw1.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-13 03:05
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2240)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-05-13 3:06
ComboFix-quarantined-files.txt 2009-05-13 02:06
ComboFix2.txt 2009-05-13 01:24
ComboFix3.txt 2009-05-12 23:51

Pre-Run: 7,147,978,752 bytes free
Post-Run: 7,141,097,472 bytes free

129 --- E O F --- 2009-05-01 11:46

ok! c'est fait. voici le log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Hugues Miere at 2009-05-13 03:13:33
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 7 GB (18%) free of 38 GB
Total RAM: 991 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:13:36, on 13/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\Program Files\Belkin\F5D7051\WLService.exe
C:\Program Files\Belkin\F5D7051\WLanCfgG.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\Program Files\TalkTalk\bin\sprtsvc.exe
C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\TalkTalk\bin\sprtcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\Documents and Settings\Hugues Miere\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Hugues Miere.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/hardwaredetection/hardwaredetection_3_1_2_0.cab
O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: Belkin High-Speed Mode Wireless G USB Driver (Belkin High-Speed Mode Wireless G USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\F5D7051\WLService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: SupportSoft Sprocket Service (TalkTalk) (sprtsvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\TalkTalk\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: SupportSoft Repair Service (TalkTalk) (tgsrvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe