Win32:malware-gen:trojan.heur

Voici les 2 rapports :
Run by Propriétaire at 2010-01-12 17:31:33
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 27 GB (34%) free of 78 GB
Total RAM: 1024 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:32:00, on 12/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
C:\Program Files\G Data\TotalCare\AVK\AVKService.exe
C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\ups.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe
C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\htpatch.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe
C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Larousse Multimédia\LCAD\bin\hiAksMultiling.exe
C:\PROGRA~1\LAROUS~1\Shared\bin\hisrv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\G Data\TotalCare\AVK\AVK.exe
C:\Documents and Settings\Propriétaire\Mes documents\Téléchargements\RSIT.exe
C:\Documents and Settings\Propriétaire\Mes documents\My Downloads\Propriétaire.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\TotalCare\Webfilter\AVKWebIE.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\TotalCare\Webfilter\AVKWebIE.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WinPatrol] "C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x089d -f video -m logitech -d 11.70.1196.0 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x089d -f video -m logitech -d 11.70.1196.0 (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: APC UPS Status.lnk = C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe
O4 - Global Startup: Ask Larousse Chambers.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,83/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://www.gamespy.com
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,20/mcgdmgr.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5848/mcfscan.cab
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: Planificateur G Data (AVKService) - G Data Software AG - C:\Program Files\G Data\TotalCare\AVK\AVKService.exe
O23 - Service: G Data Gardien (AVKWCtl) - G Data Software AG - C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: G Data Tuner Service - G Data Software AG - C:\Program Files\G Data\TotalCare\AVKTuner\AVKTunerService.exe
O23 - Service: Pare-feu personnel G Data (GDFwSvc) - G Data Software AG - C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe
O23 - Service: Service G Data Backup - G Data Software AG - C:\Program Files\G Data\TotalCare\AVKBackup\AVKBackupService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

info.txt logfile of random's system information tool 1.06 2010-01-12 17:32:05

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop Elements-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop Elements\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements\Uninst.dll"
Adobe Reader 7.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A71000000002}
APC PowerChute Personal Edition-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A0C892E-FD1C-4203-941E-0956AED20A6A}\Setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ASUS Enhanced Display Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x9
ASUSDVD XP-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
AsusUpdate-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\AsusUpdate\Uninst.isu"
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Call of Duty(R) 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374}
Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon G.726 WMP-Decoder-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Utilities CameraWindow DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDC\Uninst.ini"
Canon Utilities CameraWindow-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
Canon Utilities EOS Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities MyCamera DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCameraDC\Uninst.ini"
Canon Utilities MyCamera-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini"
Canon Utilities RemoteCapture DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureDC\Uninst.ini"
Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\11.70.1196\LgDrvInst.exe" -remove -instdir"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.70" /clone_wait /hide_progress
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Correctif Windows XP - KB835732-->C:\WINDOWS\$NtUninstallKB835732$\spuninst\spuninst.exe
DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Far Cry-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC} /l1036
G Data TotalCare-->MsiExec.exe /I{C8D55041-A13C-4620-8DF4-9C5A9C16908D}
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
HijackThis 2.0.2-->"C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\DWW7N211\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IGN Download Manager 2.1.2-->C:\Program Files\IGN\Download Manager\uninst.exe
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java 2 Runtime Environment, SE v1.4.0_03-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC1E4C93-C1E7-11D6-9D10-00010240CE95}\Setup.exe" Anytext
Java Runtime Environment 1.1-->C:\WINDOWS\uninst.exe -f"C:\Program Files\JavaSoft\JRE\1.1\lib\DeIsL1.isu"
Java Web Start-->"C:\Program Files\Java Web Start\uninst-javaws.exe"
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Larousse Chambers Advanced Dictionary-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Larousse Multimédia\LCAD\UNINSTgbil.isu" -c"C:\Program Files\Larousse Multimédia\LCAD\_UnInstall.dll"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logitech High Quality Video-->MsiExec.exe /X{281D28EC-1357-4778-B2D7-DEA56D70EF96}
Medal of Honor Débarquement allié(tm) En Formation-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}\Setup.exe" -l0x40c
Medal of Honor Débarquement Allié(tm) l'Offensive-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}\Setup.exe" -l0x40c
Medal of Honor débarquement allié-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02}\Setup.exe" -l0x40c
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Excel Viewer-->MsiExec.exe /I{95120000-003F-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Roxio MyDVD-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Roxio UDF Reader-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sélecteur d'installation de Microsoft Works Suite 2003-->C:\Program Files\Microsoft Works Suite 2003\Setup\Launcher.exe D:\
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
USB EHCI Driver-->C:\WINDOWS\UnSiSUSB.exe PCI\VEN_1039&DEV_7002
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VGA USB Camera-->C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
Viewpoint Manager (Remove Only)-->C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\MtsAxInstaller.exe /u
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPatrol-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\BillP Studios\WinPatrol\DeIsL1.isu" -c"C:\Program Files\BillP Studios\WinPatrol\_ISREG32.DLL"
WinRAR Archiveur-->C:\Program Files\WinRAR\uninstall.exe
XP Codec Pack-->C:\Program Files\XP Codec Pack\Uninstall.exe
Zodiac-->"C:\Program Files\orange\jeux\Zodiac\Uninstall.exe" "C:\Program Files\orange\jeux\Zodiac\install.log"

=====HijackThis Backups=====

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2010-01-06]

======Security center information======

AV: G Data TotalCare 2010
FW: Pare-feu personnel G Data

======System event log======

Computer Name: DENIS
Event Code: 4377
Message: Le correctif Windows XP KB960803 a été installé.

Record Number: 20867
Source Name: NtServicePack
Time Written: 20090418162224.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: DENIS
Event Code: 19
Message: Installation réussie : Windows a installé la mise à jour suivante : Mise à jour de sécurité pour Windows XP (KB923561)

Record Number: 20866
Source Name: Windows Update Agent
Time Written: 20090418162217.000000+120
Event Type: Informations
User:

Computer Name: DENIS
Event Code: 4377
Message: Le correctif Windows XP KB923561 a été installé.

Record Number: 20865
Source Name: NtServicePack
Time Written: 20090418162217.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: DENIS
Event Code: 18
Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le samedi 18 avril 2009 à 20:00 :
- Mise à jour de sécurité pour Windows XP (KB923561)
- Mise à jour de sécurité pour Windows XP (KB960803)
- Mise à jour de sécurité pour Windows XP (KB952004)
- Mise à jour de sécurité pour Windows XP (KB956572)
- Outil de suppression de logiciels malveillants Windows - avril 2009 (KB890830)
- Mise à jour de sécurité cumulative pour Internet Explorer 7 pour Windows XP (KB963027)
- Mise à jour de sécurité pour Microsoft Office Excel Viewer 2007 (KB960000)
- Mise à jour de sécurité pour Windows XP (KB961373)
- Mise à jour de sécurité pour Windows XP (KB959426)

Record Number: 20864
Source Name: Windows Update Agent
Time Written: 20090418155033.000000+120
Event Type: Informations
User:

Computer Name: DENIS
Event Code: 18
Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le samedi 18 avril 2009 à 20:00 :
- Mise à jour de sécurité pour Windows XP (KB923561)
- Mise à jour de sécurité pour Windows XP (KB960803)
- Mise à jour de sécurité pour Windows XP (KB952004)
- Mise à jour de sécurité pour Windows XP (KB956572)
- Outil de suppression de logiciels malveillants Windows - avril 2009 (KB890830)
- Mise à jour de sécurité cumulative pour Internet Explorer 7 pour Windows XP (KB963027)
- Mise à jour de sécurité pour Microsoft Office Excel Viewer 2007 (KB960000)
- Mise à jour de sécurité pour Windows XP (KB961373)

Record Number: 20863
Source Name: Windows Update Agent
Time Written: 20090418155024.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: DENIS
Event Code: 102
Message: msnmsgr (3316) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\nanou-boubou@hotmail.fr\SharingMetadata\Working\database_6E80_7824_8077_F147\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 8045
Source Name: ESENT
Time Written: 20080923135430.000000+120
Event Type: Informations
User:

Computer Name: DENIS
Event Code: 100
Message: msnmsgr (3316) Le moteur de base de données 5.01.2600.5512 est démarré.

Record Number: 8044
Source Name: ESENT
Time Written: 20080923135430.000000+120
Event Type: Informations
User:

Computer Name: DENIS
Event Code: 12001
Message:
Record Number: 8043
Source Name: usnjsvc
Time Written: 20080923135429.000000+120
Event Type:
User:

Computer Name: DENIS
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 8042
Source Name: SecurityCenter
Time Written: 20080923135210.000000+120
Event Type: Informations
User:

Computer Name: DENIS
Event Code: 2
Message:
Record Number: 8041
Source Name: Diskeeper
Time Written: 20080923135200.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=1
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\DivX Shared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0207
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%

-----------------EOF-----------------

Aujourd hui , cette cochonnerie m'a envoyé sur un site( montorgueil ) et mon antivirus s'est affolé , m'a fait un examen complet et m'as eliminé trois virus attrapé sur ce site
Puis là , il vient de m'envoyer sur ( chasseur de dragon ) un jeu sur internet...
A chaque connexion sur un moteur de recherche je me retrouve sur des sites aleatoires et l'analyse par malwarebytes n'as rien donné...

Merci encore de m'aider.........à chercher !!!!!! ;)

je fais ca de suite

j'ai déja un sujet mais personne n'y réponds, de plus c'est exactement le meme virus que denis

Voici le fameux rapport ; y a meme des vieux trucs que j'avais "sois disant" effacer...

List'em by g3n-h@ckm@n 1.1.8.2

Thx to El Desaparecido.....& CCM team

User : Propriétaire (Administrateurs) # DENIS
Update on 14/01/2010 by g3n-h@ckm@n ::::: 02:50
Start at: 18:02:16 | 14/01/2010
Contact : g3n-h@ckm@n sur CCM

Intel(R) Pentium(R) 4 CPU 2.40GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Disabled
AV : G Data TotalCare 2010 18.0 [ (!) Disabled | Updated ]
FW : Pare-feu personnel G Data[ (!) Disabled ]1.0

C:\ -> Disque fixe local | 76,32 Go (26,23 Go free) | NTFS
D:\ -> Disque fixe local | 19,1 Go (19,03 Go free) | NTFS
E:\ -> Disque CD-ROM
I:\ -> Disque CD-ROM
J:\ -> Disque fixe local | 298,09 Go (72,11 Go free) [OneTouch 4] | NTFS

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\htpatch.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe
C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Larousse Multimédia\LCAD\bin\hiAksMultiling.exe
C:\PROGRA~1\LAROUS~1\Shared\bin\hisrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
C:\Program Files\G Data\TotalCare\AVK\AVKService.exe
C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\ups.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\69.tmp\pv.exe

======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Smapp REG_SZ C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
HTpatch REG_SZ C:\WINDOWS\htpatch.exe
MPFTray REG_SZ C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
type32 REG_SZ "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
DAEMON Tools-1033 REG_SZ "C:\Program Files\D-Tools\daemon.exe" -lang 1033
NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
ATIPTA REG_SZ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
MISAggregator REG_SZ
WinPatrol REG_SZ "C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe"
IntelliPoint REG_SZ "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
dla REG_SZ C:\WINDOWS\system32\dla\tfswctrl.exe
GDFirewallTray REG_SZ C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe
G DATA AntiVirus Trayapplication REG_SZ C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)

===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 0 (0x0)

===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
HonorAutoRunSetting REG_DWORD 1 (0x1)

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ

===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AtiExtEvent]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ

===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
C:\Program Files\EA GAMES\MOHDA\MOHAA.exe REG_SZ C:\Program Files\EA GAMES\MOHDA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)
C:\Program Files\Doom 3\Doom3.exe REG_SZ C:\Program Files\Doom 3\Doom3.exe:*:Disabled:DOOM 3
C:\Program Files\Valve\Half Life 2\hl2.exe REG_SZ C:\Program Files\Valve\Half Life 2\hl2.exe:*:Enabled:hl2
C:\Program Files\Fox\No One Lives Forever 2\Lithtech.exe REG_SZ C:\Program Files\Fox\No One Lives Forever 2\Lithtech.exe:*:Enabled:Client
C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe REG_SZ C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Enabled:Jouer à Far Cry
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\eMule\emule.exe REG_SZ C:\Program Files\eMule\emule.exe:*:Enabled:eMule
C:\Program Files\uTorrent\uTorrent.exe REG_SZ C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare

===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\DirectAnimation Java Classes
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\Microsoft XML Parser for Java
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{17492023-C23A-453E-A040-C7C580BBF700}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{6414512B-B978-451D-A0D8-FCFDF33E833C}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{70BA88C8-DAE8-4CE9-92BB-979C4A75F53B}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{BCC0FF27-31D9-4614-A68E-C18E1ADA4389}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{EF791A6B-FC12-4C68-99EF-FB9E207A39E6}

===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{032A6019-9DAA-40f9-A3B3-34ABB0AA0947}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608555}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{166B1BCA-3F9C-11CF-8075-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A202491-F00D-11cf-87CC-0020AFEECF20}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{411EDCF7-755D-414E-A74B-3DCD6583F589}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9A394342-4A68-4EBA-85A6-55B559F4E700}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B508B3F1-A24A-32C0-B310-85786919EF28}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C34F4917-ED43-439f-9023-97B0024A2B3B}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{EF289A85-8E57-408d-BE47-73B55609861A}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F5776D81-AE53-4935-8E84-B0B283D8BCEF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{f5de1b93-9d38-416b-b09e-aa85a8e84309}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F9C174E3-3E87-40bc-AA94-B8974F2B9222}

==============
BHO :
======
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.google.fr/?gws_rd=ssl

========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x3
EapHost : 0x3
SharedAccess : 0x2
wuauserv : 0x2

=========


J:\Autorun.inf :
----------------
[autorun]
icon = .\mxoicon5.ico
Open=.\Encryption Tool\MaxtorEncryption.exe
Action=Open Maxtor Encryption from here
=======
Drive :
=======

D‚fragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.

Rapport d'analyse
76,32 Go total, 26,23 Go libre (34%), 3% fragment‚ (fragmentation du fichier 7%)

Il ne vous est pas n‚cessaire de d‚fragmenter ce volume.

¤¤¤¤¤¤¤¤¤¤ Files/folders :

C:\Program Files\INSTALL.LOG
C:\WINDOWS\Fonts\GRGAREF.TTF
C:\WINDOWS\System32\MSINET.oca
C:\WINDOWS\System32\SET42.tmp
C:\WINDOWS\System32\SET4E.tmp
C:\WINDOWS\System32\SET57.tmp
C:\WINDOWS\System32\SET58.tmp
C:\WINDOWS\System32\SET59.tmp
C:\WINDOWS\System32\SET5C.tmp
C:\WINDOWS\System32\SIntf16.dll
C:\Documents and Settings\Propri‚taire\Local Settings\Temp\isE.tmp
C:\Documents and Settings\Propri‚taire\LOCAL Settings\Temp\FP_PL_PFS_INSTALLER.exe

¤¤¤¤¤¤¤¤¤¤ Keys :

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"

================
Other infections
================

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-14 18:28:51
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40]
"khjeh"=hex:20,02,00,00,90,05,60,bb,6e,5f,66,5a,79,ba,ea,a9,28,06,ff,a0,ab,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf41]
"khjeh"=hex:20,02,00,00,a8,04,60,bb,26,6c,f4,bc,51,0b,ad,9e,20,5a,f8,6b,c3,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf42]
"khjeh"=hex:20,02,00,00,1f,03,60,bb,4b,93,a2,fe,82,0f,68,3b,cd,cc,8b,ab,2c,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf43]
"khjeh"=hex:20,02,00,00,65,02,60,bb,bd,e7,70,91,dc,2f,01,47,4f,41,89,9f,76,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

==========
Programs
==========

Activision
Adobe
Ahead
Analog Devices
APC
ASUS
ASUSTek
ATI Technologies
BillP Studios
Canon
CCleaner
Common Files
CyberLink
D-Tools
Defraggler
DIFX
DivX
DVD Shrink
E-Color
EA GAMES
EHMINSTALL
Executive Software
Fichiers communs
Free
G Data
GameSpy Arcade
Google
IGN
INSTALL.LOG
InstallShield Installation Information
InterActual
Internet Explorer
Java
Java Web Start
JavaSoft
Larousse Multim‚dia
List_Kill'em
Messenger
Microsoft
Microsoft CAPICOM 2.1.0.2
microsoft frontpage
Microsoft IntelliPoint
Microsoft IntelliPoint 5.5
Microsoft IntelliType Pro
Microsoft IntelliType Pro 5.5
Microsoft Office
Microsoft Silverlight
Microsoft SQL Server Compact Edition
Microsoft Works
Microsoft Works Suite 2003
Movie Maker
Mozilla Firefox
MSBuild
MSECache
msn
MSN Gaming Zone
MSXML 4.0
NetMeeting
NOS
OfficeUpdate11
orange
Outlook Express
QuickTime
Real
Reference Assemblies
Roxio
Services en ligne
SiSLan
Ubisoft
Uninstall Information
uTorrent
VideoLAN
Viewpoint
Windows Live
Windows Live SkyDrive
Windows Media Connect 2
Windows Media Player
Windows NT
WindowsUpdate
WinRAR
xerox
XP Codec Pack
Zero G Registry

============
Lecteur C:
============

3ddae3a11e620def44d171788ff0
aaw7boot.log
ad7c04a15745ea1a29ac9f0cd43d
AUTOEXEC.BAT
boot.ini
Bootfont.bin
CLDMA.LOG
CONFIG.SYS
devicetable.log
Documents and Settings
DVD Shrink
hiberfil.sys
IO.SYS
Kill'em
List'em.txt
MSDOS.SYS
NTDETECT.COM
ntldr
OLICOMW
OLITEC
pagefile.sys
Program Files
RECYCLER
rsit
System Volume Information
UnInstall.dat
UNWISE.EXE
WINDOWS

¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials

C:\Program Files\Adobe\Photoshop Elements\Aper‡us\Filtres\Textures\Patchwork.atn
C:\Program Files\Adobe\Photoshop Elements\Modules externes\Effets\Patchwork.8bf
C:\Program Files\EA GAMES\MOHDA\eReg\PatchReadme111fr.txt




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Rapport KilThem

Kill'em by g3n-h@ckm@n 1.1.8.2

User : Propriétaire (Administrateurs) # DENIS
Update on 14/01/2010 by g3n-h@ckm@n ::::: 02:50
Start at: 20:27:50 | 14/01/2010
Contact : g3n-h@ckm@n sur CCM

Intel(R) Pentium(R) 4 CPU 2.40GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Disabled
AV : G Data TotalCare 2010 18.0 [ Enabled | Updated ]
FW : Pare-feu personnel G Data[ Enabled ]1.0

C:\ -> Disque fixe local | 76,32 Go (26,22 Go free) | NTFS
D:\ -> Disque fixe local | 19,1 Go (19,03 Go free) | NTFS
E:\ -> Disque CD-ROM
I:\ -> Disque CD-ROM
J:\ -> Disque fixe local | 298,09 Go (72,11 Go free) [OneTouch 4] | NTFS


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\htpatch.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe
C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Larousse Multimédia\LCAD\bin\hiAksMultiling.exe
C:\PROGRA~1\LAROUS~1\Shared\bin\hisrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
C:\Program Files\G Data\TotalCare\AVK\AVKService.exe
C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\ups.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\7B.tmp\pv.exe

Detections :
==========


¤¤¤¤¤¤¤¤¤¤ Files/folders :

"C:\Program Files\INSTALL.LOG"
"C:\WINDOWS\Fonts\GRGAREF.TTF"
"C:\WINDOWS\system32\MSINET.oca"
C:\WINDOWS\System32\SET42.tmp
C:\WINDOWS\System32\SET4E.tmp
C:\WINDOWS\System32\SET57.tmp
C:\WINDOWS\System32\SET58.tmp
C:\WINDOWS\System32\SET59.tmp
C:\WINDOWS\System32\SET5C.tmp
"C:\WINDOWS\System32\SIntf16.dll"
C:\Documents and Settings\Propri‚taire\Local Settings\Temp\isE.tmp
C:\Documents and Settings\Propri‚taire\LOCAL Settings\Temp\FP_PL_PFS_INSTALLER.exe


¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :

Quarantine :

FP_PL_PFS_INSTALLER.exe.Kill'em
GRGAREF.TTF.Kill'em
INSTALL.LOG.Kill'em
isE.tmp.Kill'em
MSINET.oca.Kill'em
SET42.tmp.Kill'em
SET4E.tmp.Kill'em
SET57.tmp.Kill'em
SET58.tmp.Kill'em
SET59.tmp.Kill'em
SET5C.tmp.Kill'em
SIntf16.dll.Kill'em

==============
host file OK !
==============

========
Registry
========
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe

============
Disk Cleaned
============

================
Prefetch cleaned
================



¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Voici les résultats Virustotal encore merci de ton aide......

Fichier msmsgs.exe reçu le 2009.12.18 12:21:29 (UTC)
Situation actuelle: terminé
Résultat: 0/41 (0.00%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.43 2009.12.18 -
AhnLab-V3 5.0.0.2 2009.12.18 -
AntiVir 7.9.1.114 2009.12.18 -
Antiy-AVL 2.0.3.7 2009.12.18 -
Authentium 5.2.0.5 2009.12.02 -
Avast 4.8.1351.0 2009.12.18 -
AVG 8.5.0.427 2009.12.18 -
BitDefender 7.2 2009.12.18 -
CAT-QuickHeal 10.00 2009.12.18 -
ClamAV 0.94.1 2009.12.18 -
Comodo 3285 2009.12.18 -
DrWeb 5.0.0.12182 2009.12.18 -
eSafe 7.0.17.0 2009.12.16 -
eTrust-Vet 35.1.7182 2009.12.18 -
F-Prot 4.5.1.85 2009.12.17 -
F-Secure 9.0.15370.0 2009.12.18 -
Fortinet 4.0.14.0 2009.12.18 -
GData 19 2009.12.18 -
Ikarus T3.1.1.79.0 2009.12.18 -
Jiangmin 13.0.900 2009.12.18 -
K7AntiVirus 7.10.923 2009.12.17 -
Kaspersky 7.0.0.125 2009.12.18 -
McAfee 5835 2009.12.17 -
McAfee+Artemis 5835 2009.12.17 -
McAfee-GW-Edition 6.8.5 2009.12.18 -
Microsoft 1.5302 2009.12.18 -
NOD32 4698 2009.12.18 -
Norman 6.04.03 2009.12.18 -
nProtect 2009.1.8.0 2009.12.18 -
Panda 10.0.2.2 2009.12.15 -
PCTools 7.0.3.5 2009.12.18 -
Prevx 3.0 2009.12.18 -
Rising 22.26.04.02 2009.12.18 -
Sophos 4.49.0 2009.12.18 -
Sunbelt 3.2.1858.2 2009.12.18 -
Symantec 1.4.4.12 2009.12.18 -
TheHacker 6.5.0.2.097 2009.12.18 -
TrendMicro 9.100.0.1001 2009.12.18 -
VBA32 3.12.12.0 2009.12.18 -
ViRobot 2009.12.18.2097 2009.12.18 -
VirusBuster 5.0.21.0 2009.12.17 -
Information additionnelle
File size: 1695232 bytes
MD5 : e13ea4860e8f2aa845b53bfd2b6fec5b
SHA1 : b3e323634cc9b35c9af2a5449116628995a286cd
SHA256: d1925d514c8b0dc29c776ce478fd52428025e2cf43ffc2439cecf292c5d427a0
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5EDC1
timedatestamp.....: 0x4802522F (Sun Apr 13 20:34:23 2008)
machinetype.......: 0x14C (Intel I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x10FC86 0x10FE00 6.54 a1a337a881bd143e87330ab499823b4b
.data 0x111000 0x40C8 0x1800 3.88 4efd782140a39bd1cc5129f611f9ac78
.rsrc 0x116000 0x8C120 0x8C200 6.49 aed27941d66b8f0cf79ff84ebac40cb8

( 20 imports )

> advapi32.dll: OpenThreadToken, ImpersonateSelf, RegDeleteKeyA, RegCreateKeyExA, RegOpenKeyExA, CryptAcquireContextW, CryptCreateHash, CryptHashData, CryptGetHashParam, CryptDestroyHash, CryptReleaseContext, RegisterEventSourceW, ReportEventW, DeregisterEventSource, RegDeleteKeyW, RegEnumKeyW, RegQueryInfoKeyW, RegDeleteValueA, RegDeleteValueW, RegQueryValueExA, RegQueryValueExW, RegSetValueExA, RegSetValueExW, RegCreateKeyExW, RegFlushKey, OpenProcessToken, RegCloseKey, RegOpenKeyExW, AllocateAndInitializeSid, InitializeSecurityDescriptor, GetLengthSid, InitializeAcl, AddAccessAllowedAce, SetSecurityDescriptorDacl, FreeSid, RevertToSelf, AccessCheck, IsValidSecurityDescriptor, SetSecurityDescriptorOwner, SetSecurityDescriptorGroup, RegEnumKeyA
> comctl32.dll: CreateToolbarEx, ImageList_Add, ImageList_DrawEx, ImageList_GetIcon, ImageList_Destroy, ImageList_Draw, ImageList_EndDrag, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragMove, ImageList_DragLeave, CreateStatusWindowW, PropertySheetW, -, -, ImageList_Remove, ImageList_AddMasked, ImageList_Create
> comdlg32.dll: GetOpenFileNameW, GetSaveFileNameW, ChooseFontW
> cryptdll.dll: MD5Init, MD5Final, MD5Update
> gdi32.dll: CreatePalette, Ellipse, GetClipRgn, CreateRectRgn, SelectClipRgn, CreateDCW, LPtoDP, SaveDC, SetWindowOrgEx, SetViewportOrgEx, GetSystemPaletteEntries, GetPaletteEntries, BitBlt, CreateCompatibleBitmap, LineTo, MoveToEx, CreatePen, SetDIBits, GetDIBits, EnumFontFamiliesExW, CreateFontIndirectW, DPtoLP, SetBkMode, GetTextExtentPoint32W, FillRgn, CreatePolygonRgn, GetTextMetricsW, Polygon, CreateBitmap, IntersectClipRect, GetClipBox, SetTextAlign, GetTextAlign, ExcludeClipRect, Rectangle, GetMapMode, SetMapMode, GetViewportExtEx, GetWindowExtEx, CreateRectRgnIndirect, RestoreDC, GetStockObject, GetLayout, SetLayout, StretchBlt, GetDIBColorTable, SetTextColor, SetBkColor, CreateHalftonePalette, SelectPalette, RealizePalette, CreateSolidBrush, DeleteObject, GetDeviceCaps, CreateDIBSection, GetObjectW, SetDIBColorTable, SelectObject, DeleteDC, CreateCompatibleDC
> gdiplus.dll: GdipFree, GdipDeleteGraphics, GdipDisposeImage, GdipGetImageWidth, GdipGetImageHeight, GdipGetImagePixelFormat, GdipGetImagePaletteSize, GdipGetImagePalette, GdipCreateBitmapFromFile, GdipCreateBitmapFromFileICM, GdipCreateBitmapFromScan0, GdipBitmapLockBits, GdipBitmapUnlockBits, GdiplusStartup, GdipDrawImageI, GdipGetImageGraphicsContext, GdipAlloc, GdipCloneImage, GdipCreateBitmapFromStreamICM, GdipCreateBitmapFromStream, GdiplusShutdown
> iphlpapi.dll: GetAdaptersInfo
> kernel32.dll: GetProcessHeap, HeapSize, HeapReAlloc, HeapFree, HeapAlloc, HeapDestroy, GetVersionExA, GetStartupInfoA, GetModuleHandleA, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, QueryPerformanceCounter, IsValidLocale, LoadLibraryA, GetCurrentProcessId, GetUserDefaultLCID, lstrcpynA, GetCurrentDirectoryW, GetWindowsDirectoryW, SetCurrentDirectoryW, GetDateFormatW, GetTimeFormatW, GetSystemTimeAsFileTime, GetLocalTime, SystemTimeToFileTime, ExpandEnvironmentStringsW, FindFirstFileW, GetTempPathW, GetTempFileNameW, GetModuleFileNameW, FindResourceExW, FindResourceW, LoadResource, LockResource, SizeofResource, FormatMessageW, GetSystemDefaultUILanguage, GlobalMemoryStatus, CreateDirectoryW, GlobalFree, GetFileAttributesW, MulDiv, CreateEventA, SetUnhandledExceptionFilter, GetCommandLineW, GetModuleHandleW, WideCharToMultiByte, VirtualAlloc, VirtualFree, GetTempFileNameA, GetWindowsDirectoryA, FileTimeToSystemTime, ExpandEnvironmentStringsA, SearchPathA, GetTempPathA, GetFileAttributesA, CopyFileA, CreateFileA, DeleteFileA, CompareFileTime, CompareStringA, GetLocaleInfoW, FormatMessageA, GetSystemTime, IsBadStringPtrA, IsBadStringPtrW, IsBadWritePtr, ResumeThread, TerminateThread, WaitForMultipleObjects, GetSystemDefaultLCID, lstrcpyW, SetLastError, FlushInstructionCache, lstrcmpiA, lstrcmpA, SetFilePointer, MoveFileExW, SetErrorMode, CreateFileMappingA, CreateMutexA, DuplicateHandle, CreateProcessW, ReleaseMutex, GlobalLock, GlobalUnlock, VirtualQuery, GetSystemInfo, GetVersion, VirtualProtect, FindClose, MoveFileW, LocalAlloc, IsDBCSLeadByteEx, GlobalAlloc, SetThreadLocale, CreateFileMappingW, OpenFileMappingW, MapViewOfFile, UnmapViewOfFile, LocalFree, OpenEventW, SetEvent, ResetEvent, DeleteFileW, CompareStringW, WriteFile, ReadFile, lstrcpynW, lstrcmpW, lstrlenW, lstrcmpiW, CreateFileW, GetLastError, GetFileSize, MultiByteToWideChar, LoadLibraryW, GetProcAddress, FreeLibrary, GetTickCount, lstrlenA, LeaveCriticalSection, EnterCriticalSection, GetCurrentThreadId, Sleep, CreateEventW, CreateThread, InterlockedDecrement, InterlockedIncrement, WaitForSingleObject, CloseHandle, DeleteCriticalSection, InitializeCriticalSection, GetCurrentThread, FindResourceA, InterlockedExchange, GetACP, GetLocaleInfoA, GetThreadLocale, RaiseException, GetVersionExW
> msimg32.dll: AlphaBlend, TransparentBlt
> msvcrt.dll: abort, _wtoi, _ftol, wcsncpy, __CxxFrameHandler, vswprintf, sprintf, _CxxThrowException, tolower, realloc, memset, fread, strncpy, _vscwprintf, _setjmp3, longjmp, _mbsstr, time, fprintf, _iob, strtod, _CIpow, _wcsnicmp, _wcsicmp, wcscmp, wcsspn, wcscspn, _strlwr, strtok, __1type_info@@UAE@XZ, _controlfp, _onexit, __dllonexit, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, _acmdln, exit, _cexit, _XcptFilter, _exit, _c_exit, memmove, wcslen, _wcslwr, wcsrchr, malloc, _purecall, __2@YAPAXI@Z, __3@YAXPAX@Z, free, _terminate@@YAXXZ, _except_handler3
> netapi32.dll: NetApiBufferFree, NetGetJoinInformation
> ole32.dll: StgOpenStorageOnILockBytes, IIDFromString, CoInitialize, CoUninitialize, StringFromCLSID, CoGetClassObject, OleLockRunning, OleFlushClipboard, OleRegGetMiscStatus, CreateOleAdviseHolder, OleRegGetUserType, OleRegEnumVerbs, OleSaveToStream, WriteClassStm, OleLoadFromStream, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, OleCreateStaticFromData, OleRun, DoDragDrop, CoTaskMemAlloc, CoCreateGuid, CoTaskMemFree, StringFromGUID2, CreateStreamOnHGlobal, CLSIDFromString, CLSIDFromProgID, RegisterDragDrop, RevokeDragDrop, CoCreateInstance, CoRegisterClassObject, CoRevokeClassObject, OleUninitialize, OleInitialize, GetHGlobalFromILockBytes
> oleaut32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> shell32.dll: ShellExecuteW, DragQueryFileW, SHGetFolderPathW, Shell_NotifyIconW, Shell_NotifyIconA, SHAppBarMessage, DragFinish, DragAcceptFiles, SHGetPathFromIDListW, SHBrowseForFolderW, SHGetMalloc, ShellExecuteExW
> shlwapi.dll: StrCmpIW, SHGetValueW, StrCmpNW, StrChrW, StrStrW, StrToIntExW, StrStrIW, StrCatBuffW, StrPBrkW, wnsprintfW, StrTrimW, StrRChrW, wnsprintfA, StrChrA, StrStrA, StrStrIA, StrCmpNA, -, StrTrimA, StrCatBuffA, StrRChrA, StrCpyNW, SHGetInverseCMAP, StrCmpNIW
> user32.dll: CreateWindowExW, CharUpperA, GetClassInfoExA, RegisterClassExA, CreateWindowExA, LoadMenuW, GetDlgItemInt, SetDlgItemInt, CheckRadioButton, LoadIconW, CheckDlgButton, LoadBitmapW, CreateDialogParamW, GetWindowLongA, SetWindowLongA, IsDlgButtonChecked, CloseWindow, GetDlgCtrlID, DrawEdge, GetLastActivePopup, GetAsyncKeyState, GetScrollInfo, CreateAcceleratorTableW, CharNextW, GetClassNameW, DestroyAcceleratorTable, InvalidateRgn, SetCapture, GetWindowTextW, SetWindowTextW, SetDlgItemTextW, ScreenToClient, LoadStringA, ModifyMenuW, SetCursorPos, MessageBoxW, IsDialogMessageW, MessageBeep, SetWindowPos, SetRectEmpty, CreatePopupMenu, BeginDeferWindowPos, EndDeferWindowPos, LoadBitmapA, RegisterClassW, RegisterWindowMessageW, GetDoubleClickTime, SetMenuDefaultItem, MoveWindow, GetForegroundWindow, TrackPopupMenuEx, DestroyIcon, LoadImageA, TrackPopupMenu, GetSysColor, DrawTextW, GetSystemMetrics, SetParent, LoadIconA, LoadMenuA, SetMenu, SetWindowPlacement, UpdateWindow, AdjustWindowRect, LoadCursorA, SetCursor, RedrawWindow, DialogBoxParamW, GetDlgItemTextW, GetDlgItem, EndDialog, EnableWindow, SendMessageW, GetKeyState, GetFocus, GetNextDlgTabItem, CheckMenuItem, GetMenuItemID, GetMenuItemCount, EnableMenuItem, RemoveMenu, InsertMenuItemW, CheckMenuRadioItem, DeleteMenu, SetMenuItemInfoW, GetCursorPos, GetMenu, GetSubMenu, IsMenu, GetMenuItemInfoW, DestroyMenu, GetParent, FindWindowExW, GetWindowRect, DrawAnimatedRects, IsZoomed, IsWindow, ShowWindow, IsWindowVisible, GetWindowPlacement, SetPropA, GetPropA, CallWindowProcW, RemovePropA, SetForegroundWindow, InvalidateRect, GetSysColorBrush, FillRect, GetClientRect, GetDC, ReleaseDC, SetFocus, OpenInputDesktop, GetUserObjectInformationW, CloseDesktop, FindWindowW, CharPrevW, PostQuitMessage, GetClassInfoExW, RegisterClassExW, ReleaseCapture, DestroyWindow, DefWindowProcW, LoadStringW, GetWindowLongW, SetWindowLongW, KillTimer, SetTimer, PostMessageW, PostThreadMessageW, GetMessageW, TranslateMessage, DispatchMessageW, UnregisterClassW, IsClipboardFormatAvailable, GetDialogBaseUnits, DrawMenuBar, IsIconic, FlashWindow, GetMenuState, wsprintfW, IsChild, EqualRect, IsWindowEnabled, EnumChildWindows, MessageBoxIndirectW, EndPaint, BeginPaint, SystemParametersInfoW, SendDlgItemMessageW, PeekMessageW, LoadCursorW, GetWindowDC, LoadImageW, DrawFocusRect, InflateRect, OffsetRect, DeferWindowPos, GetUpdateRect, GetWindow, PtInRect, GetWindowTextLengthW, GetDesktopWindow, UnhookWindowsHookEx, GetLastInputInfo, CallNextHookEx, SetWindowsHookExW, MapWindowPoints, ClientToScreen, SetRect, AdjustWindowRectEx, MsgWaitForMultipleObjects, GetMessageTime, IntersectRect, WindowFromDC, ValidateRect, UnionRect, SetWindowRgn
> version.dll: GetFileVersionInfoSizeW, GetFileVersionInfoW, GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA, VerQueryValueW
> wininet.dll: InternetReadFile, InternetOpenUrlW, InternetSetStatusCallbackW, InternetOpenW, HttpQueryInfoW, InternetCloseHandle, InternetCrackUrlW, ResumeSuspendedDownload, HttpSendRequestW, GetUrlCacheEntryInfoW, InternetOpenA, InternetConnectW, InternetSetOptionW, HttpOpenRequestW, InternetSetOptionA, InternetCanonicalizeUrlW
> winmm.dll: PlaySoundW, waveInGetNumDevs, waveOutGetNumDevs
> wsock32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -

( 0 exports )
TrID : File type identification
Win 9x/ME Control Panel applet (31.8%)
Windows Screen Saver (26.8%)
Win32 Executable Generic (17.4%)
Win32 Dynamic Link Library (generic) (15.5%)
Generic Win/DOS Executable (4.1%)
ssdeep: 49152:FfYTOYKPu/gEjiEO5ItDVrjwzOe2QMMgMM95:CZjiEO5IhOxMMgMM7
PEiD : -
RDS : NSRL Reference Data Set

Toujours en roue libre... je lance ce site et il vient de m'envoyer sur "entre coquin.com" pour la 2e fois.
Ma femme commence a se poser des questions !!! ;)
Hier il voulait me faire envoyer des cartes de voeux....
C'est souvent lors de la 1ere recherche du navigateur et ça reste bloque sur le site ( impossible de revenir en arriere pour retourner aux résultats du moteur de recherche.

Ta question me fait un peu peur, fini de chercher ?????

Suis abandonné au formatage ???????? SALOPER..... de VIRUS de MERD..

THANKS

Ca a ete tres long...
3 de ces antivirus ne trouve absolument rien.
Kaspersky est en renov.
Puis j'ai lancé l'antivirus que j'ai installé en essai 30 jours G Data (tres tres mou ) qui m'a trouvé ca mais je pense que c'est les divers programmes antivirus ...


Analyse antivirus avec G Data AntiVirus
Version 20.2.3.6 (15/12/2009)
Signatures de virus du 16/01/2010
Tâche : Disques durs locaux
Temps de démarrage: 16/01/2010 19:26:24
Moteur(s) : Moteur A (AVA 19.9650), Moteur B (AVB 19.680)
Heuristique : Entrer
Archives : Entrer
Zones de système : Entrer
Détecter les RootKits : Entrer

Analyse des zones de système...
Détection des RootKits...
Analyse de tous les disques durs locaux...
Objet : A0118240.exe
Chemin: C:\System Volume Information\_restore{AB9D798D-3133-4890-9B4A-B39C84406DB1}\RP375
Etat : Fichier envoyé en quarantaine
Virus : DeepScan:Generic.Bagle.2.2ABFF582 (Engine A)
Objet : (Instyler o)=>(Instyler Module 0)
In Archive : C:\Documents and Settings\Propriétaire\Mes documents\Téléchargements\List_Killem_Install.exe
Etat : Virus détecté
Virus : DeepScan:Generic.Bagle.2.2ABFF582 (Engine A)
Objet : List_Killem_Install.exe
Chemin: C:\Documents and Settings\Propriétaire\Mes documents\Téléchargements
Etat : Virus détecté
Virus : DeepScan:Generic.Bagle.2.2ABFF582 (Engine A)

Exécution de l'analyse complète : 16/01/2010 19:40:38
68904 fichiers analysés
2 fichiers contaminés détectés
0 fichiers suspects détectés

Merci de ton aide

############################## | UsbFix V6.074 |

User : Propriétaire (Administrateurs) # DENIS
Update on 15/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 00:48:52 | 18/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 2.40GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Disabled
AV : G Data TotalCare 2010 18.0 [ Enabled | Updated ]
FW : Pare-feu personnel G Data[ Enabled ]1.0

C:\ -> Disque fixe local # 76,32 Go (26,04 Go free) # NTFS
D:\ -> Disque fixe local # 19,1 Go (19,03 Go free) # NTFS
E:\ -> Disque CD-ROM
I:\ -> Disque CD-ROM
J:\ -> Disque fixe local # 298,09 Go (72,24 Go free) [OneTouch 4] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 792
C:\WINDOWS\system32\csrss.exe 844
C:\WINDOWS\system32\winlogon.exe 868
C:\WINDOWS\system32\services.exe 916
C:\WINDOWS\system32\lsass.exe 928
C:\WINDOWS\system32\Ati2evxx.exe 1112
C:\WINDOWS\system32\svchost.exe 1128
C:\WINDOWS\system32\svchost.exe 1228
C:\WINDOWS\System32\svchost.exe 1344
C:\WINDOWS\system32\svchost.exe 1388
C:\WINDOWS\System32\svchost.exe 1580
C:\WINDOWS\system32\Ati2evxx.exe 1904
C:\WINDOWS\System32\svchost.exe 1964
C:\WINDOWS\Explorer.EXE 2008
C:\WINDOWS\system32\spoolsv.exe 236
C:\WINDOWS\System32\svchost.exe 756
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe 456
C:\WINDOWS\ATKKBService.exe 892
C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe 932
C:\Program Files\G Data\TotalCare\AVK\AVKService.exe 1296
C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe 1316
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe 1588
C:\WINDOWS\System32\svchost.exe 1856
C:\WINDOWS\System32\ups.exe 1876
C:\WINDOWS\system32\wuauclt.exe 312
C:\Program Files\Canon\CAL\CALMAIN.exe 1536
C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe 616
C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe 1632
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe 2076
C:\WINDOWS\htpatch.exe 2088
C:\Program Files\Microsoft IntelliType Pro\type32.exe 2100
C:\Program Files\D-Tools\daemon.exe 2108
C:\Program Files\QuickTime\qttask.exe 2136
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe 2180
C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe 2188
C:\Program Files\Microsoft IntelliPoint\ipoint.exe 2196
C:\WINDOWS\system32\dla\tfswctrl.exe 2208
C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe 2220
C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe 2228
C:\WINDOWS\system32\ctfmon.exe 2252
C:\WINDOWS\System32\alg.exe 2264
C:\Program Files\Larousse Multimédia\LCAD\bin\hiAksMultiling.exe 2384
C:\PROGRA~1\LAROUS~1\Shared\bin\hisrv.exe 2600
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe 3096
C:\Program Files\Mozilla Firefox\firefox.exe 920
C:\WINDOWS\system32\wbem\wmiprvse.exe 3144

################## | Elements infectieux |

C:\WINDOWS\temp\drib.tmp\svchost.exe
C:\WINDOWS\temp\pqwm.tmp\svchost.exe
J:\autorun.inf

################## | Registre |


################## | Mountpoints2 |


################## | Cracks > Keygens > Serials |


################## | ! Fin du rapport # UsbFix V6.074 ! |

############################## | UsbFix V6.074 |

User : Propriétaire (Administrateurs) # DENIS
Update on 15/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 11:23:24 | 18/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 2.40GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Disabled
AV : G Data TotalCare 2010 18.0 [ Enabled | Updated ]
FW : Pare-feu personnel G Data[ Enabled ]1.0

C:\ -> Disque fixe local # 76,32 Go (25,93 Go free) # NTFS
D:\ -> Disque fixe local # 19,1 Go (19,03 Go free) # NTFS
E:\ -> Disque CD-ROM
I:\ -> Disque CD-ROM
J:\ -> Disque fixe local # 298,09 Go (72,24 Go free) [OneTouch 4] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 788
C:\WINDOWS\system32\csrss.exe 840
C:\WINDOWS\system32\winlogon.exe 864
C:\WINDOWS\system32\services.exe 912
C:\WINDOWS\system32\lsass.exe 924
C:\WINDOWS\system32\Ati2evxx.exe 1108
C:\WINDOWS\system32\svchost.exe 1124
C:\WINDOWS\system32\svchost.exe 1244
C:\WINDOWS\System32\svchost.exe 1340
C:\WINDOWS\system32\svchost.exe 1384
C:\WINDOWS\System32\svchost.exe 1556
C:\WINDOWS\System32\svchost.exe 1796
C:\WINDOWS\system32\Ati2evxx.exe 1876
C:\WINDOWS\Explorer.EXE 2024
C:\WINDOWS\system32\spoolsv.exe 216
C:\WINDOWS\System32\svchost.exe 1516
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe 1596
C:\WINDOWS\ATKKBService.exe 1648
C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe 1672
C:\Program Files\G Data\TotalCare\AVK\AVKService.exe 1708
C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe 1744
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe 504
C:\WINDOWS\System32\svchost.exe 552
C:\WINDOWS\System32\ups.exe 560
C:\WINDOWS\system32\wuauclt.exe 656
C:\Program Files\Canon\CAL\CALMAIN.exe 772
C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe 1044
C:\WINDOWS\System32\alg.exe 2144
C:\WINDOWS\system32\wbem\wmiprvse.exe 2172
C:\WINDOWS\system32\WgaTray.exe 2188
C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe 2356

################## | Elements infectieux |

Supprimé ! C:\WINDOWS\temp\pqwm.tmp\svchost.exe
Supprimé ! C:\Recycler\S-1-5-21-839522115-527237240-1801674531-1003
Supprimé ! D:\Recycler\S-1-5-21-839522115-527237240-1801674531-1003
Supprimé ! J:\autorun.inf
Supprimé ! J:\$Recycle.Bin\S-1-5-21-1873216682-3817046591-2889243429-1004
Supprimé ! J:\$Recycle.Bin\S-1-5-21-3018603871-1623780840-4180593031-1000
Supprimé ! J:\Recycler\S-1-5-21-839522115-527237240-1801674531-1003

################## | Registre |


################## | Mountpoints2 |


################## | Listing des fichiers présent |

[03/01/2010 20:53|--a------|1564] C:\aaw7boot.log
[14/01/2010 20:50|--a------|4] C:\AUTOEXEC.BAT
[09/01/2009 17:53|-rahs----|217] C:\boot.ini
[30/08/2002 13:00|-rahs----|4952] C:\Bootfont.bin
[03/02/2007 08:48|-ra------|6990] C:\CLDMA.LOG
[07/03/2003 20:06|--a------|0] C:\CONFIG.SYS
[29/05/2007 20:02|--a------|126521] C:\devicetable.log
[?|?|?] C:\hiberfil.sys
[07/03/2003 20:06|-rahs----|0] C:\IO.SYS
[14/01/2010 20:50|--a------|4160] C:\Kill'em.txt
[14/01/2010 19:02|--a------|22733] C:\List'em.txt
[07/03/2003 20:06|-rahs----|0] C:\MSDOS.SYS
[08/10/2004 15:21|-rahs----|47564] C:\NTDETECT.COM
[26/06/2008 22:45|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[15/03/2003 18:20|--a------|187] C:\UnInstall.dat
[24/05/2001 11:59|--a------|162304] C:\UNWISE.EXE
[18/01/2010 11:34|--a------|3630] C:\UsbFix.txt
[21/10/2004 11:38|--a------|126976] J:\Launch.exe
[02/07/2007 07:36|--a------|381] J:\Launch.ini
[04/04/2008 07:13|--a------|68157440] J:\Mac Installer.dmg
[18/06/2008 10:23|-ra------|370414] J:\mxoicon5.ico

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# J:\autorun.inf -> Dossier créé par UsbFix.

################## | Crack > Keygen > Serial |


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\PROPRI~1\Bureau\UsbFix_Upload_Me_DENIS.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.074 ! |

Les pubs s'ouvrent dans une nouvelle fenetre et c'est quasiment toujours les memes ,la legende des dragons ;test qi par sms a 4e50 ; carte de voeux ;entre coquin. et un moteur de recherche.

Je suis enfin en conges , plus present pour repondre rapidement a ton aide

Merci d'avance

Je ne sais pas si il y a une solution à ce probleme et avast ne l'as pas arreté , faut il mettre une solution antivirale firewall plus puissante ( et surement payante...) pour ne plus rencontrer ce genre de désagrément ???

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.40GHz )
BIOS : Award Modular BIOS v6.0
USER : Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : G Data TotalCare 2010 18.0 (Not Activated)
Firewall : Pare-feu personnel G Data 1.0 (Not Activated)
C:\ (Local Disk) - NTFS - Total:76 Go (Free:25 Go)
D:\ (Local Disk) - NTFS - Total:19 Go (Free:19 Go)
E:\ (CD or DVD)
I:\ (CD or DVD)
J:\ (Local Disk) - NTFS - Total:298 Go (Free:72 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 20/01/2010| 9:14 )

--------------------\\ Listing des dossiers dans APPLIC~1

[18/07/2008|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/06/2005|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[21/09/2008|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[25/02/2006|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[12/01/2010|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\G DATA
[14/09/2008|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[01/05/2007|10:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[03/01/2010|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[05/01/2010|22:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/11/2005|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[11/11/2005|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[28/12/2009|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/04/2003|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[20/09/2008|11:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[14/09/2008|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[11/03/2003|16:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[12/12/2009|10:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[03/09/2005|07:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/07/2008|22:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[15/08/2008|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser

[07/03/2003|20:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[26/02/2005|12:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[22/10/2004|18:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
[07/03/2003|20:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[26/06/2008|23:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[01/07/2008|20:50] C:\DOCUME~1\PROPRI~3\APPLIC~1\Macromedia

[01/07/2008|20:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[22/07/2008|16:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[27/04/2005|18:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[16/07/2006|07:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Beep
[18/08/2008|16:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\DivX
[27/04/2005|18:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\DVD Shrink
[03/01/2010|12:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\dvdcss
[05/10/2008|18:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\EPSON
[06/08/2005|09:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[08/03/2003|16:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[07/03/2003|20:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[07/03/2003|22:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
[28/12/2009|13:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[01/05/2007|11:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech
[24/04/2003|21:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[05/01/2010|22:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[22/10/2004|18:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\McAfee
[27/10/2004|15:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\McAfee.com Personal Firewall
[31/07/2009|11:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Media Player Classic
[01/01/2009|14:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[10/01/2010|09:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[03/02/2005|22:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
[14/09/2008|13:45] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nokia
[14/09/2008|13:45] C:\DOCUME~1\PROPRI~1\APPLIC~1\PC Suite
[18/01/2010|01:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\QuickScan
[31/05/2009|23:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[10/03/2003|16:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\Roxio
[03/01/2010|11:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\uTorrent
[12/12/2009|10:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Viewpoint
[16/01/2010|22:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[15/12/2005|20:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\WinPatrol
[01/05/2007|16:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\ZoomBrowser EX


--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[03/01/2010 20:56][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[10/01/2010 15:00][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[20/01/2010 09:07][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[22/02/2006|17:43] C:\Program Files\Activision
[13/08/2005|08:44] C:\Program Files\Adobe
[27/04/2005|18:29] C:\Program Files\Ahead
[07/03/2003|20:17] C:\Program Files\Analog Devices
[30/10/2008|21:06] C:\Program Files\APC
[05/02/2006|10:06] C:\Program Files\ASUS
[05/06/2005|14:03] C:\Program Files\ASUSTek
[21/05/2005|08:49] C:\Program Files\ATI Technologies
[15/12/2005|20:11] C:\Program Files\BillP Studios
[15/08/2008|18:39] C:\Program Files\Canon
[03/01/2010|14:50] C:\Program Files\CCleaner
[03/05/2003|20:42] C:\Program Files\Common Files
[05/06/2005|14:03] C:\Program Files\CyberLink
[17/06/2009|17:01] C:\Program Files\Defraggler
[14/09/2008|13:41] C:\Program Files\DIFX
[05/07/2009|21:33] C:\Program Files\DivX
[23/03/2005|19:45] C:\Program Files\D-Tools
[25/08/2005|14:05] C:\Program Files\DVD Shrink
[31/07/2009|12:02] C:\Program Files\EA GAMES
[12/02/2005|22:44] C:\Program Files\E-Color
[27/02/2005|17:34] C:\Program Files\EHMINSTALL
[17/06/2009|17:00] C:\Program Files\Executive Software
[03/01/2010|15:45] C:\Program Files\Fichiers communs
[26/06/2008|21:43] C:\Program Files\Free
[03/01/2010|15:45] C:\Program Files\G Data
[26/04/2005|08:56] C:\Program Files\GameSpy Arcade
[30/10/2008|20:58] C:\Program Files\Google
[01/02/2006|19:19] C:\Program Files\IGN
[30/10/2008|22:17] C:\Program Files\InstallShield Installation Information
[30/05/2009|15:27] C:\Program Files\InterActual
[11/01/2010|22:22] C:\Program Files\Internet Explorer
[25/10/2004|19:49] C:\Program Files\Java
[25/10/2004|19:50] C:\Program Files\Java Web Start
[06/05/2003|11:45] C:\Program Files\JavaSoft
[06/05/2003|19:53] C:\Program Files\Larousse Multim‚dia
[15/08/2008|08:53] C:\Program Files\Messenger
[06/12/2009|06:05] C:\Program Files\Microsoft
[14/10/2008|11:47] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[21/06/2005|16:58] C:\Program Files\microsoft frontpage
[26/01/2006|18:12] C:\Program Files\Microsoft IntelliPoint
[26/01/2006|18:11] C:\Program Files\Microsoft IntelliPoint 5.5
[17/06/2005|20:58] C:\Program Files\Microsoft IntelliType Pro
[26/01/2006|18:09] C:\Program Files\Microsoft IntelliType Pro 5.5
[01/01/2009|14:48] C:\Program Files\Microsoft Office
[19/01/2010|22:43] C:\Program Files\Microsoft Silverlight
[06/12/2009|06:07] C:\Program Files\Microsoft SQL Server Compact Edition
[26/12/2008|22:29] C:\Program Files\Microsoft Works
[16/01/2005|16:58] C:\Program Files\Microsoft Works Suite 2003
[26/06/2008|22:49] C:\Program Files\Movie Maker
[20/01/2010|09:08] C:\Program Files\Mozilla Firefox
[21/08/2009|16:21] C:\Program Files\MSBuild
[01/01/2009|14:46] C:\Program Files\MSECache
[26/06/2008|22:50] C:\Program Files\msn
[07/03/2003|20:02] C:\Program Files\MSN Gaming Zone
[26/06/2008|23:27] C:\Program Files\MSXML 4.0
[26/06/2008|22:47] C:\Program Files\NetMeeting
[20/09/2008|11:50] C:\Program Files\NOS
[22/01/2005|10:20] C:\Program Files\OfficeUpdate11
[15/07/2006|18:17] C:\Program Files\orange
[17/08/2009|14:25] C:\Program Files\Outlook Express
[31/07/2009|11:58] C:\Program Files\QuickTime
[07/11/2004|20:17] C:\Program Files\Real
[21/08/2009|16:21] C:\Program Files\Reference Assemblies
[01/05/2007|10:57] C:\Program Files\Roxio
[07/03/2003|20:05] C:\Program Files\Services en ligne
[10/03/2003|18:48] C:\Program Files\SiSLan
[31/01/2006|22:00] C:\Program Files\Ubisoft
[07/03/2003|20:13] C:\Program Files\Uninstall Information
[18/11/2009|01:48] C:\Program Files\uTorrent
[31/05/2009|23:29] C:\Program Files\VideoLAN
[12/12/2009|10:05] C:\Program Files\Viewpoint
[06/12/2009|06:07] C:\Program Files\Windows Live
[06/12/2009|06:04] C:\Program Files\Windows Live SkyDrive
[07/07/2008|21:25] C:\Program Files\Windows Media Connect 2
[07/07/2008|21:25] C:\Program Files\Windows Media Player
[26/06/2008|22:47] C:\Program Files\Windows NT
[26/10/2004|20:48] C:\Program Files\WindowsUpdate
[19/08/2005|17:53] C:\Program Files\WinRAR
[07/03/2003|20:06] C:\Program Files\xerox
[18/07/2009|22:30] C:\Program Files\XP Codec Pack
[19/01/2006|22:42] C:\Program Files\Zero G Registry

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[12/10/2008|20:48] C:\Program Files\Fichiers communs\Adaptec Shared
[22/07/2008|16:50] C:\Program Files\Fichiers communs\Adobe
[27/04/2005|18:29] C:\Program Files\Fichiers communs\Ahead
[15/08/2008|18:31] C:\Program Files\Fichiers communs\Canon
[05/07/2009|21:32] C:\Program Files\Fichiers communs\DivX Shared
[03/01/2010|15:46] C:\Program Files\Fichiers communs\G DATA
[01/05/2007|10:59] C:\Program Files\Fichiers communs\InstallShield
[13/10/2008|21:23] C:\Program Files\Fichiers communs\LogiShrd
[10/01/2010|09:49] C:\Program Files\Fichiers communs\Microsoft Shared
[07/03/2003|20:04] C:\Program Files\Fichiers communs\MSSoap
[15/07/2006|18:17] C:\Program Files\Fichiers communs\Oberon Media
[08/03/2003|02:56] C:\Program Files\Fichiers communs\ODBC
[31/05/2009|23:27] C:\Program Files\Fichiers communs\Real
[26/12/2004|18:02] C:\Program Files\Fichiers communs\Roxio Shared
[07/03/2003|20:04] C:\Program Files\Fichiers communs\Services
[08/03/2003|02:56] C:\Program Files\Fichiers communs\SpeechEngines
[26/06/2008|22:47] C:\Program Files\Fichiers communs\System
[01/05/2007|10:58] C:\Program Files\Fichiers communs\TiVo Shared
[18/12/2008|14:09] C:\Program Files\Fichiers communs\Windows Live
[10/07/2008|22:26] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 50 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 09:23:11
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:32][D:6]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:8][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:6][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 20/01/2010| 9:26 - Option : [1]

--------------------\\ Fin du rapport a 9:26:40

Rapport de superantispyware

SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 01/20/2010 at 12:52 PM

Application Version : 4.33.1000

Core Rules Database Version : 4496
Trace Rules Database Version: 2310

Scan type : Complete Scan
Total Scan Time : 01:07:01

Memory items scanned : 437
Memory threats detected : 0
Registry items scanned : 5248
Registry threats detected : 0
File items scanned : 20720
File threats detected : 9

Adware.Tracking Cookie
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@atdmt[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@ad.yieldmanager[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@ad.yieldmanager[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@content.yieldmanager[3].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@zedo[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@zedo[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@content.yieldmanager[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@clickpayz5.91462.blueseek[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@content.yieldmanager[1].txt

Quatre fois que je clique sur démarrer le scan et 4 fois que le pc plante sur drweb ; bouton reset obligatoire !

J'ai aussi essayer de leur site mais ca revient au meme

????

Celui de l'installation de window XP ...oui...

ComboFix 10-01-19.08 - Propriétaire 20/01/2010 19:53:32.1.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1024.731 [GMT 1:00]
Lancé depuis: c:\documents and settings\Propriétaire\Mes documents\Téléchargements\ComboFix.exe
AV: G Data TotalCare 2010 *On-access scanning disabled* (Updated) {71310606-6F3B-49F2-9A81-8315AA75FBB3}
FW: Pare-feu personnel G Data *disabled* {6E6F4BA6-C07D-443F-A130-0A57DA59A082}
* Un antivirus résident est actif

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

Une copie infectée de c:\windows\system32\DRIVERS\atapi.sys a été trouvée et désinfectée
Copie restaurée à partir de - Kitty ate it :p
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-20 au 2010-01-20 ))))))))))))))))))))))))))))))))))))
.

2010-01-20 10:25 . 2010-01-20 10:25 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-01-20 10:25 . 2010-01-20 16:22 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-01-20 08:11 . 2010-01-20 08:26 -------- d-----w- C:\Lop SD
2010-01-17 23:47 . 2010-01-18 10:34 -------- d-----w- C:\UsbFix
2010-01-14 19:27 . 2010-01-14 19:27 -------- d-----w- C:\Kill'em
2010-01-12 16:31 . 2010-01-12 16:32 -------- d-----w- C:\rsit
2010-01-10 08:44 . 2010-01-10 08:44 0 ----a-w- c:\windows\nsreg.dat
2010-01-05 21:27 . 2010-01-05 21:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-03 14:58 . 2010-01-03 14:58 68976 ----a-w- c:\windows\system32\drivers\GRD.sys
2010-01-03 14:51 . 2010-01-03 15:11 55624 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2010-01-03 14:50 . 2010-01-03 14:50 34632 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2010-01-03 14:47 . 2010-01-03 14:47 51784 ----a-w- c:\windows\system32\drivers\GDTdiIcpt.sys
2010-01-03 14:47 . 2010-01-03 14:47 22528 ----a-w- c:\windows\system32\drivers\GDNdisIm.sys
2010-01-03 14:47 . 2010-01-03 15:07 28616 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2010-01-03 14:45 . 2010-01-12 17:17 -------- d-----w- c:\documents and settings\All Users\Application Data\G DATA
2010-01-03 14:45 . 2010-01-03 14:46 -------- d-----w- c:\program files\Fichiers communs\G DATA
2010-01-03 14:45 . 2010-01-03 14:45 -------- d-----w- c:\program files\G Data
2009-12-28 13:54 . 2010-01-03 19:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-12-25 15:35 . 2009-12-25 15:35 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-12-25 13:20 . 2009-12-25 13:20 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 21:43 . 2009-12-06 05:08 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-19 17:53 . 2002-08-30 12:00 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-01-03 13:50 . 2008-09-02 18:27 -------- d-----w- c:\program files\CCleaner
2009-12-12 09:05 . 2009-12-12 09:05 -------- d-----w- c:\program files\Viewpoint
2009-12-12 09:05 . 2009-12-12 09:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-12-12 08:42 . 2002-08-30 12:00 84766 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-12 08:42 . 2002-08-30 12:00 510742 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-06 05:07 . 2008-07-10 21:23 -------- d-----w- c:\program files\Windows Live
2009-12-06 05:07 . 2009-12-06 05:07 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-12-06 05:05 . 2009-12-06 05:05 -------- d-----w- c:\program files\Microsoft
2009-12-06 05:04 . 2009-12-06 05:04 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-10-29 07:44 . 2002-08-30 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:44 . 2009-07-13 21:07 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:44 . 2002-08-30 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2002-10-11 98304]
"HTpatch"="c:\windows\htpatch.exe" [2002-10-30 28672]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-05-19 98304]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-06-10 339968]
"WinPatrol"="c:\progra~1\BILLPS~1\WINPAT~1\WinPatrol.exe" [2005-11-15 222784]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2005-12-04 461584]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-08-26 122941]
"GDFirewallTray"="c:\program files\G Data\TotalCare\Firewall\GDFirewallTray.exe" [2009-09-24 1124936]
"G DATA AntiVirus Trayapplication"="c:\program files\G Data\TotalCare\AVKTray\AVKTray.exe" [2009-09-07 925768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="c:\program files\Fichiers communs\logishrd\WUApp32.exe" [2008-02-06 439568]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.exe.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2003-4-14 113664]
APC UPS Status.lnk - c:\program files\APC\APC PowerChute Personal Edition\Display.exe [2003-12-16 221251]
Ask Larousse Chambers.lnk - c:\program files\Larousse Multim‚dia\LCAD\bin\hiAksMultiling.exe [2003-5-6 36864]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\EA GAMES\\MOHDA\\MOHAA.exe"=
"c:\\Program Files\\Ubisoft\\Crytek\\Far Cry\\Bin32\\FarCry.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [23/03/2005 19:45 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [23/03/2005 19:45 5248]
R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [03/01/2010 15:47 28616]
R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [03/01/2010 15:58 68976]
R2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe [12/08/2009 09:04 1054792]
R2 AVKService;Planificateur G Data;c:\program files\G Data\TotalCare\AVK\AVKService.exe [12/08/2009 09:04 397896]
R2 AVKWCtl;G Data Gardien;c:\program files\G Data\TotalCare\AVK\AVKWCtl.exe [30/07/2009 12:33 1251488]
R2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [03/01/2010 15:47 51784]
R3 GDFwSvc;Pare-feu personnel G Data;c:\program files\G Data\TotalCare\Firewall\GDFwSvc.exe [03/08/2009 13:49 1547104]
R3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [03/01/2010 15:51 55624]
R3 GDNdisIm;G DATA Software AG IM Service;c:\windows\system32\drivers\GDNdisIm.sys [03/01/2010 15:47 22528]
R3 GDScan;G Data Scanner;c:\program files\Fichiers communs\G DATA\GDScan\GDScan.exe [27/07/2009 03:03 302152]
R3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [03/01/2010 15:50 34632]
S3 ASUSHWIO;ASUSHWIO;\??\c:\windows\system32\drivers\ASUSHWIO.sys --> c:\windows\system32\drivers\ASUSHWIO.sys [?]
S3 G Data Tuner Service;G Data Tuner Service;c:\program files\G Data\TotalCare\AVKTuner\AVKTunerService.exe [20/04/2009 03:44 918600]
S3 oflpydin;oflpydin;\??\c:\docume~1\PROPRI~1\LOCALS~1\Temp\oflpydin.sys --> c:\docume~1\PROPRI~1\LOCALS~1\Temp\oflpydin.sys [?]
S3 Service G Data Backup;Service G Data Backup;c:\program files\G Data\TotalCare\AVKBackup\AVKBackupService.exe [09/07/2009 10:03 865352]
S4 Viewpoint Service;Viewpoint Service;c:\program files\Viewpoint\Common\ViewpointService.exe [12/12/2009 10:05 30152]
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://google.fr
mSearch Bar = hxxp://www.wanadoo.fr/go/page_recherche/
uInternet Connection Wizard,ShellNext = iexplore
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
FF - ProfilePath - c:\documents and settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\mcsak6qo.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}\components\AvkWebFilterFF.dll
FF - plugin: c:\program files\IGN\Download Manager\npfpdlm.dll
FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava11.dll
FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava12.dll
FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava13.dll
FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava32.dll
FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJPI140_03.dll
FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPOJI610.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-MPFTray - c:\progra~1\McAfee.com\PERSON~1\MpfTray.exe
HKLM-Run-MISAggregator - (no file)
AddRemove-HijackThis - c:\documents and settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\DWW7N211\HijackThis.exe
AddRemove-SiS7002 - c:\windows\UnSiSUSB.exe PCI\VEN_1039&DEV_7002



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 20:02
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HTpatch = c:\windows\htpatch.exe?ows\CurrentVersion\Run???\??????[????`??[???[`??[???????????????[???[???[???[$??????[???????????????[???????????[$Q?w????(??????w?Q?w????9??w`Z?w???[:???????d???r??[1??[???[d??????[?-?[?????N?w8h?[\2?[?1?[htinst.INI?[?u?[????d????????G?

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x86EF29F0]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf76f2f28
\Driver\ACPI -> ACPI.sys @ 0xf763ecb8
\Driver\atapi -> 0x86ef29f0
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: Carte Fast Ethernet PCI de base SiS 900 #2 -> SendCompleteHandler -> NDIS.sys @ 0xf74c4b0a
PacketIndicateHandler -> NDIS.sys @ 0xf74cfa21
SendHandler -> NDIS.sys @ 0xf74c4949
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(872)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1900)
c:\progra~1\BILLPS~1\WINPAT~1\PATROLPRO.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\APC\APC PowerChute Personal Edition\mainserv.exe
c:\program files\Larousse Multimédia\LCAD\bin\hiAksMultiling.exe
c:\windows\ATKKBService.exe
c:\progra~1\LAROUS~1\Shared\bin\hisrv.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\APC\APC PowerChute Personal Edition\apcsystray.exe
c:\program files\Canon\CAL\CALMAIN.exe
.
**************************************************************************
.
Heure de fin: 2010-01-20 20:10:19 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-20 19:10

Avant-CF: 27 131 293 696 octets libres
Après-CF: 27 208 364 032 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptOut

- - End Of File - - 73A5DFE6582F2D8F3ACE70394625C259

Quand je double clique pour lancer le programme une fenetre apparait 1 seconde puis disparait !

Pas de rapport sur le bureau... est ce normal ???

Le programme fait 75.5 ko mais pour le rapport ???

Je vient de cliquer sur plusieurs liens et JE N'EST PAS ETE REDIRIGER SUR UN SITE A LA NOIX !!!!!!!!

Semi victoire ??????