System security 2009

brumiaou -  
 gen-hackman -
Bonjour,
depuis hier system security 2009 est en train d'accentuer très fortement ma calvitie naissante. Cela me met des messages alarmants et me demande d'acheter cet hypothétique antivirus qui est la cause de tout mes soucis et que biententendu je ne vais pas acheter. Je ne peut plus lancer quoique se soit sans qu'il me bloque tout en memettant un message comme quoi j'ai un spyware infestation ...
Comme indiqué ci-dessus, j'a installé malawe et est donc les deux rapports.
Par contre ensuite je ne peut pas télécharger le second logiciel (ONto qq chose )
Que puis je faire ? n'étant pas une bête d'informatique je ne sais plus quoi faire, Au secour !
merci par avance de vos précieux conseils.
Configuration: Windows XP Internet Explorer 7.0

40 réponses

  • 1
  • 2
Résumé de la discussion

Un message d’alerte affiché par system security 2009 apparaît sur Windows XP et bloque l’exécution des programmes, présentant des avertissements de spyware et incitant à acheter un antivirus, typique d’un scareware. Des réponses évoquent des scans et des listes interminables de programmes à désinstaller, certains pensent que les scans ne détectent rien et d’autres recommandent d’identifier et de supprimer des éléments manuellement. En analyse des éléments rapportés, la présence d’un fichier info.txt et d’une liste d’Uninstall peut éclairer les risques et guider des suppressions ciblées d’applications, notamment des composants multimédia et des outils système.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. gen-hackman
     
    salut depose tes rapports :)
    0
    1. brumiaou
       
      info.txt logfile of random's system information tool 1.06 2009-06-15 23:49:09

      ======Uninstall list======

      -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
      -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
      -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
      -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
      -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
      Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
      Adobe Reader 7.0.9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002}
      Advertisement Service-->C:\WINDOWS\system32\net.net Uninstall
      Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
      ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
      ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
      Audacity 1.3.5 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
      Barre d'outils MSN-->C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\mtbs.exe c
      BitDefender Internet Security v10-->MsiExec.exe /I{E1EAABFA-15E2-4B46-BF5A-69CDD859AE85}
      Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
      Canon Camera Support Core Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
      Canon G.726 WMP-Decoder-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
      CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
      Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
      Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
      Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
      Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
      Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
      Canon Utilities CameraWindow DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDC\Uninst.ini"
      Canon Utilities CameraWindow-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
      Canon Utilities EOS Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
      Canon Utilities MyCamera DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCameraDC\Uninst.ini"
      Canon Utilities MyCamera-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini"
      Canon Utilities PhotoStitch-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
      Canon Utilities RemoteCapture DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureDC\Uninst.ini"
      Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
      Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
      Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini"
      CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
      Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
      Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
      Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
      Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
      Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
      Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
      Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
      Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
      Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
      Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
      Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
      Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
      Drive Manager-->"C:\Program Files\InstallShield Installation Information\{48B0F38D-1913-44F3-99AA-D4C55A2B038E}\setup.exe" -runfromtemp -l0x040c -removeonly
      Drive Manager-->MsiExec.exe /I{48B0F38D-1913-44F3-99AA-D4C55A2B038E}
      eMule-->"C:\Program Files\eMule\Uninstall.exe"
      eMule2-->"C:\Program Files\eMule\uninstall.exe"
      Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
      GdiplusUpgrade-->MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
      Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
      Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
      Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
      HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
      Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
      Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
      Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
      HP Extended Capabilities 4.7-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
      HP Image Zone 4.7-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
      HP PSC & OfficeJet 4.7-->"C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe" -datfile hposcr05.dat
      HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
      ImageMixer VCD/DVD2 for OLYMPUS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}\Setup.exe" -l0x40c UNINSTALL
      InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
      J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
      Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
      Livre Album Fuji Photo-->"C:\Program Files\Livre Album Fuji Photo\unins000.exe"
      Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
      Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
      Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
      Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
      Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
      Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
      Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
      Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
      Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
      Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
      Microsoft SQL Server Desktop Engine (PINNACLESYS)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
      Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
      Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
      Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB893066)-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB896688)-->"C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
      Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
      Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
      Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
      MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
      MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
      MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
      MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
      Navigateur Orange-->C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe MainUninstall.shl
      Nero BurnRights-->C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL
      Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
      NeroVision Express Content-->C:\WINDOWS\UNNVEContent.exe /UNINSTALL
      Noiseware Community Edition-->MsiExec.exe /I{CB3B7C24-30A1-4961-8039-94919F5ED2EE}
      Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
      Pinnacle MediaCenter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exe" -l0x40c UNINSTALL
      Pinnacle MediaServer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{460CE8B9-6EC2-458A-90D4-691631ECE9D9}\setup.exe" -l0x40c UNINSTALL
      QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1036
      RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
      Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
      Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
      SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IVEN_14F1&DEV_2F20&SUBSYS_200014F1
      Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
      TomTom HOME 2.6.2.1586-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
      TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
      Wanadoo Messager-->C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG
      Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
      Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
      Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
      Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
      Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
      Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
      Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
      Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
      Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
      Windows Messenger 5.1-->MsiExec.exe /I{A433AE09-2126-4dad-9CBD-C1B05DC42787}

      ======Security center information======

      AV: Bitdefender Antivirus (disabled) (outdated)
      FW: Bitdefender Firewall (disabled)

      ======System event log======

      Computer Name: NOM-1D8CBA303B7
      Event Code: 7035
      Message: Un contrôle Arrêter a correctement été envoyé au service BitDefender Scan Server.

      Record Number: 19870
      Source Name: Service Control Manager
      Time Written: 20090523173057.000000+120
      Event Type: Informations
      User: AUTORITE NT\SYSTEM

      Computer Name: NOM-1D8CBA303B7
      Event Code: 7035
      Message: Un contrôle Démarrer a correctement été envoyé au service BDRSDRV.

      Record Number: 19869
      Source Name: Service Control Manager
      Time Written: 20090523163246.000000+120
      Event Type: Informations
      User: AUTORITE NT\SYSTEM

      Computer Name: NOM-1D8CBA303B7
      Event Code: 7035
      Message: Un contrôle Démarrer a correctement été envoyé au service bdfdll.

      Record Number: 19868
      Source Name: Service Control Manager
      Time Written: 20090523163246.000000+120
      Event Type: Informations
      User: AUTORITE NT\SYSTEM

      Computer Name: NOM-1D8CBA303B7
      Event Code: 7036
      Message: Le service BitDefender Virus Shield est entré dans l'état : en cours d'exécution.

      Record Number: 19867
      Source Name: Service Control Manager
      Time Written: 20090523163246.000000+120
      Event Type: Informations
      User:

      Computer Name: NOM-1D8CBA303B7
      Event Code: 7035
      Message: Un contrôle Démarrer a correctement été envoyé au service BitDefender Virus Shield.

      Record Number: 19866
      Source Name: Service Control Manager
      Time Written: 20090523163246.000000+120
      Event Type: Informations
      User: AUTORITE NT\SYSTEM

      =====Application event log=====

      Computer Name: NOM-1D8CBA303B7
      Event Code: 102
      Message: MsnMsgr (1064) \\.\C:\Documents and Settings\bruno\Local Settings\Application Data\Microsoft\Messenger\brumiaou@hotmail.fr\SharingMetadata\Working\database_92C0_2E32_C02E_1D4B\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

      Record Number: 26598
      Source Name: ESENT
      Time Written: 20090328022301.000000+060
      Event Type: Informations
      User:

      Computer Name: NOM-1D8CBA303B7
      Event Code: 100
      Message: MsnMsgr (1064) Le moteur de base de données 5.01.2600.2780 est démarré.

      Record Number: 26597
      Source Name: ESENT
      Time Written: 20090328022301.000000+060
      Event Type: Informations
      User:

      Computer Name: NOM-1D8CBA303B7
      Event Code: 101
      Message: MsnMsgr (1064) Le moteur de base de données est arrêté.

      Record Number: 26596
      Source Name: ESENT
      Time Written: 20090328022237.000000+060
      Event Type: Informations
      User:

      Computer Name: NOM-1D8CBA303B7
      Event Code: 103
      Message: MsnMsgr (1064) \\.\C:\Documents and Settings\bruno\Local Settings\Application Data\Microsoft\Messenger\brumiaou@hotmail.fr\SharingMetadata\Working\database_92C0_2E32_C02E_1D4B\dfsr.db: Le moteur de base de données a arrêté une instance (0).

      Record Number: 26595
      Source Name: ESENT
      Time Written: 20090328022237.000000+060
      Event Type: Informations
      User:

      Computer Name: NOM-1D8CBA303B7
      Event Code: 704
      Message: MsnMsgr (1064) La défragmentation en ligne de la base de données '\\.\C:\Documents and Settings\bruno\Local Settings\Application Data\Microsoft\Messenger\brumiaou@hotmail.fr\SharingMetadata\Working\database_92C0_2E32_C02E_1D4B\dfsr.db' a été interrompue et arrêtée. La prochaine fois qu'une défragmentation en ligne sera effectuée dans cette base de données, elle reprendra à l'endroit où elle a été interrompue.

      Record Number: 26594
      Source Name: ESENT
      Time Written: 20090328022237.000000+060
      Event Type: Informations
      User:

      ======Environment variables======

      "ComSpec"=%SystemRoot%\system32\cmd.exe
      "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\ATI-CPanel;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\QuickTime\QTSystem\
      "windir"=%SystemRoot%
      "FP_NO_HOST_CHECK"=NO
      "OS"=Windows_NT
      "PROCESSOR_ARCHITECTURE"=x86
      "PROCESSOR_LEVEL"=15
      "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel
      "PROCESSOR_REVISION"=0401
      "NUMBER_OF_PROCESSORS"=1
      "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
      "TEMP"=%SystemRoot%\TEMP
      "TMP"=%SystemRoot%\TEMP
      "CLASSPATH"=C:\Program Files\Java\jre1.5.0_05\lib\ext\QTJava.zip
      "QTJAVA"=C:\Program Files\Java\jre1.5.0_05\lib\ext\QTJava.zip

      -----------------EOF-----------------
      Logfile of random's system information tool 1.06 (written by random/random)
      Run by bruno at 2009-06-15 23:48:53
      Microsoft Windows XP Édition familiale Service Pack 2
      System drive C: has 46 GB (24%) free of 191 GB
      Total RAM: 1023 MB (27% free)

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 23:49:04, on 15/06/2009
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16850)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Internet Explorer\Iexplore.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
      C:\WINDOWS\system32\bgsvcgen.exe
      C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
      C:\WINDOWS\system32\HPZipm12.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
      C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
      C:\Program Files\Canon\CAL\CALMAIN.exe
      C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
      C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
      C:\Program Files\Softwin\BitDefender10\vsserv.exe
      C:\ATI-CPanel\atiptaxx.exe
      C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\WINDOWS\ALCWZRD.EXE
      C:\WINDOWS\ALCMTR.EXE
      C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\Program Files\Winamp\winampa.exe
      C:\Program Files\Softwin\BitDefender10\bdmcon.exe
      C:\Program Files\Softwin\BitDefender10\bdagent.exe
      C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
      C:\Program Files\OrangeHSS\Launcher\Launcher.exe
      C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Documents and Settings\All Users\Application Data\13907504\13907504.exe
      C:\Documents and Settings\All Users\Application Data\93917496\93917496.exe
      C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
      C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
      C:\program Files\Manson\liser.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
      C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
      C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
      C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
      C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
      C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
      C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\OrangeHSS\browser\browser.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\RSIT.exe
      C:\Program Files\trend micro\bruno.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
      O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
      O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file)
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
      O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
      O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
      O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
      O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
      O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [PMCS] C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug
      O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
      O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
      O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
      O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
      O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
      O4 - HKLM\..\Run: [orahssStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
      O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [net] "C:\WINDOWS\system32\net.net"
      O4 - HKLM\..\Run: [13907504] C:\Documents and Settings\All Users\Application Data\13907504\13907504.exe
      O4 - HKLM\..\Run: [93917496] C:\Documents and Settings\All Users\Application Data\93917496\93917496.exe
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453664 14
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
      O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
      O4 - HKCU\..\Run: [net] "C:\WINDOWS\system32\net.net"
      O4 - HKCU\..\Run: [kell] C:\program Files\Manson\liser.exe
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
      O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://brumiaou.spaces.live.com//PhotoUpload/MsnPUpld.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://brumiaou.spaces.live.com/PhotoUpload/MsnPUpld.cab
      O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://kit.carpediem.fr/15288/CD/FMure.exe
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
      O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
      O20 - AppInit_DLLs: sockspy.dll,c:\progra~1\Manson\liser.dll
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
      O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
      O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
      O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
      O23 - Service: Pinnacle Systems tvtv Spooler (EpgSpooler) - - c:\progra~1\pinnacle\mediac~1\epgspo~2.exe
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
      O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
      O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
      O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
      O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
      O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
      0
  2. gen-hackman
     
    ok

    il n est pas complet on va proceder autrement :

    Télécharge OTL de OLDTimer

    et enregistre le sur ton Bureau.

    Double clic sur OTL.exe pour le lancer.

    Coche les 2 cases Lop et Purity

    Coche la case devant scan all users

    Clic sur Run Scan.

    A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

    Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

    Pour me le transmettre clique sur ce lien

    Clique sur Parcourir et cherche le fichier ci-dessus.

    Clique sur Ouvrir.

    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.
    0
    1. brumiaou
       
      Voici le lien en espérant que cela soit bon.

      http://www.cijoint.fr/cjlink.php?file=cj200906/cijGgQuw2U.txt

      En tout cas merci pour ton aide
      0
  3. gen-hackman
     
    Double clic sur OTL.exe pour le lancer.

    Copie la liste qui se trouve en gras ci-dessous,

    et colle-la dans la zone sous Customs Scans/Fixes

    :processes
    explorer.exe
    iexplore.exe
    firefox.exe
    msnmsgr.exe
    TeaTimer.exe
    13907504.exe
    93917496.exe

    :OTL
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Key error. File not found
    O2 - BHO: (no name) - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - Reg Error: Key error. File not found
    O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - Reg Error: Key error. File not found
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
    O4 - HKLM..\Run: [13907504] C:\Documents and Settings\All Users\Application Data\13907504\13907504.exe (System Sec.)
    O4 - HKLM..\Run: [93917496] C:\Documents and Settings\All Users\Application Data\93917496\93917496.exe (System Sec.)
    O4 - HKLM..\Run: [net] "C:\WINDOWS\system32\net.net" ()
    O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [net] "C:\WINDOWS\system32\net.net" ()
    O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} http://kit.carpediem.fr/15288/CD/FMure.exe (Reg Error: Key error.)

    :reg
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Alcmtr"=-
    "HP Software Update"=-
    "NeroFilterCheck"=-
    "QuickTime Task"=-
    "SoundMan"=-
    "TkBellExe"=-

    :files
    C:\Documents and Settings\All Users\Application Data\13907504
    C:\Documents and Settings\All Users\Application Data\93917496
    C:\Documents and Settings\bruno\Bureau\System Security 2009.lnk
    C:\Documents and Settings\All Users\Application Data\93917496.ini
    C:\tj.vbs

    :commands
    [emptytemp]
    [reboot]

    Clique sur RunFix pour lancer la suppression.

    Poste le rapport.

    ==========
    0
    1. brumiaou
       
      voici le rapport, cela à l'air d'ête mieux je n'ai plus ce maudit écran noir. Et encore merci pour ton aide

      ========== PROCESSES ==========
      Process explorer.exe killed successfully!
      Process iexplore.exe killed successfully!
      No active process named firefox.exe was found!
      Process msnmsgr.exe killed successfully!
      Process TeaTimer.exe killed successfully!
      Process 13907504.exe killed successfully!
      Process 93917496.exe killed successfully!
      ========== OTL ==========
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3}\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59879FA4-4790-461c-A1CC-4EC4DE4CA483}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59879FA4-4790-461c-A1CC-4EC4DE4CA483}\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\13907504 deleted successfully.
      C:\Documents and Settings\All Users\Application Data\13907504\13907504.exe moved successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\93917496 deleted successfully.
      C:\Documents and Settings\All Users\Application Data\93917496\93917496.exe moved successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\net deleted successfully.
      C:\WINDOWS\system32\net.net moved successfully.
      Registry value HKEY_USERS\S-1-5-21-1932310864-123557233-439672921-1006\Software\Microsoft\Windows\CurrentVersion\Run\\net deleted successfully.
      File "C:\WINDOWS\system32\net.net" not found.
      Starting removal of ActiveX control {86EEF11E-FF16-48CE-B1A2-474B663041A9}
      Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation\\INF .
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\ not found.
      ========== REGISTRY ==========
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Alcmtr deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SoundMan deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
      ========== FILES ==========
      C:\Documents and Settings\All Users\Application Data\13907504 moved successfully.
      C:\Documents and Settings\All Users\Application Data\93917496 moved successfully.
      C:\Documents and Settings\bruno\Bureau\System Security 2009.lnk moved successfully.
      C:\Documents and Settings\All Users\Application Data\93917496.ini moved successfully.
      C:\tj.vbs moved successfully.
      ========== COMMANDS ==========
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\hpodvd09.log scheduled to be deleted on reboot.
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\~DF26D9.tmp scheduled to be deleted on reboot.
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\~DF2D14.tmp scheduled to be deleted on reboot.
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\~DF2E80.tmp scheduled to be deleted on reboot.
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\~DFA02A.tmp scheduled to be deleted on reboot.
      User's Temp folder emptied.
      User's Internet Explorer cache folder emptied.
      Local Service Temp folder emptied.
      File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
      Local Service Temporary Internet Files folder emptied.
      Network Service Temp folder emptied.
      File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
      Network Service Temporary Internet Files folder emptied.
      File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7e0.dat scheduled to be deleted on reboot.
      Windows Temp folder emptied.
      Java cache emptied.
      Temp folders emptied.

      OTL by OldTimer - Version 2.1.1.0 log created on 06162009_074115

      Files moved on Reboot...
      C:\Documents and Settings\bruno\Local Settings\Temp\hpodvd09.log moved successfully.
      C:\Documents and Settings\bruno\Local Settings\Temp\~DF26D9.tmp moved successfully.
      File C:\Documents and Settings\bruno\Local Settings\Temp\~DF2D14.tmp not found!
      C:\Documents and Settings\bruno\Local Settings\Temp\~DF2E80.tmp moved successfully.
      C:\Documents and Settings\bruno\Local Settings\Temp\~DFA02A.tmp moved successfully.
      File move failed. C:\WINDOWS\temp\Perflib_Perfdata_7e0.dat scheduled to be moved on reboot.

      Registry entries deleted on Reboot...
      0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. gen-hackman
     
    Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

    Télécharges :

    Malwarebytes

    ou :

    Malwarebytes

    * Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

    (NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

    * Potasses le Tuto pour te familiariser avec le prg :

    ( cela dit, il est très simple d'utilisation ).

    relance malwarebytes en suivant scrupuleusement ces consignes :

    ! Déconnecte toi et ferme toutes applications en cours !

    * Lance Malwarebyte's .

    Fais un examen dit "Complet" .

    --> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
    --> à la fin tu cliques sur "résultat" .
    --> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

    Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

    Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

    0
    1. brumiaou
       
      bonjour,
      malaware ne veut pas lancer l'installation même en fermant toutes les applications.
      le fichier est pourtant téléchargé.
      Lorsque je double clic sur l'icône , le sablier s'affiche qq second puis disparaît
      est ce que je n'ai pas réalisé une opération ?
      0
  6. gen-hackman
     
    ######## | XP _ Instal & recherche | #######

    Telecharge et install UsbFix (de C_XX & Chiquitine29)

    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir

    # Double clic sur le raccourci UsbFix présent sur ton bureau .

    # Choisi l option 1 ( Recherche )

    # Laisse travailler l outil.

    # Ensuite post le rapport UsbFix.txt qui apparaitra.

    # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    # Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    0
    1. brumiaou
       
      ############################## [ UsbFix V3.032 ]

      # User : bruno (Administrateurs) # NOM-1D8CBA303B7
      # Update on 15/06/09 by Chiquitine29
      # Start at: 20:37:46 | 16/06/2009
      # Website : http://pagesperso-orange.fr/NosTools/usbfix.html

      # Intel(R) Pentium(R) 4 CPU 2.93GHz
      # Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
      # Internet Explorer 7.0.5730.11
      # Windows Firewall Status : Disabled
      # AV : Bitdefender Antivirus 8.0 [ (!) Disabled | (!) Outdated ]
      # FW : Bitdefender Firewall[ (!) Disabled ]8.0

      # A:\ # Lecteur de disquettes 3 ½ pouces # 1,39 Mo (0,86 Mo free) # FAT
      # C:\ # Disque fixe local # 186,31 Go (44,51 Go free) [423335] # NTFS
      # D:\ # Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS
      # E:\ # Disque amovible
      # F:\ # Disque amovible
      # G:\ # Disque amovible
      # H:\ # Disque amovible
      # I:\ # Disque amovible
      # J:\ # Disque fixe local # 465,76 Go (140,7 Go free) [FreeAgent Drive] # NTFS
      # K:\ # Disque amovible
      # L:\ # Disque amovible # 3,83 Go (835,23 Mo free) [USBDISKPRO] # FAT32

      ############################## [ Processus actifs ]

      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Internet Explorer\Iexplore.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\WINDOWS\system32\bgsvcgen.exe
      C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
      C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
      C:\WINDOWS\system32\HPZipm12.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
      C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
      C:\Program Files\Canon\CAL\CALMAIN.exe
      C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
      C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
      C:\Program Files\Softwin\BitDefender10\vsserv.exe
      C:\WINDOWS\System32\alg.exe
      C:\ATI-CPanel\atiptaxx.exe
      C:\WINDOWS\ALCWZRD.EXE
      C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
      C:\Program Files\Winamp\winampa.exe
      C:\Program Files\Softwin\BitDefender10\bdmcon.exe
      C:\Program Files\Softwin\BitDefender10\bdagent.exe
      C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
      C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
      C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
      C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
      C:\program Files\Manson\liser.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
      C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe

      ################## [ Registre Startup ]

      HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
      HKCU_Main: "Search Page"="https://www.google.com/?gws_rd=ssl"
      HKCU_Main: "Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
      HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
      HKLM_logon: "DefaultUserName"="bruno"
      HKLM_logon: "AltDefaultUserName"="bruno"
      HKLM_logon: "LegalNoticeCaption"=""
      HKLM_logon: "LegalNoticeText"=""
      HKLM_Run: Raccourci vers la page des propriétés de High Definition Audio=HDAShCut.exe
      HKLM_Run: ATIPTA=C:\ATI-CPanel\atiptaxx.exe
      HKLM_Run: PMCS=C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug
      HKLM_Run: PinnacleDriverCheck=C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
      HKLM_Run: AlcWzrd=ALCWZRD.EXE
      HKLM_Run: SunJavaUpdateSched=C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
      HKLM_Run: WinampAgent=C:\Program Files\Winamp\winampa.exe
      HKLM_Run: BDMCon="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
      HKLM_Run: BDAgent="C:\Program Files\Softwin\BitDefender10\bdagent.exe"
      HKLM_Run: SystrayORAHSS="C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
      HKLM_Run: orahssStartup="C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
      HKLM_Run: basicsmssmenu="C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
      HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
      HKCU_Run: fsc-reminder.exe=C:\WINDOWS\reminder\fsc-reminder.exe 2453664 14
      HKCU_Run: MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      HKCU_Run: updateMgr=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
      HKCU_Run: TomTomHOME.exe="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
      HKCU_Run: kell=C:\program Files\Manson\liser.exe

      ################## [ Fichiers # Dossiers infectieux ]


      ################## [ Registre # Clés Run infectieuses ]

      Présent ! HKLM\software\microsoft\security center "AntiVirusDisableNotify" ( 0x1 )
      Présent ! HKLM\software\microsoft\security center "FirewallDisableNotify" ( 0x1 )

      ################## [ Registre # Mountpoints2 ]

      HKCU\...\Explorer\MountPoints2\{a8423f7a-2aba-11de-9392-00300574c611}\Shell\AutoRun\Command

      ################## [ ! Fin du rapport # UsbFix V3.032 ! ]
      0
  7. gen-hackman
     
    c'est un program à toi "Manson" ?
    0
    1. brumiaou
       
      cela ne me dit rien du tout !
      0
      1. brumiaou > brumiaou
         
        J'ai regardé, il est situé dans programme files, manson et a été créé le 12 juin de cette année. Ne me disant rien du tout, ce cher manson doit être un squatteur très peu sympathique
        0
  8. gen-hackman
     
    ok relances OTL on va le virer
    0
    1. brumiaou
       
      voici le rapport

      OTL logfile created on: 16/06/2009 21:57:58 - Run 2
      OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\bruno\Bureau
      Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 7.0.5730.11)
      Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

      1023,30 Mb Total Physical Memory | 452,01 Mb Available Physical Memory | 44,17% Memory free
      2,40 Gb Paging File | 1,63 Gb Available in Paging File | 67,76% Paging File free
      Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
      Drive C: | 186,31 Gb Total Space | 44,51 Gb Free Space | 23,89% Space Free | Partition Type: NTFS
      Unable to calculate disk information.
      E: Drive not present or media not loaded
      F: Drive not present or media not loaded
      G: Drive not present or media not loaded
      H: Drive not present or media not loaded
      I: Drive not present or media not loaded
      Drive J: | 465,76 Gb Total Space | 140,70 Gb Free Space | 30,21% Space Free | Partition Type: NTFS
      Drive L: | 3,83 Gb Total Space | 0,82 Gb Free Space | 21,27% Space Free | Partition Type: FAT32

      Computer Name: NOM-1D8CBA303B7
      Current User Name: bruno
      Logged in as Administrator.

      Current Boot Mode: Normal
      Scan Mode: All users
      Output = Standard
      File Age = 30 Days
      Company Name Whitelist: On

      [color=orange]========== Processes (SafeList) ==========/color

      PRC - [2004/11/25 04:12:36 | 00,425,984 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
      PRC - [2004/11/25 04:12:36 | 00,425,984 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
      PRC - [2007/06/13 15:22:28 | 01,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
      PRC - [2007/10/09 17:21:02 | 00,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
      PRC - [2007/07/13 21:47:17 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      PRC - [2005/04/30 18:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe
      PRC - [2007/01/04 11:17:20 | 00,057,344 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
      PRC - [2002/12/17 17:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
      PRC - [2006/03/03 03:49:14 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
      PRC - [2009/04/08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
      PRC - [2006/11/09 13:33:04 | 00,086,016 | ---- | M] (SOFTWIN S.R.L) -- C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
      PRC - [2007/01/31 15:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
      PRC - [2008/08/07 19:53:37 | 00,278,528 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
      PRC - [2007/02/13 19:33:35 | 00,081,920 | ---- | M] () -- C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
      PRC - [2007/10/26 19:00:32 | 00,462,848 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender10\vsserv.exe
      PRC - [2004/11/24 21:10:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\ATI-CPanel\atiptaxx.exe
      PRC - [2005/04/06 18:53:00 | 02,805,248 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
      PRC - [2005/08/26 19:14:44 | 00,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
      PRC - [2006/06/21 19:14:50 | 00,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
      PRC - [2007/04/17 13:56:01 | 00,290,816 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender10\bdmcon.exe
      PRC - [2007/04/04 19:20:01 | 00,069,632 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender10\bdagent.exe
      PRC - [2007/01/04 11:45:34 | 00,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
      PRC - [2007/01/04 11:40:38 | 00,462,848 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe
      PRC - [2007/10/09 17:21:06 | 00,169,328 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
      PRC - [2007/10/18 12:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
      PRC - [2009/04/08 12:38:14 | 00,251,240 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
      PRC - [2009/06/12 16:52:37 | 00,057,344 | RHS- | M] () -- C:\program Files\Manson\liser.exe
      PRC - [2004/11/04 19:28:24 | 00,258,048 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      PRC - [2002/12/17 17:23:32 | 00,074,308 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
      PRC - [2007/01/04 11:13:48 | 00,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
      PRC - [2004/11/04 19:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
      PRC - [2007/01/04 11:35:02 | 00,827,392 | ---- | M] () -- C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
      PRC - [2007/01/04 11:21:36 | 00,622,592 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
      PRC - [2007/01/04 11:20:30 | 00,319,488 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
      PRC - [2007/01/04 11:20:38 | 00,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
      PRC - [2007/01/04 11:17:38 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
      PRC - [2007/01/08 15:21:52 | 00,929,792 | ---- | M] () -- C:\Program Files\OrangeHSS\browser\browser.exe
      PRC - [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe
      PRC - [2009/04/25 07:27:50 | 00,636,088 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\Iexplore.exe
      PRC - [2009/06/16 21:57:08 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bruno\Bureau\OTL.exe

      [color=orange]========== Win32 Services (SafeList) ==========/color

      SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
      SRV - [2004/11/25 04:12:36 | 00,425,984 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
      SRV - [2007/10/09 17:21:02 | 00,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe -- (Basics Service [Auto | Running])
      SRV - [2007/02/13 19:33:35 | 00,081,920 | ---- | M] () -- C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe -- (bdss [On_Demand | Running])
      SRV - [2005/04/30 18:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe -- (bgsvcgen [Auto | Running])
      SRV - [2007/01/31 15:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8 [Auto | Running])
      SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
      SRV - [2005/01/20 07:59:22 | 00,020,480 | ---- | M] ( ) -- c:\Program Files\Pinnacle\MediaCenter\EpgSpoolerSrv.exe -- (EpgSpooler [Auto | Stopped])
      SRV - [2007/01/04 11:17:20 | 00,057,344 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
      SRV - [2009/04/23 02:58:47 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
      SRV - [2004/08/05 14:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
      SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
      SRV - [2008/08/07 19:53:37 | 00,278,528 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe -- (LIVESRV [Auto | Running])
      SRV - [2002/12/17 17:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS [Auto | Running])
      SRV - [2002/12/17 17:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
      SRV - [2004/10/29 09:01:44 | 00,045,056 | ---- | M] (Pinnacle Systems) -- c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe -- (PinnacleSys.MediaServer [Auto | Stopped])
      SRV - [2006/03/03 03:49:14 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Unknown | Running])
      SRV - [2002/12/17 17:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS [On_Demand | Stopped])
      SRV - [2009/04/08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService [Auto | Running])
      SRV - [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Running])
      SRV - [2007/10/26 19:00:32 | 00,462,848 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender10\vsserv.exe -- (VSSERV [Auto | Running])
      SRV - [2005/02/04 15:47:58 | 01,466,368 | ---- | M] (Inventel) -- C:\Program Files\Inventel\Gateway\wlancfg.exe -- (Wlancfg [Auto | Stopped])
      SRV - [2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
      SRV - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
      SRV - [2006/11/09 13:33:04 | 00,086,016 | ---- | M] (SOFTWIN S.R.L) -- C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe -- (XCOMM [Auto | Running])

      [color=orange]========== Driver Services (SafeList) ==========/color

      DRV - [2005/02/09 14:57:48 | 00,985,088 | ---- | M] (Philips Semiconductors GmbH) -- C:\WINDOWS\system32\DRIVERS\3xHybrid.sys -- (3xHybrid [On_Demand | Running])
      DRV - [2003/11/28 17:34:40 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\ASAPIW2k.sys -- (ASAPIW2k [On_Demand | Running])
      DRV - [1999/09/10 13:06:00 | 00,025,244 | R--- | M] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.sys -- (Aspi32 [Auto | Running])
      DRV - [2004/11/25 04:19:54 | 00,872,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
      DRV - [2006/12/04 16:51:44 | 00,008,704 | ---- | M] () -- C:\Program Files\Softwin\BitDefender10\bdfdll.sys -- (bdfdll [On_Demand | Running])
      DRV - [2007/02/16 21:08:25 | 00,071,040 | ---- | M] (Softwin SRL) -- C:\WINDOWS\system32\DRIVERS\bdfndisf.sys -- (Bdfndisf [On_Demand | Running])
      DRV - [2006/01/09 18:50:34 | 00,014,145 | ---- | M] () -- C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys -- (BDFSDRV [On_Demand | Running])
      DRV - [2007/02/16 21:08:22 | 00,075,264 | ---- | M] (Softwin SRL) -- C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys -- (bdftdif [System | Running])
      DRV - [2007/04/10 13:47:26 | 00,025,984 | ---- | M] (Softwin SRL) -- C:\Program Files\Softwin\BitDefender10\bdpredir.sys -- (bdpredir [System | Running])
      DRV - [2006/06/28 17:13:54 | 00,010,768 | ---- | M] () -- C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys -- (BDRSDRV [Auto | Running])
      DRV - [2005/05/11 01:33:12 | 00,032,256 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv [System | Running])
      DRV - [2005/01/07 17:07:16 | 00,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
      DRV - [2005/01/07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
      DRV - [2004/12/14 19:06:28 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Running])
      DRV - [2004/12/14 19:06:28 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])
      DRV - [2004/12/14 19:06:28 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Running])
      DRV - [2003/11/13 19:19:48 | 00,210,304 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2 [On_Demand | Running])
      DRV - [2003/11/13 19:17:00 | 01,042,816 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys -- (HSF_DP [On_Demand | Running])
      DRV - [2005/04/15 18:05:42 | 02,564,032 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
      DRV - [2004/01/16 15:21:48 | 00,012,970 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
      DRV - [2004/08/05 14:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\MPE.sys -- (MPE [On_Demand | Stopped])
      DRV - [2003/09/23 11:38:34 | 00,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5 [On_Demand | Stopped])
      DRV - [2006/06/27 18:30:50 | 00,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Running])
      DRV - [2005/02/01 16:27:00 | 00,348,640 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\PRISMA02.sys -- (PRISM_A02 [On_Demand | Running])
      DRV - [2006/08/19 05:33:24 | 00,013,568 | ---- | M] () -- C:\Program Files\Softwin\BitDefender10\profos.sys -- (Profos [On_Demand | Stopped])
      DRV - [2004/08/05 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
      DRV - [2008/09/29 19:36:47 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
      DRV - [2005/03/04 12:10:26 | 00,074,496 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Running])
      DRV - [2007/11/13 12:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
      DRV - [2007/02/05 02:05:07 | 00,002,368 | ---- | M] (AntiCracking) -- C:\WINDOWS\system32\STEC3.sys -- (STEC3 [Auto | Running])
      DRV - [2006/08/16 12:11:12 | 00,022,656 | ---- | M] () -- C:\Program Files\Softwin\BitDefender10\trufos.sys -- (Trufos [On_Demand | Stopped])
      DRV - [2003/11/13 19:18:36 | 00,679,808 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

      [color=orange]========== Standard Registry (SafeList) ==========/color


      [color=orange]========== Internet Explorer ==========/color

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html


      IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
      IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll ()
      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\S-1-5-21-1932310864-123557233-439672921-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      [color=orange]========== FireFox ==========/color

      FF - prefs.js..browser.search.defaultenginename: "Google"
      FF - prefs.js..browser.search.defaulturl: "https://www.google.com/webhp?lr=&ie=UTF-8&oe=UTF-8&gws_rd=ssl"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.startup.homepage: "https://start.mozilla.org/en-us/"

      FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2008/04/24 21:48:34 | 00,000,000 | ---D | M]

      [2009/04/16 21:21:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\mozilla\Extensions
      [2009/04/16 21:21:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\mozilla\Extensions\home2@tomtom.com
      [2008/04/20 22:18:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\mozilla\Firefox\Profiles\yb26aojq.default\extensions
      [2008/04/18 19:13:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\mozilla\Firefox\Profiles\yb26aojq.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
      [2008/06/16 22:32:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
      [2008/04/18 14:36:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

      O1 HOSTS File: (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
      O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
      O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (ST) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (Microsoft Corporation)
      O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
      O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
      O2 - BHO: (MSNToolBandBHO) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (Microsoft Corporation)
      O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
      O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
      O3 - HKLM\..\Toolbar: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (Microsoft Corporation)
      O3 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
      O3 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
      O3 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
      O3 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
      O3 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
      O3 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (Microsoft Corporation)
      O4 - HKLM..\Run: [AlcWzrd] ALCWZRD.EXE (RealTek Semicoductor Corp.)
      O4 - HKLM..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe (ATI Technologies, Inc.)
      O4 - HKLM..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" (Maxtor Corporation)
      O4 - HKLM..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" (SOFTWIN S.R.L.)
      O4 - HKLM..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg (SOFTWIN S.R.L.)
      O4 - HKLM..\Run: [orahssStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp (France Telecom SA)
      O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg ()
      O4 - HKLM..\Run: [PMCS] C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug File not found
      O4 - HKLM..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe (Windows (R) Server 2003 DDK provider)
      O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
      O4 - HKLM..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe" (France Telecom SA)
      O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
      O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453664 14 ()
      O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [kell] C:\program Files\Manson\liser.exe ()
      O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
      O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
      O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" (TomTom)
      O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 (Adobe Systems Incorporated)
      O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
      O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
      O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
      O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
      O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
      O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO File not found
      O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll (Sun Microsystems, Inc.)
      O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
      O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
      O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
      O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
      O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://brumiaou.spaces.live.com//PhotoUpload/MsnPUpld.cab (MSN Photo Upload Tool)
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
      O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://brumiaou.spaces.live.com/PhotoUpload/MsnPUpld.cab (Windows Live Photo Upload Control)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05)
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class)
      O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
      O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
      O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
      O18 - Protocol\Filter: - text/html - Reg Error: Key error. File not found
      O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
      O20 - AppInit_DLLs: (sockspy.dll) - C:\WINDOWS\system32\sockspy.dll ()
      O20 - AppInit_DLLs: (c:\progra~1\Manson\liser.dll) - c:\Program Files\Manson\liser.dll ()
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
      O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
      O31 - SafeBoot: AlternateShell - cmd.exe
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2005/05/20 15:22:45 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
      O33 - MountPoints2\{a8423f7a-2aba-11de-9392-00300574c611}\Shell\AutoRun\command - "" = L:\InstallTomTomHOME.exe -- File not found
      O34 - HKLM BootExecute: (autocheck) - File not found
      O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
      O34 - HKLM BootExecute: (*) - * [2009/06/16 18:52:45 | 00,000,000 | ---D | M]

      [color=orange]========== Files/Folders - Created Within 30 Days ==========/color

      [8 C:\WINDOWS\*.tmp files]
      [2009/06/16 21:56:12 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\bruno\Bureau\OTL.exe
      [2009/06/16 19:56:42 | 00,001,342 | ---- | C] () -- C:\Documents and Settings\bruno\Bureau\UsbFix V3.032.lnk
      [2009/06/16 19:56:40 | 00,000,000 | ---D | C] -- C:\UsbFix
      [2009/06/16 19:56:07 | 00,717,248 | ---- | C] () -- C:\Documents and Settings\bruno\Bureau\UsbFix.exe
      [2009/06/16 19:37:51 | 00,608,448 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\bruno\Bureau\comctl32.ocx
      [2009/06/16 18:43:53 | 03,371,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\bruno\Bureau\mbam-setup.exe
      [2009/06/16 07:41:15 | 00,000,000 | ---D | C] -- C:\_OTL
      [2009/06/16 00:22:59 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe
      [2009/06/15 23:48:54 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
      [2009/06/15 23:48:53 | 00,000,000 | ---D | C] -- C:\rsit
      [2009/06/15 23:48:22 | 00,781,909 | ---- | C] () -- C:\Program Files\RSIT.exe
      [2009/06/15 23:36:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
      [2009/06/15 23:03:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      [2009/06/15 22:55:56 | 00,000,000 | ---D | C] -- C:\Program Files\erreut ccleaner
      [2009/06/15 22:47:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\bruno\Application Data\Yahoo!
      [2009/06/15 22:47:25 | 00,001,554 | ---- | C] () -- C:\Documents and Settings\bruno\Bureau\CCleaner.lnk
      [2009/06/15 22:47:25 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2009/06/12 19:13:36 | 00,000,000 | RHSD | C] -- C:\Program Files\Manson
      [2009/06/09 19:28:50 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
      [2008/06/16 22:32:02 | 00,000,167 | ---- | C] () -- C:\WINDOWS\wininit.ini
      [2007/02/05 02:08:52 | 00,000,029 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI
      [2007/02/05 01:08:19 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
      [2006/11/29 00:25:22 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
      [2006/11/20 22:25:04 | 00,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
      [2006/08/30 16:16:32 | 00,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
      [2006/08/09 01:51:43 | 00,004,014 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
      [2006/02/11 00:51:00 | 00,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
      [2006/01/26 20:19:52 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\sockspy.dll
      [2005/11/25 00:52:37 | 00,058,257 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
      [2005/10/28 23:27:32 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
      [2005/10/27 23:51:46 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
      [2005/10/25 20:49:39 | 00,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini
      [2005/05/20 16:27:58 | 00,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
      [2005/05/20 16:27:47 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
      [2005/05/20 16:24:18 | 00,000,604 | ---- | C] () -- C:\WINDOWS\win.ini
      [2005/05/20 16:24:14 | 00,000,264 | ---- | C] () -- C:\WINDOWS\System.ini
      [2005/05/20 16:17:33 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
      [2005/05/20 16:08:52 | 00,196,096 | ---- | C] () -- C:\WINDOWS\System32\MACD32.DLL
      [2005/05/20 16:08:52 | 00,138,752 | ---- | C] () -- C:\WINDOWS\System32\MASE32.DLL
      [2005/05/20 16:08:52 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\MAMC32.DLL
      [2005/05/20 16:08:52 | 00,057,856 | ---- | C] () -- C:\WINDOWS\System32\MASD32.DLL
      [2005/05/20 16:08:49 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\MA32.DLL
      [2005/05/20 15:46:49 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
      [2005/05/20 15:46:49 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
      [2005/05/20 15:46:49 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
      [2005/05/20 15:46:49 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
      [2005/05/20 15:46:48 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
      [2005/05/20 15:46:48 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
      [2005/05/20 15:36:11 | 00,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
      [2005/05/20 15:25:26 | 00,000,926 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
      [2005/05/20 15:20:12 | 00,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
      [2004/08/04 02:54:38 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
      [2002/12/06 17:37:06 | 00,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll

      [color=orange]========== Files - Modified Within 30 Days ==========/color

      [5 C:\WINDOWS\System32\*.tmp files]
      [8 C:\WINDOWS\*.tmp files]
      [2009/06/16 21:57:39 | 00,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin
      [2009/06/16 21:57:08 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bruno\Bureau\OTL.exe
      [2009/06/16 21:50:37 | 00,000,604 | ---- | M] () -- C:\WINDOWS\win.ini
      [2009/06/16 21:38:30 | 00,000,574 | ---- | M] () -- C:\Documents and Settings\bruno\Mes documents\Mes dossiers de partage.lnk
      [2009/06/16 20:58:36 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
      [2009/06/16 20:56:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
      [2009/06/16 20:56:19 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\bruno\Local Settings\desktop.ini
      [2009/06/16 20:56:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
      [2009/06/16 20:56:09 | 10,730,74176 | -HS- | M] () -- C:\hiberfil.sys
      [2009/06/16 20:36:42 | 00,001,342 | ---- | M] () -- C:\Documents and Settings\bruno\Bureau\UsbFix V3.032.lnk
      [2009/06/16 19:56:23 | 00,717,248 | ---- | M] () -- C:\Documents and Settings\bruno\Bureau\UsbFix.exe
      [2009/06/16 19:37:55 | 00,608,448 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\bruno\Bureau\comctl32.ocx
      [2009/06/16 18:44:00 | 03,371,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\bruno\Bureau\mbam-setup.exe
      [2009/06/15 23:37:24 | 00,000,264 | ---- | M] () -- C:\WINDOWS\System.ini
      [2009/06/15 23:37:24 | 00,000,216 | -HS- | M] () -- C:\boot.ini
      [2009/06/15 22:47:25 | 00,001,554 | ---- | M] () -- C:\Documents and Settings\bruno\Bureau\CCleaner.lnk
      [2009/06/15 22:11:55 | 10,731,06944 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
      [2009/06/15 21:30:06 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
      [2009/06/12 18:18:28 | 00,045,056 | ---- | M] ( ) -- C:\WINDOWS\System32\CompiledAdapter
      [2009/06/09 20:40:58 | 00,148,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
      [2009/06/09 19:28:50 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
      [2009/05/18 16:59:59 | 00,005,492 | ---- | M] () -- C:\Documents and Settings\bruno\Application Data\wklnhst.dat

      [color=orange]========== LOP Check ==========/color

      [2005/05/20 16:03:26 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur\Application Data
      [2005/05/20 16:03:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Adobe
      [2005/05/20 15:25:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Identities
      [2005/05/20 16:07:32 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Administrateur\Application Data\Microsoft
      [2009/06/16 20:58:34 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
      [2007/07/31 23:46:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
      [2005/05/20 15:45:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
      [2006/04/03 21:12:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
      [2007/04/04 19:21:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
      [2009/02/19 21:47:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
      [2005/10/20 22:13:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
      [2006/04/27 19:50:05 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
      [2005/05/20 16:07:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
      [2005/05/20 15:37:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
      [2007/12/10 21:39:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
      [2009/03/25 01:41:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiComponents
      [2009/06/16 18:54:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      [2007/02/04 23:58:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
      [2009/04/16 21:21:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
      [2006/07/19 20:46:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
      [2008/03/01 18:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
      [2008/01/02 22:55:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
      [2005/11/12 02:05:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
      [2009/06/15 22:47:32 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\bruno\Application Data
      [2008/04/28 15:59:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Adobe
      [2008/05/26 16:00:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\AdobeUM
      [2005/10/28 23:46:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Ahead
      [2006/09/15 22:53:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Apple Computer
      [2008/08/08 00:34:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Audacity
      [2007/02/04 23:58:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Bitdefender
      [2008/01/29 01:00:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\CameraWindowDC
      [2008/01/14 20:28:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\CANON INC
      [2006/11/01 14:44:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Google
      [2005/10/22 15:50:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Help
      [2005/05/20 15:25:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Identities
      [2005/10/28 23:26:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\InterVideo
      [2007/12/06 23:06:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\LimeWire
      [2005/11/16 23:05:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Macromedia
      [2008/02/04 03:24:05 | 00,000,000 | --SD | M] -- C:\Documents and Settings\bruno\Application Data\Microsoft
      [2009/04/16 21:21:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Mozilla
      [2006/04/27 19:33:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\MSNInstaller
      [2007/02/05 03:20:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\OLYMPUS
      [2006/10/08 23:08:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Pinnacle Systems
      [2008/04/24 21:49:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Real
      [2005/11/21 23:44:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Sun
      [2005/10/20 22:59:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Symantec
      [2008/06/10 01:30:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\TaoUSign
      [2005/10/20 21:24:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Template
      [2009/04/16 21:21:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\TomTom
      [2009/06/15 22:47:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Yahoo!
      [2008/02/20 02:06:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\ZoomBrowser EX
      [2005/05/20 16:03:26 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data
      [2005/05/20 16:03:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Adobe
      [2005/05/20 15:25:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Identities
      [2005/05/20 16:07:32 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Default User\Application Data\Microsoft
      [2005/05/20 15:24:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data
      [2005/05/20 16:10:19 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
      [2005/11/05 16:48:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data
      [2007/07/11 23:55:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
      [2005/11/05 16:48:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
      [2004/08/05 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
      [2009/06/16 20:56:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

      [color=orange]========== Purity Check ==========/color

      < End of report >
      0
    2. brumiaou
       
      voici le rapport

      OTL logfile created on: 16/06/2009 21:57:58 - Run 2
      OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\bruno\Bureau
      Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 7.0.5730.11)
      Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

      1023,30 Mb Total Physical Memory | 452,01 Mb Available Physical Memory | 44,17% Memory free
      2,40 Gb Paging File | 1,63 Gb Available in Paging File | 67,76% Paging File free
      Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
      Drive C: | 186,31 Gb Total Space | 44,51 Gb Free Space | 23,89% Space Free | Partition Type: NTFS
      Unable to calculate disk information.
      E: Drive not present or media not loaded
      F: Drive not present or media not loaded
      G: Drive not present or media not loaded
      H: Drive not present or media not loaded
      I: Drive not present or media not loaded
      Drive J: | 465,76 Gb Total Space | 140,70 Gb Free Space | 30,21% Space Free | Partition Type: NTFS
      Drive L: | 3,83 Gb Total Space | 0,82 Gb Free Space | 21,27% Space Free | Partition Type: FAT32

      Computer Name: NOM-1D8CBA303B7
      Current User Name: bruno
      Logged in as Administrator.

      Current Boot Mode: Normal
      Scan Mode: All users
      Output = Standard
      File Age = 30 Days
      Company Name Whitelist: On

      [color=orange]========== Processes (SafeList) ==========[/color]

      PRC - [2004/11/25 04:12:36 | 00,425,984 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
      PRC - [2004/11/25 04:12:36 | 00,425,984 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
      PRC - [2007/06/13 15:22:28 | 01,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
      PRC - [2007/10/09 17:21:02 | 00,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
      PRC - [2007/07/13 21:47:17 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      PRC - [2005/04/30 18:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe
      PRC - [2007/01/04 11:17:20 | 00,057,344 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
      PRC - [2002/12/17 17:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
      PRC - [2006/03/03 03:49:14 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
      PRC - [2009/04/08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
      PRC - [2006/11/09 13:33:04 | 00,086,016 | ---- | M] (SOFTWIN S.R.L) -- C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
      PRC - [2007/01/31 15:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
      PRC - [2008/08/07 19:53:37 | 00,278,528 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
      PRC - [2007/02/13 19:33:35 | 00,081,920 | ---- | M] () -- C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
      PRC - [2007/10/26 19:00:32 | 00,462,848 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender10\vsserv.exe
      PRC - [2004/11/24 21:10:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\ATI-CPanel\atiptaxx.exe
      PRC - [2005/04/06 18:53:00 | 02,805,248 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
      PRC - [2005/08/26 19:14:44 | 00,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
      PRC - [2006/06/21 19:14:50 | 00,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
      PRC - [2007/04/17 13:56:01 | 00,290,816 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender10\bdmcon.exe
      PRC - [2007/04/04 19:20:01 | 00,069,632 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender10\bdagent.exe
      PRC - [2007/01/04 11:45:34 | 00,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
      PRC - [2007/01/04 11:40:38 | 00,462,848 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe
      PRC - [2007/10/09 17:21:06 | 00,169,328 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
      PRC - [2007/10/18 12:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
      PRC - [2009/04/08 12:38:14 | 00,251,240 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
      PRC - [2009/06/12 16:52:37 | 00,057,344 | RHS- | M] () -- C:\program Files\Manson\liser.exe
      PRC - [2004/11/04 19:28:24 | 00,258,048 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      PRC - [2002/12/17 17:23:32 | 00,074,308 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
      PRC - [2007/01/04 11:13:48 | 00,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
      PRC - [2004/11/04 19:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
      PRC - [2007/01/04 11:35:02 | 00,827,392 | ---- | M] () -- C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
      PRC - [2007/01/04 11:21:36 | 00,622,592 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
      PRC - [2007/01/04 11:20:30 | 00,319,488 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
      PRC - [2007/01/04 11:20:38 | 00,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
      PRC - [2007/01/04 11:17:38 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
      PRC - [2007/01/08 15:21:52 | 00,929,792 | ---- | M] () -- C:\Program Files\OrangeHSS\browser\browser.exe
      PRC - [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe
      PRC - [2009/04/25 07:27:50 | 00,636,088 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\Iexplore.exe
      PRC - [2009/06/16 21:57:08 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bruno\Bureau\OTL.exe

      [color=orange]========== Win32 Services (SafeList) ==========[/color]

      SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
      SRV - [2004/11/25 04:12:36 | 00,425,984 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
      SRV - [2007/10/09 17:21:02 | 00,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe -- (Basics Service [Auto | Running])
      SRV - [2007/02/13 19:33:35 | 00,081,920 | ---- | M] () -- C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe -- (bdss [On_Demand | Running])
      SRV - [2005/04/30 18:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe -- (bgsvcgen [Auto | Running])
      SRV - [2007/01/31 15:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8 [Auto | Running])
      SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
      SRV - [2005/01/20 07:59:22 | 00,020,480 | ---- | M] ( ) -- c:\Program Files\Pinnacle\MediaCenter\EpgSpoolerSrv.exe -- (EpgSpooler [Auto | Stopped])
      SRV - [2007/01/04 11:17:20 | 00,057,344 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
      SRV - [2009/04/23 02:58:47 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
      SRV - [2004/08/05 14:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
      SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
      SRV - [2008/08/07 19:53:37 | 00,278,528 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe -- (LIVESRV [Auto | Running])
      SRV - [2002/12/17 17:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS [Auto | Running])
      SRV - [2002/12/17 17:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
      SRV - [2004/10/29 09:01:44 | 00,045,056 | ---- | M] (Pinnacle Systems) -- c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe -- (PinnacleSys.MediaServer [Auto | Stopped])
      SRV - [2006/03/03 03:49:14 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Unknown | Running])
      SRV - [2002/12/17 17:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS [On_Demand | Stopped])
      SRV - [2009/04/08 12:38:14 | 00,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService [Auto | Running])
      SRV - [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Running])
      SRV - [2007/10/26 19:00:32 | 00,462,848 | ---- | M] (SOFTWIN S.R.L.) -- C:\Program Files\Softwin\BitDefender10\vsserv.exe -- (VSSERV [Auto | Running])
      SRV - [2005/02/04 15:47:58 | 01,466,368 | ---- | M] (Inventel) -- C:\Program Files\Inventel\Gateway\wlancfg.exe -- (Wlancfg [Auto | Stopped])
      SRV - [2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
      SRV - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
      SRV - [2006/11/09 13:33:04 | 00,086,016 | ---- | M] (SOFTWIN S.R.L) -- C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe -- (XCOMM [Auto | Running])

      [color=orange]========== Driver Services (SafeList) ==========[/color]

      DRV - [2005/02/09 14:57:48 | 00,985,088 | ---- | M] (Philips Semiconductors GmbH) -- C:\WINDOWS\system32\DRIVERS\3xHybrid.sys -- (3xHybrid [On_Demand | Running])
      DRV - [2003/11/28 17:34:40 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\ASAPIW2k.sys -- (ASAPIW2k [On_Demand | Running])
      DRV - [1999/09/10 13:06:00 | 00,025,244 | R--- | M] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.sys -- (Aspi32 [Auto | Running])
      DRV - [2004/11/25 04:19:54 | 00,872,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
      DRV - [2006/12/04 16:51:44 | 00,008,704 | ---- | M] () -- C:\Program Files\Softwin\BitDefender10\bdfdll.sys -- (bdfdll [On_Demand | Running])
      DRV - [2007/02/16 21:08:25 | 00,071,040 | ---- | M] (Softwin SRL) -- C:\WINDOWS\system32\DRIVERS\bdfndisf.sys -- (Bdfndisf [On_Demand | Running])
      DRV - [2006/01/09 18:50:34 | 00,014,145 | ---- | M] () -- C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys -- (BDFSDRV [On_Demand | Running])
      DRV - [2007/02/16 21:08:22 | 00,075,264 | ---- | M] (Softwin SRL) -- C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys -- (bdftdif [System | Running])
      DRV - [2007/04/10 13:47:26 | 00,025,984 | ---- | M] (Softwin SRL) -- C:\Program Files\Softwin\BitDefender10\bdpredir.sys -- (bdpredir [System | Running])
      DRV - [2006/06/28 17:13:54 | 00,010,768 | ---- | M] () -- C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys -- (BDRSDRV [Auto | Running])
      DRV - [2005/05/11 01:33:12 | 00,032,256 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv [System | Running])
      DRV - [2005/01/07 17:07:16 | 00,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
      DRV - [2005/01/07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
      DRV - [2004/12/14 19:06:28 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Running])
      DRV - [2004/12/14 19:06:28 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])
      DRV - [2004/12/14 19:06:28 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Running])
      DRV - [2003/11/13 19:19:48 | 00,210,304 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2 [On_Demand | Running])
      DRV - [2003/11/13 19:17:00 | 01,042,816 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys -- (HSF_DP [On_Demand | Running])
      DRV - [2005/04/15 18:05:42 | 02,564,032 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
      DRV - [2004/01/16 15:21:48 | 00,012,970 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
      DRV - [2004/08/05 14:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\MPE.sys -- (MPE [On_Demand | Stopped])
      DRV - [2003/09/23 11:38:34 | 00,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5 [On_Demand | Stopped])
      DRV - [2006/06/27 18:30:50 | 00,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Running])
      DRV - [2005/02/01 16:27:00 | 00,348,640 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\PRISMA02.sys -- (PRISM_A02 [On_Demand | Running])
      DRV - [2006/08/19 05:33:24 | 00,013,568 | ---- | M] () -- C:\Program Files\Softwin\BitDefender10\profos.sys -- (Profos [On_Demand | Stopped])
      DRV - [2004/08/05 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
      DRV - [2008/09/29 19:36:47 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
      DRV - [2005/03/04 12:10:26 | 00,074,496 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Running])
      DRV - [2007/11/13 12:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
      DRV - [2007/02/05 02:05:07 | 00,002,368 | ---- | M] (AntiCracking) -- C:\WINDOWS\system32\STEC3.sys -- (STEC3 [Auto | Running])
      DRV - [2006/08/16 12:11:12 | 00,022,656 | ---- | M] () -- C:\Program Files\Softwin\BitDefender10\trufos.sys -- (Trufos [On_Demand | Stopped])
      DRV - [2003/11/13 19:18:36 | 00,679,808 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

      [color=orange]========== Standard Registry (SafeList) ==========[/color]


      [color=orange]========== Internet Explorer ==========[/color]

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html


      IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
      IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll ()
      IE - HKU\S-1-5-21-1932310864-123557233-439672921-1006\S-1-5-21-1932310864-123557233-439672921-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      [color=orange]========== FireFox ==========[/color]

      FF - prefs.js..browser.search.defaultenginename: "Google"
      FF - prefs.js..browser.search.defaulturl: "https://www.google.com/webhp?lr=&ie=UTF-8&oe=UTF-8&gws_rd=ssl"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.startup.homepage: "https://start.mozilla.org/en-us/"

      FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2008/04/24 21:48:34 | 00,000,000 | ---D | M]

      [2009/04/16 21:21:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\mozilla\Extensions
      [2009/04/16 21:21:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\mozilla\Extensions\home2@tomtom.com
      [2008/04/20 22:18:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\mozilla\Firefox\Profiles\yb26aojq.default\extensions
      [2008/04/18 19:13:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\mozilla\Firefox\Profiles\yb26aojq.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
      [2008/06/16 22:32:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
      [2008/04/18 14:36:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

      O1 HOSTS File: (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
      O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
      O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (ST) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (Microsoft Corporation)
      O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
      O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
      O2 - BHO: (MSNToolBandBHO) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (Microsoft Corporation)
      O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
      O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
      O3 - HKLM\..\Toolbar: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (Microsoft Corporation)
      O3 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
      O3 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
      O3 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
      O3 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
      O3 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
      O3 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (Microsoft Corporation)
      O4 - HKLM..\Run: [AlcWzrd] ALCWZRD.EXE (RealTek Semicoductor Corp.)
      O4 - HKLM..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe (ATI Technologies, Inc.)
      O4 - HKLM..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" (Maxtor Corporation)
      O4 - HKLM..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" (SOFTWIN S.R.L.)
      O4 - HKLM..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg (SOFTWIN S.R.L.)
      O4 - HKLM..\Run: [orahssStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp (France Telecom SA)
      O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg ()
      O4 - HKLM..\Run: [PMCS] C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug File not found
      O4 - HKLM..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe (Windows (R) Server 2003 DDK provider)
      O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
      O4 - HKLM..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe" (France Telecom SA)
      O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
      O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453664 14 ()
      O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [kell] C:\program Files\Manson\liser.exe ()
      O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
      O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
      O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" (TomTom)
      O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 (Adobe Systems Incorporated)
      O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
      O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
      O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
      O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
      O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-21-1932310864-123557233-439672921-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
      O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO File not found
      O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll (Sun Microsystems, Inc.)
      O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
      O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
      O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
      O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
      O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://brumiaou.spaces.live.com//PhotoUpload/MsnPUpld.cab (MSN Photo Upload Tool)
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
      O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://brumiaou.spaces.live.com/PhotoUpload/MsnPUpld.cab (Windows Live Photo Upload Control)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05)
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class)
      O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
      O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
      O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
      O18 - Protocol\Filter: - text/html - Reg Error: Key error. File not found
      O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
      O20 - AppInit_DLLs: (sockspy.dll) - C:\WINDOWS\system32\sockspy.dll ()
      O20 - AppInit_DLLs: (c:\progra~1\Manson\liser.dll) - c:\Program Files\Manson\liser.dll ()
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
      O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
      O31 - SafeBoot: AlternateShell - cmd.exe
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2005/05/20 15:22:45 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
      O33 - MountPoints2\{a8423f7a-2aba-11de-9392-00300574c611}\Shell\AutoRun\command - "" = L:\InstallTomTomHOME.exe -- File not found
      O34 - HKLM BootExecute: (autocheck) - File not found
      O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
      O34 - HKLM BootExecute: (*) - * [2009/06/16 18:52:45 | 00,000,000 | ---D | M]

      [color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]

      [8 C:\WINDOWS\*.tmp files]
      [2009/06/16 21:56:12 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\bruno\Bureau\OTL.exe
      [2009/06/16 19:56:42 | 00,001,342 | ---- | C] () -- C:\Documents and Settings\bruno\Bureau\UsbFix V3.032.lnk
      [2009/06/16 19:56:40 | 00,000,000 | ---D | C] -- C:\UsbFix
      [2009/06/16 19:56:07 | 00,717,248 | ---- | C] () -- C:\Documents and Settings\bruno\Bureau\UsbFix.exe
      [2009/06/16 19:37:51 | 00,608,448 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\bruno\Bureau\comctl32.ocx
      [2009/06/16 18:43:53 | 03,371,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\bruno\Bureau\mbam-setup.exe
      [2009/06/16 07:41:15 | 00,000,000 | ---D | C] -- C:\_OTL
      [2009/06/16 00:22:59 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe
      [2009/06/15 23:48:54 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
      [2009/06/15 23:48:53 | 00,000,000 | ---D | C] -- C:\rsit
      [2009/06/15 23:48:22 | 00,781,909 | ---- | C] () -- C:\Program Files\RSIT.exe
      [2009/06/15 23:36:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
      [2009/06/15 23:03:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      [2009/06/15 22:55:56 | 00,000,000 | ---D | C] -- C:\Program Files\erreut ccleaner
      [2009/06/15 22:47:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\bruno\Application Data\Yahoo!
      [2009/06/15 22:47:25 | 00,001,554 | ---- | C] () -- C:\Documents and Settings\bruno\Bureau\CCleaner.lnk
      [2009/06/15 22:47:25 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2009/06/12 19:13:36 | 00,000,000 | RHSD | C] -- C:\Program Files\Manson
      [2009/06/09 19:28:50 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
      [2008/06/16 22:32:02 | 00,000,167 | ---- | C] () -- C:\WINDOWS\wininit.ini
      [2007/02/05 02:08:52 | 00,000,029 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI
      [2007/02/05 01:08:19 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
      [2006/11/29 00:25:22 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
      [2006/11/20 22:25:04 | 00,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
      [2006/08/30 16:16:32 | 00,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
      [2006/08/09 01:51:43 | 00,004,014 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
      [2006/02/11 00:51:00 | 00,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
      [2006/01/26 20:19:52 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\sockspy.dll
      [2005/11/25 00:52:37 | 00,058,257 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
      [2005/10/28 23:27:32 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
      [2005/10/27 23:51:46 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
      [2005/10/25 20:49:39 | 00,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini
      [2005/05/20 16:27:58 | 00,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
      [2005/05/20 16:27:47 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
      [2005/05/20 16:24:18 | 00,000,604 | ---- | C] () -- C:\WINDOWS\win.ini
      [2005/05/20 16:24:14 | 00,000,264 | ---- | C] () -- C:\WINDOWS\System.ini
      [2005/05/20 16:17:33 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
      [2005/05/20 16:08:52 | 00,196,096 | ---- | C] () -- C:\WINDOWS\System32\MACD32.DLL
      [2005/05/20 16:08:52 | 00,138,752 | ---- | C] () -- C:\WINDOWS\System32\MASE32.DLL
      [2005/05/20 16:08:52 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\MAMC32.DLL
      [2005/05/20 16:08:52 | 00,057,856 | ---- | C] () -- C:\WINDOWS\System32\MASD32.DLL
      [2005/05/20 16:08:49 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\MA32.DLL
      [2005/05/20 15:46:49 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
      [2005/05/20 15:46:49 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
      [2005/05/20 15:46:49 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
      [2005/05/20 15:46:49 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
      [2005/05/20 15:46:48 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
      [2005/05/20 15:46:48 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
      [2005/05/20 15:36:11 | 00,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
      [2005/05/20 15:25:26 | 00,000,926 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
      [2005/05/20 15:20:12 | 00,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
      [2004/08/04 02:54:38 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
      [2002/12/06 17:37:06 | 00,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll

      [color=orange]========== Files - Modified Within 30 Days ==========[/color]

      [5 C:\WINDOWS\System32\*.tmp files]
      [8 C:\WINDOWS\*.tmp files]
      [2009/06/16 21:57:39 | 00,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin
      [2009/06/16 21:57:08 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bruno\Bureau\OTL.exe
      [2009/06/16 21:50:37 | 00,000,604 | ---- | M] () -- C:\WINDOWS\win.ini
      [2009/06/16 21:38:30 | 00,000,574 | ---- | M] () -- C:\Documents and Settings\bruno\Mes documents\Mes dossiers de partage.lnk
      [2009/06/16 20:58:36 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
      [2009/06/16 20:56:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
      [2009/06/16 20:56:19 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\bruno\Local Settings\desktop.ini
      [2009/06/16 20:56:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
      [2009/06/16 20:56:09 | 10,730,74176 | -HS- | M] () -- C:\hiberfil.sys
      [2009/06/16 20:36:42 | 00,001,342 | ---- | M] () -- C:\Documents and Settings\bruno\Bureau\UsbFix V3.032.lnk
      [2009/06/16 19:56:23 | 00,717,248 | ---- | M] () -- C:\Documents and Settings\bruno\Bureau\UsbFix.exe
      [2009/06/16 19:37:55 | 00,608,448 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\bruno\Bureau\comctl32.ocx
      [2009/06/16 18:44:00 | 03,371,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\bruno\Bureau\mbam-setup.exe
      [2009/06/15 23:37:24 | 00,000,264 | ---- | M] () -- C:\WINDOWS\System.ini
      [2009/06/15 23:37:24 | 00,000,216 | -HS- | M] () -- C:\boot.ini
      [2009/06/15 22:47:25 | 00,001,554 | ---- | M] () -- C:\Documents and Settings\bruno\Bureau\CCleaner.lnk
      [2009/06/15 22:11:55 | 10,731,06944 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
      [2009/06/15 21:30:06 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
      [2009/06/12 18:18:28 | 00,045,056 | ---- | M] ( ) -- C:\WINDOWS\System32\CompiledAdapter
      [2009/06/09 20:40:58 | 00,148,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
      [2009/06/09 19:28:50 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
      [2009/05/18 16:59:59 | 00,005,492 | ---- | M] () -- C:\Documents and Settings\bruno\Application Data\wklnhst.dat

      [color=orange]========== LOP Check ==========[/color]

      [2005/05/20 16:03:26 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur\Application Data
      [2005/05/20 16:03:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Adobe
      [2005/05/20 15:25:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Identities
      [2005/05/20 16:07:32 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Administrateur\Application Data\Microsoft
      [2009/06/16 20:58:34 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
      [2007/07/31 23:46:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
      [2005/05/20 15:45:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
      [2006/04/03 21:12:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
      [2007/04/04 19:21:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
      [2009/02/19 21:47:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
      [2005/10/20 22:13:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
      [2006/04/27 19:50:05 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
      [2005/05/20 16:07:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
      [2005/05/20 15:37:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
      [2007/12/10 21:39:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
      [2009/03/25 01:41:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiComponents
      [2009/06/16 18:54:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      [2007/02/04 23:58:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
      [2009/04/16 21:21:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
      [2006/07/19 20:46:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
      [2008/03/01 18:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
      [2008/01/02 22:55:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
      [2005/11/12 02:05:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
      [2009/06/15 22:47:32 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\bruno\Application Data
      [2008/04/28 15:59:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Adobe
      [2008/05/26 16:00:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\AdobeUM
      [2005/10/28 23:46:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Ahead
      [2006/09/15 22:53:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Apple Computer
      [2008/08/08 00:34:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Audacity
      [2007/02/04 23:58:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Bitdefender
      [2008/01/29 01:00:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\CameraWindowDC
      [2008/01/14 20:28:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\CANON INC
      [2006/11/01 14:44:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Google
      [2005/10/22 15:50:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Help
      [2005/05/20 15:25:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Identities
      [2005/10/28 23:26:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\InterVideo
      [2007/12/06 23:06:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\LimeWire
      [2005/11/16 23:05:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Macromedia
      [2008/02/04 03:24:05 | 00,000,000 | --SD | M] -- C:\Documents and Settings\bruno\Application Data\Microsoft
      [2009/04/16 21:21:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Mozilla
      [2006/04/27 19:33:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\MSNInstaller
      [2007/02/05 03:20:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\OLYMPUS
      [2006/10/08 23:08:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Pinnacle Systems
      [2008/04/24 21:49:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Real
      [2005/11/21 23:44:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Sun
      [2005/10/20 22:59:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Symantec
      [2008/06/10 01:30:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\TaoUSign
      [2005/10/20 21:24:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Template
      [2009/04/16 21:21:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\TomTom
      [2009/06/15 22:47:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\Yahoo!
      [2008/02/20 02:06:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\bruno\Application Data\ZoomBrowser EX
      [2005/05/20 16:03:26 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data
      [2005/05/20 16:03:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Adobe
      [2005/05/20 15:25:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Identities
      [2005/05/20 16:07:32 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Default User\Application Data\Microsoft
      [2005/05/20 15:24:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data
      [2005/05/20 16:10:19 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
      [2005/11/05 16:48:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data
      [2007/07/11 23:55:55 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
      [2005/11/05 16:48:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
      [2004/08/05 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
      [2009/06/16 20:56:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

      [color=orange]========== Purity Check ==========[/color]

      < End of report >
      0
  9. gen-hackman
     
    tu ne l'as pas dans ajout/suppression de programmes ?
    0
    1. brumiaou
       
      J'ai scans complete mais rien dans la liste
      0
      1. brumiaou > brumiaou
         
        excuse moi j'avais pas compris que c'était dans le panneau de configuration. Mais je viens de vérifier et il n'est pas présent.
        0
    2. brumiaou
       
      J'ai essayer de suprimer le programme manson en le suprimant directement en l'envoyant dans la corbeille. Cela me met le message suivant:

      Impossible de suprimer liser exe: accès refusé. vérifier que le disque n'est pas plein ou protégé en écriture et que le fichier n'est pas utilisé actuellement.

      En attendant cela va tout de même beaucoup mieux et je tiens à te remercier sincèrement pour l'aide que tu m'as apporté , sans toi je crois que mon ordi aurai fini par la fenêtre !
      0
  10. gen-hackman
     
    Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
    - Coche Afficher les fichiers et dossiers cachés
    - Décoche Masquer les extensions des fichiers dont le type est connu
    - Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
    clique sur Appliquer, puis OK.

    N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important

    Fais analyser le(s) fichier(s) suivants sur Virustotal :

    Virus Total

    * Clique sur Parcourir en haut, choisis Poste de travail et cherche ces fichiers :

    (AntiCracking) -- C:\WINDOWS\system32\STEC3.sys

    * Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
    * Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
    * Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
    * Une nouvelle fenêtre de ton navigateur va apparaître
    * Clique alors sur les deux fleches
    * Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
    * Enfin colle le résultat dans ta prochaine réponse.

    ensuite :


    Double clic sur OTL.exe pour le lancer.

    Copie la liste qui se trouve en gras ci-dessous,

    et colle-la dans la zone sous Customs Scans/Fixes

    :OTL
    O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [kell] C:\program Files\Manson\liser.exe ()

    :files
    C:\program Files\Manson

    :commands
    [emptytemp]



    Clique sur RunFix pour lancer la suppression.

    Poste le rapport.
    0
    1. brumiaou
       
      petite question, à propo de la première étape

      (Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
      - Coche Afficher les fichiers et dossiers cachés
      - Décoche Masquer les extensions des fichiers dont le type est connu
      - Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
      clique sur Appliquer, puis OK. )
      C'est déjà le cas c'est normal ?
      0
    2. brumiaou
       
      pour l'étape virus totale le fichier que tu m'a demandé d'analyser a déjà été analysé.
      dois je continuer la procédure que tu m'as indiqué
      0
  11. gen-hackman
     
    fais "reanalyser le fichier maintenant "
    0
    1. brumiaou
       
      voici le rapport virus total

      Fichier STEC3.sys reçu le 2009.06.16 21:57:15 (UTC)Antivirus Version Dernière mise à jour Résultat
      a-squared 4.5.0.18 2009.06.16 -
      AhnLab-V3 5.0.0.2 2009.06.16 -
      AntiVir 7.9.0.187 2009.06.16 -
      Antiy-AVL 2.0.3.1 2009.06.16 -
      Authentium 5.1.2.4 2009.06.16 -
      Avast 4.8.1335.0 2009.06.16 -
      AVG 8.5.0.339 2009.06.16 -
      BitDefender 7.2 2009.06.16 -
      CAT-QuickHeal 10.00 2009.06.16 -
      ClamAV 0.94.1 2009.06.16 -
      Comodo 1346 2009.06.16 -
      DrWeb 5.0.0.12182 2009.06.16 -
      eSafe 7.0.17.0 2009.06.16 -
      eTrust-Vet 31.6.6563 2009.06.16 -
      F-Prot 4.4.4.56 2009.06.16 -
      F-Secure 8.0.14470.0 2009.06.16 -
      Fortinet 3.117.0.0 2009.06.16 -
      GData 19 2009.06.16 -
      Ikarus T3.1.1.59.0 2009.06.16 -
      Jiangmin 11.0.706 2009.06.16 -
      K7AntiVirus 7.10.765 2009.06.16 -
      Kaspersky 7.0.0.125 2009.06.16 -
      McAfee 5648 2009.06.16 -
      McAfee+Artemis 5648 2009.06.16 -
      McAfee-GW-Edition 6.7.6 2009.06.16 -
      Microsoft 1.4701 2009.06.16 -
      NOD32 4160 2009.06.16 -
      Norman 6.01.09 2009.06.16 -
      nProtect 2009.1.8.0 2009.06.16 -
      Panda 10.0.0.14 2009.06.16 -
      PCTools 4.4.2.0 2009.06.12 -
      Prevx 3.0 2009.06.16 -
      Rising 21.34.13.00 2009.06.16 -
      Sophos 4.42.0 2009.06.16 -
      Sunbelt 3.2.1858.2 2009.06.16 -
      Symantec 1.4.4.12 2009.06.16 -
      TheHacker 6.3.4.3.345 2009.06.15 -
      TrendMicro 8.950.0.1094 2009.06.16 -
      VBA32 3.12.10.7 2009.06.16 -
      ViRobot 2009.6.16.1789 2009.06.16 -
      VirusBuster 4.6.5.0 2009.06.16 -

      Information additionnelle
      File size: 2368 bytes
      MD5...: e4ebf293d1f612bda19b646c36715b20
      SHA1..: a867e2c752f5cecb279ce5a90b54de9a7b494e6a
      SHA256: 39ebd72bf112098032784d4fd84915e936e7594ab25794af5f37fa5b0b6309bc
      ssdeep: -<BR>
      PEiD..: -
      TrID..: File type identification<BR>Win64 Executable Generic (95.5%)<BR>Generic Win/DOS Executable (2.2%)<BR>DOS Executable Generic (2.2%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
      PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x440<BR>timedatestamp.....: 0x3e6761dd (Thu Mar 06 14:57:33 2003)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x2a0 0x110 0x120 5.08 48a29188f56f9983eda6349716317910<BR>.data 0x3c0 0x28 0x40 1.74 e741cf2e01e1bea59fcfd4a89d4358ad<BR>INIT 0x400 0x18e 0x1a0 5.05 bdc69bddb0ae70199a7c2140476a91b5<BR>.rsrc 0x5a0 0x350 0x360 3.18 46fab0e7c9b34889fdfead1c6e17eae8<BR>.reloc 0x900 0x34 0x40 3.39 c4b28e5702931ec2d80b58c67496f9e3<BR><BR>( 1 imports ) <BR>> ntoskrnl.exe: IoCreateDevice, IoCreateSymbolicLink, IoDeleteDevice, IoDeleteSymbolicLink, RtlInitUnicodeString, IoCompleteRequest<BR><BR>( 0 exports ) <BR>
      PDFiD.: -
      RDS...: NSRL Reference Data Set<BR>-
      CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=e4ebf293d1f612bda19b646c36715b20' target='_blank'>http://research.sunbelt-software.com/...
      ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=e4ebf293d1f612bda19b646c36715b20' target='_blank'>https://www.symantec.com?md5=e4ebf293d1f612bda19b646c36715b20</a>

      Antivirus Version Dernière mise à jour Résultat
      a-squared 4.5.0.18 2009.06.16 -
      AhnLab-V3 5.0.0.2 2009.06.16 -
      AntiVir 7.9.0.187 2009.06.16 -
      Antiy-AVL 2.0.3.1 2009.06.16 -
      Authentium 5.1.2.4 2009.06.16 -
      Avast 4.8.1335.0 2009.06.16 -
      AVG 8.5.0.339 2009.06.16 -
      BitDefender 7.2 2009.06.16 -
      CAT-QuickHeal 10.00 2009.06.16 -
      ClamAV 0.94.1 2009.06.16 -
      Comodo 1346 2009.06.16 -
      DrWeb 5.0.0.12182 2009.06.16 -
      eSafe 7.0.17.0 2009.06.16 -
      eTrust-Vet 31.6.6563 2009.06.16 -
      F-Prot 4.4.4.56 2009.06.16 -
      F-Secure 8.0.14470.0 2009.06.16 -
      Fortinet 3.117.0.0 2009.06.16 -
      GData 19 2009.06.16 -
      Ikarus T3.1.1.59.0 2009.06.16 -
      Jiangmin 11.0.706 2009.06.16 -
      K7AntiVirus 7.10.765 2009.06.16 -
      Kaspersky 7.0.0.125 2009.06.16 -
      McAfee 5648 2009.06.16 -
      McAfee+Artemis 5648 2009.06.16 -
      McAfee-GW-Edition 6.7.6 2009.06.16 -
      Microsoft 1.4701 2009.06.16 -
      NOD32 4160 2009.06.16 -
      Norman 6.01.09 2009.06.16 -
      nProtect 2009.1.8.0 2009.06.16 -
      Panda 10.0.0.14 2009.06.16 -
      PCTools 4.4.2.0 2009.06.12 -
      Prevx 3.0 2009.06.16 -
      Rising 21.34.13.00 2009.06.16 -
      Sophos 4.42.0 2009.06.16 -
      Sunbelt 3.2.1858.2 2009.06.16 -
      Symantec 1.4.4.12 2009.06.16 -
      TheHacker 6.3.4.3.345 2009.06.15 -
      TrendMicro 8.950.0.1094 2009.06.16 -
      VBA32 3.12.10.7 2009.06.16 -
      ViRobot 2009.6.16.1789 2009.06.16 -
      VirusBuster 4.6.5.0 2009.06.16 -

      Information additionnelle
      File size: 2368 bytes
      MD5...: e4ebf293d1f612bda19b646c36715b20
      SHA1..: a867e2c752f5cecb279ce5a90b54de9a7b494e6a
      SHA256: 39ebd72bf112098032784d4fd84915e936e7594ab25794af5f37fa5b0b6309bc
      ssdeep: -<BR>
      PEiD..: -
      TrID..: File type identification<BR>Win64 Executable Generic (95.5%)<BR>Generic Win/DOS Executable (2.2%)<BR>DOS Executable Generic (2.2%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
      PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x440<BR>timedatestamp.....: 0x3e6761dd (Thu Mar 06 14:57:33 2003)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x2a0 0x110 0x120 5.08 48a29188f56f9983eda6349716317910<BR>.data 0x3c0 0x28 0x40 1.74 e741cf2e01e1bea59fcfd4a89d4358ad<BR>INIT 0x400 0x18e 0x1a0 5.05 bdc69bddb0ae70199a7c2140476a91b5<BR>.rsrc 0x5a0 0x350 0x360 3.18 46fab0e7c9b34889fdfead1c6e17eae8<BR>.reloc 0x900 0x34 0x40 3.39 c4b28e5702931ec2d80b58c67496f9e3<BR><BR>( 1 imports ) <BR>> ntoskrnl.exe: IoCreateDevice, IoCreateSymbolicLink, IoDeleteDevice, IoDeleteSymbolicLink, RtlInitUnicodeString, IoCompleteRequest<BR><BR>( 0 exports ) <BR>
      PDFiD.: -
      RDS...: NSRL Reference Data Set<BR>-
      CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=e4ebf293d1f612bda19b646c36715b20' target='_blank'>http://research.sunbelt-software.com/...
      ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=e4ebf293d1f612bda19b646c36715b20' target='_blank'>https://www.symantec.com?md5=e4ebf293d1f612bda19b646c36715b20</a>

      ET LE RAPPORT OTL

      ========== OTL ==========
      Registry value HKEY_USERS\S-1-5-21-1932310864-123557233-439672921-1006\Software\Microsoft\Windows\CurrentVersion\Run\\kell deleted successfully.
      C:\program Files\Manson\liser.exe moved successfully.
      ========== FILES ==========
      C:\program Files\Manson moved successfully.
      ========== COMMANDS ==========
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\hpodvd09.log scheduled to be deleted on reboot.
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\~DF2BA3.tmp scheduled to be deleted on reboot.
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\~DFE07F.tmp scheduled to be deleted on reboot.
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\~DFE8B8.tmp scheduled to be deleted on reboot.
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\~DFF34E.tmp scheduled to be deleted on reboot.
      User's Temp folder emptied.
      User's Internet Explorer cache folder emptied.
      Local Service Temp folder emptied.
      File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
      Local Service Temporary Internet Files folder emptied.
      Network Service Temp folder emptied.
      File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
      Network Service Temporary Internet Files folder emptied.
      File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_dc.dat scheduled to be deleted on reboot.
      Windows Temp folder emptied.
      Java cache emptied.
      Temp folders emptied.

      OTL by OldTimer - Version 2.1.1.0 log created on 06162009_234655

      Files moved on Reboot...
      C:\Documents and Settings\bruno\Local Settings\Temp\hpodvd09.log moved successfully.
      C:\Documents and Settings\bruno\Local Settings\Temp\~DF2BA3.tmp moved successfully.
      C:\Documents and Settings\bruno\Local Settings\Temp\~DFE07F.tmp moved successfully.
      C:\Documents and Settings\bruno\Local Settings\Temp\~DFE8B8.tmp moved successfully.
      File C:\Documents and Settings\bruno\Local Settings\Temp\~DFF34E.tmp not found!
      File C:\WINDOWS\temp\Perflib_Perfdata_dc.dat not found!

      Registry entries deleted on Reboot...
      0
  12. gen-hackman
     
    ######## | Suppression | ########

    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir

    # Double clic sur le raccourci UsbFix présent sur ton bureau

    # choisi l option 2 ( Suppression )

    # Ton bureau disparaitra et le pc redémarrera .

    # Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.

    # Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

    # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    ######### | Désinstallation | #######

    # Double clic sur le raccourci UsbFix présent sur ton bureau

    # Choisi l option Désinstaller ....
    0
    1. brumiaou
       
      Bonjour Gen,

      j'ai lancé hier soir la manip avec USBfix, au début cela s'est déroulé normalement , au début killing en rouge avec des fichiers qui défilent, puis un défilment rapide en vert et puis ensuite key en rouge orange . L'ordi a redémarrer ( je ne sais plus si c'étais avant ou après les défilements de fichiers )
      usb fix a affiché : nettoyages des fichiers temporaires veuillez patienter puis deux petites fenêtres sont aparu ; l'une compression des fichiers non utilisé avec un curseur d'avancement de la tâche; et l'autre fenêtre suppression des fichiers inutilisés.
      cela a duré toute la nuit et ce matin il n'y avait aucun avancement des tâches.
      j'ai arrêter l'ordi ( j'aurai peut-être pas dû ? ) puis redémarrer en mettant un bel écran tout bleu ( je l'ai pris en photo si tu veut le voir )
      j'ai éteind l'ordi a nouveau puis relancé et me revoilà .
      Il y a tout de même un rapport usbfix qui date de hier soir je te le poste.
      Et encore merci pour le temps que tu me consacre pour me dépatouiller de ce truc .


      ############################## [ UsbFix V3.032 ]

      # User : bruno (Administrateurs) # NOM-1D8CBA303B7
      # Update on 15/06/09 by Chiquitine29
      # Start at: 00:23:09 | 17/06/2009
      # Website : http://pagesperso-orange.fr/NosTools/usbfix.html

      # Intel(R) Pentium(R) 4 CPU 2.93GHz
      # Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
      # Internet Explorer 7.0.5730.11
      # Windows Firewall Status : Disabled
      # AV : Bitdefender Antivirus 8.0 [ (!) Disabled | (!) Outdated ]
      # FW : Bitdefender Firewall[ (!) Disabled ]8.0

      # A:\ # Lecteur de disquettes 3 ½ pouces # 1,39 Mo (0,86 Mo free) # FAT
      # C:\ # Disque fixe local # 186,31 Go (44,58 Go free) [423335] # NTFS
      # D:\ # Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS
      # E:\ # Disque amovible
      # F:\ # Disque amovible
      # G:\ # Disque amovible
      # H:\ # Disque amovible
      # I:\ # Disque amovible
      # J:\ # Disque fixe local # 465,76 Go (142,6 Go free) [FreeAgent Drive] # NTFS
      # K:\ # Disque amovible
      # L:\ # Disque amovible # 3,83 Go (835,23 Mo free) [USBDISKPRO] # FAT32

      ############################## [ Processus actifs ]

      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Internet Explorer\Iexplore.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
      C:\WINDOWS\system32\bgsvcgen.exe
      C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
      C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
      C:\WINDOWS\system32\HPZipm12.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
      C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
      C:\Program Files\Canon\CAL\CALMAIN.exe
      C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
      C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
      C:\Program Files\Softwin\BitDefender10\vsserv.exe
      C:\WINDOWS\System32\alg.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe

      ################## [ Fichiers # Dossiers infectieux ]


      ################## [ Registre # Clés Run infectieuses ]

      # HKLM\software\microsoft\security center "AntiVirusDisableNotify" # -> Reset sucessfully !
      # HKLM\software\microsoft\security center "FirewallDisableNotify" # -> Reset sucessfully !

      ################## [ Registre # Mountpoints2 ]

      Supprimé ! HKCU\...\Explorer\MountPoints2\{a8423f7a-2aba-11de-9392-00300574c611}\Shell\AutoRun\Command

      ################## [ Listing des fichiers présent ]

      [05/08/2004 14:00|-ra------|263488] - C:\$LDR$
      [20/05/2005 16:30|--a------|1090] - C:\868000423335.dat
      [20/05/2005 15:42|--a------|185] - C:\ati.log
      [20/05/2005 15:22|--a------|0] - C:\AUTOEXEC.BAT
      [02/04/2007 22:21|--a------|296847] - C:\bdoe.log
      [20/10/2005 14:44|---hs----|216] - C:\BOOT.BAK
      [15/06/2009 23:37|---hs----|216] - C:\boot.ini
      [05/08/2004 14:00|-rahs----|4952] - C:\Bootfont.bin
      [12/06/2009 18:18|--a------|145086] - C:\checkrun.txt
      [20/05/2005 15:22|--a------|0] - C:\CONFIG.SYS
      [20/10/2005 14:44|--a------|27] - C:\expand.txt
      [14/02/2007 20:39|--a------|439730] - C:\ExtractLog.txt
      [?|?|?] - C:\hiberfil.sys
      [11/02/2006 00:51|--a------|1120] - C:\INSTALL.LOG
      [20/05/2005 15:22|-rahs----|0] - C:\IO.SYS
      [28/10/2005 23:23|--ah-----|218] - C:\IPH.PH
      [11/10/2004 07:18|--a------|19] - C:\LANG.TXT
      [09/04/2003 10:44|--a------|10] - C:\Language.txt
      [20/05/2005 15:22|-rahs----|0] - C:\MSDOS.SYS
      [05/08/2004 14:00|-rahs----|47564] - C:\NTDETECT.COM
      [20/05/2005 15:34|-rahs----|252240] - C:\ntldr
      [04/08/2004 14:00|--a------|2] - C:\oem.tag
      [?|?|?] - C:\pagefile.sys
      [12/06/2009 18:18|--a------|92] - C:\pmcs.txt
      [20/05/2005 16:30|---h-----|20080] - C:\Prodlog.txt
      [12/06/2009 18:18|--a------|101] - C:\recorder.txt
      [15/06/2009 00:59|--a------|12138] - C:\report.txt
      [24/04/2009 22:33|--ah-----|232] - C:\sqmdata00.sqm
      [24/04/2009 22:33|--ah-----|244] - C:\sqmnoopt00.sqm
      [22/12/2004 19:33|-ra------|454841] - C:\txtsetup.sif
      [24/05/2001 13:59|--a------|162304] - C:\UNWISE.EXE
      [17/06/2009 00:39|--a------|4562] - C:\UsbFix.txt
      [01/01/1995 02:00|-r-------|44] - D:\Track01.cda
      [01/01/1995 02:03|-r-------|44] - D:\Track02.cda
      [01/01/1995 02:10|-r-------|44] - D:\Track03.cda
      [01/01/1995 02:13|-r-------|44] - D:\Track04.cda
      [01/01/1995 02:17|-r-------|44] - D:\Track05.cda
      [01/01/1995 02:21|-r-------|44] - D:\Track06.cda
      [01/01/1995 02:25|-r-------|44] - D:\Track07.cda
      [01/01/1995 02:31|-r-------|44] - D:\Track08.cda
      [07/08/2008 22:32|--a------|37376] - L:\RA.doc
      [24/05/2008 02:04|--ah-----|4096] - L:\._.Trashes
      [24/05/2008 10:28|--ah-----|21508] - L:\.DS_Store
      [05/03/2008 00:41|---h-----|29696] - L:\~WRL3359.tmp
      [25/06/2008 00:37|--a------|4976900] - L:\The Ting Tings - Great DJ (Original Radio Edit).mp3
      [06/08/2008 01:14|--a------|4941786] - L:\Publicit‚ Royal Canin.mp3
      [11/07/2008 00:08|--a------|4354048] - L:\Benny Hill.mp3
      [05/09/2007 19:56|--a------|5237191] - L:\cr‚ditagricole.wmv
      [15/02/2005 15:00|--a------|3245056] - L:\Fiscalette AGRI-RETRAITE ACTIVE.xls
      [04/12/2008 02:49|--a------|4578870] - L:\Blur - Boys and Girls.mp3
      [19/12/2008 23:34|--a------|3363701] - L:\Billy Idol - Born to be wild.mp3
      [06/12/2008 05:07|--a------|5168533] - L:\Boney M - One way ticket.mp3
      [20/12/2008 00:07|--a------|6794849] - L:\Grace - Imagine one day.mp3
      [06/12/2008 09:32|--a------|3488044] - L:\The dead 60s-riot on the radio.mp3
      [04/03/2008 23:21|--a------|25600] - L:\lettre de motivation ccagri cr‚dit mutuel.doc
      [21/09/2006 23:25|--a------|3979475] - L:\03 - La Tactique Du Gendarme (1949).mp3
      [22/08/2007 00:11|--a------|4775936] - L:\01 - Bloc Party - Banquet.mp3
      [22/08/2007 03:30|--a------|3326274] - L:\01 Vivre … mˆme l'Amour.wma
      [20/12/2008 00:29|--a------|5066752] - L:\The Wombats - Let's Dance To Joy Division.mp3
      [20/12/2008 01:47|--a------|4600145] - L:\Queens of The Stone Age - No One Knows.mp3
      [14/03/2009 00:29|--a------|9345024] - L:\Turisas - Rasputin (Boney M).mp3
      [26/12/2007 00:14|--a------|5481620] - L:\05 - Ph‚nomŠne.mp3
      [26/12/2007 00:12|--a------|5936151] - L:\01 - Marche ou Rˆve.mp3
      [26/12/2007 00:12|--a------|4781957] - L:\02 - Le syndrome de Peter Pan.mp3
      [20/07/2007 00:34|--a------|2911130] - L:\Dave - Du c“t‚ de chez Swan.mp3

      ################## [ Vaccination ]

      # C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
      # J:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
      # L:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
      0
  13. Comgeek888
     
    Remove system security virus Spyware http://darfuns.com/spyware-removal/system-security-2009/
    0
  14. gen-hackman
     
    regarde si dans ajout/suppression de programmes tu n'es pas "net"

    si c est le cas desinstalle-le

    ensuite :

    Double clic sur OTL.exe pour le lancer.

    Copie la liste qui se trouve en gras ci-dessous,

    et colle-la dans la zone sous Customs Scans/Fixes

    :processes
    explorer.exe
    iexplore.exe
    firefox.exe
    msnmsgr.exe
    TeaTimer.exe

    :OTL
    O4 - HKU\S-1-5-21-1932310864-123557233-439672921-1006..\Run: [kell] C:\program Files\Manson\liser.exe File not found

    :reg

    :files
    C:\868000423335.dat

    :commands
    [emptytemp]
    [start explorer]
    [reboot]

    Clique sur RunFix pour lancer la suppression.

    Poste le rapport.
    0
    1. brumiaou
       
      jai trouvé ce genre de truc avec "net"
      4 lignes microsoft.net framwork avec les fins qui varient

      et en dessous, légèrement décalé sur la droite
      9 lignes net framework

      est ce qu'il s'agit du programme à désinstaller ?
      0
  15. gen-hackman
     
    non ceux-la faut pas y toucher...et dans program files ?
    0
    1. brumiaou
       
      j'ai regardé dans programs files et j'ai pas trouvé de fichiers "net"

      je te poste le rapport otl

      ========== PROCESSES ==========
      Process explorer.exe killed successfully!
      Process iexplore.exe killed successfully!
      No active process named firefox.exe was found!
      Process msnmsgr.exe killed successfully!
      No active process named TeaTimer.exe was found!
      ========== OTL ==========
      Registry value HKEY_USERS\S-1-5-21-1932310864-123557233-439672921-1006\Software\Microsoft\Windows\CurrentVersion\Run\\kell deleted successfully.
      ========== REGISTRY ==========
      ========== FILES ==========
      C:\868000423335.dat moved successfully.
      ========== COMMANDS ==========
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\hpodvd09.log scheduled to be deleted on reboot.
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\~DF16AD.tmp scheduled to be deleted on reboot.
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\~DF3032.tmp scheduled to be deleted on reboot.
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\~DF7EA3.tmp scheduled to be deleted on reboot.
      File delete failed. C:\Documents and Settings\bruno\Local Settings\Temp\~DFAC2E.tmp scheduled to be deleted on reboot.
      User's Temp folder emptied.
      User's Internet Explorer cache folder emptied.
      Local Service Temp folder emptied.
      File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
      Local Service Temporary Internet Files folder emptied.
      Network Service Temp folder emptied.
      File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
      Network Service Temporary Internet Files folder emptied.
      File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_1c0.dat scheduled to be deleted on reboot.
      Windows Temp folder emptied.
      Java cache emptied.
      Temp folders emptied.
      Explorer started successfully

      OTL by OldTimer - Version 2.1.1.0 log created on 06172009_212629

      Files moved on Reboot...
      C:\Documents and Settings\bruno\Local Settings\Temp\hpodvd09.log moved successfully.
      File C:\Documents and Settings\bruno\Local Settings\Temp\~DF16AD.tmp not found!
      C:\Documents and Settings\bruno\Local Settings\Temp\~DF3032.tmp moved successfully.
      C:\Documents and Settings\bruno\Local Settings\Temp\~DF7EA3.tmp moved successfully.
      C:\Documents and Settings\bruno\Local Settings\Temp\~DFAC2E.tmp moved successfully.
      File C:\WINDOWS\temp\Perflib_Perfdata_1c0.dat not found!

      Registry entries deleted on Reboot...
      0
  16. gen-hackman
     
    quels progres a-t'on ? toujours des soucis ?
    0
    1. brumiaou
       
      cela va beaucoup mieux et pour cela je te remerci beaucoup , je n'y serai jamais arrivé tout seul. je ne sais pas comment te remercier .

      le seul truc qui reste ( dumoins de se que je peux voir ) c'est une fenêtre qui s'affiche lorsque j'allume l'ordi;

      PMC.service.main.exe - services de debogage du common language runtime

      l'application a généré une exception non géré .
      ID procesus=0x99c(2460), ID thread=0x9a0(2464).
      cliquez sur ok pour terminer l'application.
      cliquez sur annuler pour deboguer l'application
      ok annuler

      voilà la fenêtre qui s'affiche

      est ce grave ?
      0
  17. gen-hackman
     
    ok non jamais entendu parler

    combien as-tu de frameworks dans ajout suppression de programmes ?
    0
  18. gen-hackman
     
    installe le service Pack 3

    installe Net Framework 3.5
    0
    1. brumiaou
       
      il s'agit de quoi le pack 3 et net framework ?
      histoire de savoir de quoi il s'agit
      0
    2. brumiaou
       
      une fois net framework installé je fais quoi ?
      idem pour service pack 3 ( quand il sera téléchargeé )
      0
  19. gen-hackman
     
    installe les deux ca mettra a jour ton windows et tu devrais ensuite recevoir les mises a jour correspondantes pour ne plus avoir ce message d'erreur
    0
    1. brumiaou
       
      est ce qu'il t'arrive de dormir !

      Sinon,
      j'ai téléchargé et enregistré les deux fichiers, j'ai par la suite executé les deux programmes , et là l'ordi m'a demandé d'accepter les licences se que j'ai fait et là il s'est mis a travaillé ( je voyais les lignes défiler ) et puis l'ordi s'est mis en hibernation en plein milieu du truc restant bloqué à la sauvegarde des fichiers ( sur le fichier suivant ESSCLI.DLL )
      plus moyen de ne rien faire complètement bloqué .
      Je l'ai donc éteind à " l'ancienne " puis rappuyé pour le rallumer;
      et là la dite fenêtre était toujours là.
      Faudrai peut-être relancer l'execution de ces deux truc ? enfin j'en sais rien et je ne sais pas comment faire pour les relancer.
      bonne nuit
      car demain y a boulot
      0
  • 1
  • 2