Sos sous Firefox (redirection d'url)

Résolu
bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   -  
bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   -
Bonjour,
sous FF lorsque j'effectue une recherche dans google
- les google preview sont toutes sous la forme d'un rectangle blanc avec un gros rond rouge barré de rouge ...(mais en cliquant dessus l'url est bonne)
- si je clique sur une url de l'un des résultats je suis aussitôt redirigé ....
exemple pour le forum de ccm : http://go.google.com/?u=10643135c77d1b3f640013780887%3Dc%3Fphp.kcilc%2F341.922.19.77&bid=0.005400&aid=61&said=v3001&mppc=234

j'ai essayé pas mal de choses mais rien à faire ...
spybot refuse d'ailleurs de s'installer pour faire une recherche ...
c'est la cata !!!
si vous pouvez me dépanner , grand merci !
b g

--

le 'www' est fait aussi pour communiquer, partager et échanger, non ?
Configuration: Windows XP
Firefox 2.0.0.4

64 réponses

  • 1
  • 2
  • 3
  • 4
Résumé de la discussion

Sous Firefox, lors d'une recherche Google, les aperçus s'affichent sous forme de rectangles blancs avec un rond rouge et, en cliquant, une redirection se produit vers une URL correcte. Plusieurs réponses recommandent des outils de diagnostic et de nettoyage comme RSIT, HijackThis et Malwarebytes Anti-Malware pour identifier et supprimer les éléments indésirables. D'autres conseillent de désinstaller d'anciennes versions Java et d'installer Java 6 Update 11 afin de corriger des failles et éviter de futures infections. Des rapports générés par ces outils et les journaux système permettent d'orienter les actions à mener et nécessitent parfois un partage des résultats pour approfondir le dépistage.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    Bonsoir,
    Fait un rapport avec hijackthis, fais un double-clic sur HJTInstall.exe afin de lancer l'installation ,clique sur Install ensuite sur I Accept, ensuite Clique sur Do a scan system and save log file.Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu et poste le ici pour que l'on puisse l'analyser,voici le tuto hijackthis,
    0
    1. Utilisateur anonyme
       
      Pardon, mais un gros rond rouge barre de rouge ???
      0
  2. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    BEN ... j'ai quasiment tout essayé .... spybot ou hijack sont refusés à l'installation
    bitdefender et avira ne trouvent rien
    SpywareTerminator et tune up trouvent 2 dll dans windows/system32 mais n'arrivent pas à les supprimer, j'ai essayé plusieurs solutions, rien à faire, j'ai supprimé les fichiers de restauration , les *.reg de ccleaner et regcleaner ...
    rien de rien !!!
    la panique quoi ...
    et les vignette de google preview sont bien remplacées par un rond rouge barré de rouge, mais en cliquant dessus j'arrive quand même sur la bonne url alors que si je suis le lien ... hop je pars je ne sais où ....
    même certains liens de téléchargement d'utilitaires de nettoyage sont refusés ...
    alors si vous avez une solution ! ce serait la bienvenue !!!
    @+
    b g
    0
  3. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    Essaye ceci

    Télécharge Superantispyware (SAS) en cliquant sur ce lien :

    Choisis "enregistrer" et enregistre-le sur ton bureau.

    Double-clique sur l'icône d'installation qui vient de se créer et suis les instructions.

    Créé une icône sur le bureau.

    Double-clique sur l'icône de SAS (une tête dans un cercle rouge barré) pour le lancer.

    - Si l'outil te demande de mettre à jour le programme ("update the program definitions", clique sur yes.
    - Sous Configuration and Preferences, clique sur le bouton "Preferences"
    - Clique sur l'onglet "Scanning Control "
    - Dans "Scanner Options ", assure toi que la case devant lles lignes suivantes est cochée :

    Close browsers before scanning
    Scan for tracking cookies
    Terminate memory threats before quarantining
    - Laisse les autres lignes décochées.

    - Clique sur le bouton "Close" pour quitter l'écran du centre de contrôle.

    - Dans la fenêtre principale, clique, dans "Scan for Harmful Software", sur "Scan your computer".

    Dans la colonne de gauche, coche C:\Fixed Drive.

    Dans la colonne de droite, sous "Complete scan", clique sur "Perform Complete Scan"

    Clique sur "next" pour lancer le scan. Patiente pendant la durée du scan.

    A la fin du scan, une fenêtre de résultats s'ouvre . Clique sur OK.

    Assure toi que toutes les lignes de la fenêtre blanche sont cochées et clique sur "Next".

    Tout ce qui a été trouvé sera mis en quarantaine. S'il t'es demandé de redémarrer l'ordi ("reboot"), clique sur Yes.

    Voici le tuto SUPERAntiSpyware

    Pour recopier les informations sur le forum, fais ceci :

    - après le redémarrage de l'ordi, double-clique sur l'icône pour lancer SAS.
    - Clique sur "Preferences" puis sur l'onglet "Statistics/Logs ".
    - Dans "scanners logs", double-clique sur SUPERAntiSpyware Scan Log.

    - Le rapport va s'ouvrir dans ton éditeur de texte par défaut.

    - Copie son contenu dans ta réponse.

    0
  4. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    Merci mais si je clique sur ton lien je n'arrive nulle part ....
    je vais essayer de le trouver autrement

    voici ce que SPYWARE TERMINATOR
    a trouvé:
    Backdoor.TDSS.atb dans windows/system32/TDSSriqp.dll
    Backdoor.TDSS.aru dans windows/system32/TDSSoiqh.dll
    leur supression ou destruction est toujours un échec ...
    je viens d'essayer d'installer de nouveau spybot ... scratch complet !
    il y a déjà certains post sur les 'presque' mêmes ... mais qui n'ont pas fonctionné pour moi ! comme par hasard
    ps ... de plus je suis ici en bas débit !!!
    b g
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    je viens d'essayer ...
    quand je vais sur https://www.superantispyware.com/
    FF et IE ne peuvent pas charger la page ....
    pas mal non !
    alors comment faire ?
    b g
    0
  7. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    je viens de mettre "HJTInstall.exe" >> double clic et ... rien !
    je ne sais plus comment faire ...
    0
  8. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    et le top ...
    dès que je mets un post si je recherge la page ... reconnexion à faire ! c'est à ne plus rien y comprendre ...
    0
  9. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    re ... je viens de mettre superantispyware ... mais comme tous les autres, impossible de lancer l'install !
    <?xml version="1.0" encoding="UTF-16"?>
    <DATABASE>
    <EXE NAME="SUPERAntiSpyware.exe" FILTER="GRABMI_FILTER_PRIVACY">
        <MATCHING_FILE NAME="antivir_workstation_winu_fr_h.exe" SIZE="25220680" CHECKSUM="0x3544A89D" MODULE_TYPE="WIN32" PE_CHECKSUM="0x180DDE9" LINKER_VERSION="0x0" LINK_DATE="05/22/2007 04:59:14" UPTO_LINK_DATE="05/22/2007 04:59:14" />
        <MATCHING_FILE NAME="EasyPHP.exe" SIZE="172032" CHECKSUM="0x58C3E8D6" BIN_FILE_VERSION="1.8.0.0" BIN_PRODUCT_VERSION="1.8.0.0" PRODUCT_VERSION="1.8.0.0" FILE_DESCRIPTION="EasyPHP Manager" COMPANY_NAME="EasyPHP" PRODUCT_NAME="Application EasyPHP" FILE_VERSION="1.8.0.0" ORIGINAL_FILENAME="EasyPHP.EXE" INTERNAL_NAME="EasyPHP" LEGAL_COPYRIGHT="Copyright (C) 2004" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.8.0.0" UPTO_BIN_PRODUCT_VERSION="1.8.0.0" LINK_DATE="02/28/2005 11:50:44" UPTO_LINK_DATE="02/28/2005 11:50:44" VER_LANGUAGE="Français (France) [0x40c]" />
        <MATCHING_FILE NAME="FindyKill.exe" SIZE="517296" CHECKSUM="0xD465022B" BIN_FILE_VERSION="2.0.0.24" BIN_PRODUCT_VERSION="2.0.0.24" PRODUCT_VERSION="2, 0, 0, 24" FILE_DESCRIPTION="" COMPANY_NAME="" PRODUCT_NAME="FindyKill Install Program" FILE_VERSION="2, 0, 0, 24" ORIGINAL_FILENAME="" INTERNAL_NAME="" LEGAL_COPYRIGHT="" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.0.24" UPTO_BIN_PRODUCT_VERSION="2.0.0.24" LINK_DATE="12/17/2004 08:58:40" UPTO_LINK_DATE="12/17/2004 08:58:40" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
        <MATCHING_FILE NAME="Firefox Setup 3.0.4.exe" SIZE="7608200" CHECKSUM="0xA344001F" BIN_FILE_VERSION="4.42.0.0" BIN_PRODUCT_VERSION="4.42.0.0" PRODUCT_VERSION="4.42" FILE_DESCRIPTION="Firefox" COMPANY_NAME="Mozilla" PRODUCT_NAME="Firefox" FILE_VERSION="4.42" ORIGINAL_FILENAME="7zS.sfx.exe" INTERNAL_NAME="7zS.sfx" LEGAL_COPYRIGHT="Mozilla" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x743B65" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="4.42.0.0" UPTO_BIN_PRODUCT_VERSION="4.42.0.0" LINK_DATE="08/15/2006 22:27:50" UPTO_LINK_DATE="08/15/2006 22:27:50" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
        <MATCHING_FILE NAME="HJTInstall.exe" SIZE="812344" CHECKSUM="0x500A3516" BIN_FILE_VERSION="1.0.0.1" BIN_PRODUCT_VERSION="1.0.0.1" PRODUCT_VERSION="2.00.2" FILE_DESCRIPTION="HijackThis" COMPANY_NAME="Trend Micro Inc." PRODUCT_NAME="HijackThis" FILE_VERSION="2.00.2" ORIGINAL_FILENAME="HJTInstall.exe" INTERNAL_NAME="HJTInstall.exe" LEGAL_COPYRIGHT="(c) TrendMirco Inc.  All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xD44EE" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.1" UPTO_BIN_PRODUCT_VERSION="1.0.0.1" LINK_DATE="06/07/2007 17:00:02" UPTO_LINK_DATE="06/07/2007 17:00:02" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
        <MATCHING_FILE NAME="mbam-setup.exe" SIZE="2539400" CHECKSUM="0x4C073403" BIN_FILE_VERSION="1.31.0.0" BIN_PRODUCT_VERSION="0.0.0.0" PRODUCT_VERSION="1.31                " FILE_DESCRIPTION="Malwarebytes' Anti-Malware                                  " COMPANY_NAME="Malwarebytes Corporation                                    " PRODUCT_NAME="Malwarebytes' Anti-Malware                                  " FILE_VERSION="1.31                " LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved.                                                    " VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x271763" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="1.31.0.0" UPTO_BIN_PRODUCT_VERSION="0.0.0.0" LINK_DATE="06/19/1992 22:22:17" UPTO_LINK_DATE="06/19/1992 22:22:17" VER_LANGUAGE="Langue neutre [0x0]" />
        <MATCHING_FILE NAME="spybotsd160.exe" SIZE="15083520" CHECKSUM="0xB2D9476F" BIN_FILE_VERSION="1.6.0.0" BIN_PRODUCT_VERSION="0.0.0.0" PRODUCT_VERSION="1.6.0               " FILE_DESCRIPTION="Spybot - Search &amp; Destroy                                   " COMPANY_NAME="Safer Networking Limited                                    " PRODUCT_NAME="Spybot - Search &amp; Destroy                                   " FILE_VERSION="1.6.0               " LEGAL_COPYRIGHT="© 2000-2008 Safer Networking Limited. All rights reserved.                                          " VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xE6494F" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="1.6.0.0" UPTO_BIN_PRODUCT_VERSION="0.0.0.0" LINK_DATE="06/19/1992 22:22:17" UPTO_LINK_DATE="06/19/1992 22:22:17" VER_LANGUAGE="Langue neutre [0x0]" />
        <MATCHING_FILE NAME="SpywareTerminatorSetup.exe" SIZE="646376" CHECKSUM="0x6E623061" BIN_FILE_VERSION="2.5.0.567" BIN_PRODUCT_VERSION="0.0.0.0" FILE_DESCRIPTION="Spyware Terminator Setup                                    " COMPANY_NAME="Crawler Inc.                                                " FILE_VERSION="2.5.0.567           " LEGAL_COPYRIGHT="copyright Crawler                                                                                   " VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xA50DE" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.5.0.567" UPTO_BIN_PRODUCT_VERSION="0.0.0.0" LINK_DATE="06/19/1992 22:22:17" UPTO_LINK_DATE="06/19/1992 22:22:17" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
        <MATCHING_FILE NAME="SUPERAntiSpyware.exe" SIZE="6637592" CHECKSUM="0xA0040FAE" BIN_FILE_VERSION="4.21.0.1004" BIN_PRODUCT_VERSION="4.21.0.1004" FILE_DESCRIPTION="SUPERAntiSpyware Free Edition" COMPANY_NAME="SUPERAntiSpyware.com" FILE_VERSION="4.21.0.1004" LEGAL_COPYRIGHT="SUPERAntiSpyware.com" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x10001" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x656EDD" LINKER_VERSION="0x40000" UPTO_BIN_FILE_VERSION="4.21.0.1004" UPTO_BIN_PRODUCT_VERSION="4.21.0.1004" LINK_DATE="01/29/2004 06:13:04" UPTO_LINK_DATE="01/29/2004 06:13:04" />
        <MATCHING_FILE NAME="ToolsCleaner2.exe" SIZE="455168" CHECKSUM="0x563BF6B" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" LINK_DATE="06/19/1992 22:22:17" UPTO_LINK_DATE="06/19/1992 22:22:17" />
        <MATCHING_FILE NAME="pass_12042008\usb\Thunderbird Setup 2.0.0.17.exe" SIZE="6834208" CHECKSUM="0xE281DA77" BIN_FILE_VERSION="4.42.0.0" BIN_PRODUCT_VERSION="4.42.0.0" PRODUCT_VERSION="4.42" FILE_DESCRIPTION="Thunderbird" COMPANY_NAME="Mozilla" PRODUCT_NAME="Thunderbird" FILE_VERSION="4.42" ORIGINAL_FILENAME="7zS.sfx.exe" INTERNAL_NAME="7zS.sfx" LEGAL_COPYRIGHT="Mozilla" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x68E290" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="4.42.0.0" UPTO_BIN_PRODUCT_VERSION="4.42.0.0" LINK_DATE="08/15/2006 22:27:50" UPTO_LINK_DATE="08/15/2006 22:27:50" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
        <MATCHING_FILE NAME="raccourcis\POUR LES DOUBLONS  dupfinder.exe" SIZE="225792" CHECKSUM="0x89FBD61B" BIN_FILE_VERSION="2.0.0.0" BIN_PRODUCT_VERSION="2.0.0.0" PRODUCT_VERSION="2.0" FILE_DESCRIPTION="Duplicate File Finder" COMPANY_NAME="Microsoft" PRODUCT_NAME="DUPFINDER Application" FILE_VERSION="2.0" ORIGINAL_FILENAME="DUPFINDER.EXE" INTERNAL_NAME="DUPFINDER" LEGAL_COPYRIGHT="Copyright (C) Microsoft Corp. 1998" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x41185" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.0.0" UPTO_BIN_PRODUCT_VERSION="2.0.0.0" LINK_DATE="04/25/1998 01:39:54" UPTO_LINK_DATE="04/25/1998 01:39:54" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
    </EXE>
    <EXE NAME="kernel32.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
        <MATCHING_FILE NAME="kernel32.dll" SIZE="1054720" CHECKSUM="0x98676D5" BIN_FILE_VERSION="5.1.2600.5512" BIN_PRODUCT_VERSION="5.1.2600.5512" PRODUCT_VERSION="5.1.2600.5512" FILE_DESCRIPTION="DLL du client API BASE Windows NT" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="5.1.2600.5512 (xpsp.080413-2111)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1049F8" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5512" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5512" LINK_DATE="04/14/2008 02:33:02" UPTO_LINK_DATE="04/14/2008 02:33:02" VER_LANGUAGE="Français (France) [0x40c]" />
    </EXE>
    </DATABASE>
    

    alors là si vous avez la solution .... je suis preneur !
    0
  10. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    j'ai réussi àfaire tourner une ancienne version de hijack, voici les deux rapports, l'un avant bidouillage, l'autre après, mais il n'y a toujours rien de changé ...
    1
    Logfile of HijackThis v1.99.0
    Scan saved at 22:49:57, on 15/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Launch Manager\LaunchAp.exe
    C:\Program Files\Launch Manager\HotkeyApp.exe
    C:\Program Files\Launch Manager\OSD.exe
    C:\Program Files\Launch Manager\Wbutton.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
    C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    C:\WINDOWS\system32\PSIService.exe
    d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\System32\TUProgSt.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\WINDOWS\system32\cidaemon.exe
    D:\divers\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
    O2 - BHO: HunterSite Class - {A83E9D7E-119A-4A2C-94FE-2D4315ED3D40} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: GooglePreviewIE Toolbar Helper - {D476B977-AF6C-481A-8472-2ABAB5E89F20} - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: GooglePreviewIE Toolbar - {AEC32322-9D72-4C55-A108-33875F07BC03} - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
    O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
    O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
    O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe
    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [1&1 EasyLogin] C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O8 - Extra context menu item: Afficher cette page dans Firefox - file://C:\Documents and Settings\bg\Application Data\Mozilla\Firefox\Profiles\27cecemc.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O8 - Extra context menu item: Ouvrir avec GetRight - C:\Program Files\GetRight\GRbrowse.htm
    O8 - Extra context menu item: Ouvrir la cible dans Firefox - file://C:\Documents and Settings\bg\Application Data\Mozilla\Firefox\Profiles\27cecemc.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
    O8 - Extra context menu item: Save Flash to GetFlash - res://D:\Program Files\Superhunter\GetFlash\GetFlash.dll/GetFlash.htm
    O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
    O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - d:\Program Files\Systran\Premium\menuClearCache.html
    O8 - Extra context menu item: SYSTRAN: &Options - d:\Program Files\Systran\Premium\menuConfigure.html
    O8 - Extra context menu item: SYSTRAN: &Traduire - d:\Program Files\Systran\Premium\menuTranslate.html
    O8 - Extra context menu item: SYSTRAN: En&registrement - d:\Program Files\Systran\Premium\menuRegister.html
    O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - d:\Program Files\Systran\Premium\menuUpdate.html
    O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - d:\Program Files\Systran\Premium\menuTranslateAll.html
    O8 - Extra context menu item: Télecharger avec GetRight - C:\Program Files\GetRight\GRdownload.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O9 - Extra 'Tools' menuitem: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslate.html
    O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslate.html
    O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslateAll.html
    O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslateAll.html
    O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuConfigure.html
    O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuConfigure.html
    O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuClearCache.html
    O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuClearCache.html
    O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuRegister.html
    O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuRegister.html
    O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
    O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
    O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
    O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
    O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
    O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
    O11 - Options group: [!AGetFlash] GetFlash
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: a-squared Free Service - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: BitDefender Scan Server - Unknown - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service d'administration du Gestionnaire de disque logique - Unknown - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Journal des événements - Unknown - C:\WINDOWS\system32\services.exe
    O23 - Service: Fax - Unknown - C:\WINDOWS\system32\fxssvc.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service COM de gravage de CD IMAPI - Unknown - C:\WINDOWS\system32\imapi.exe
    O23 - Service: BitDefender Desktop Update Service - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: RaySat_3dsmax8 Server - Unknown - D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
    O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - C:\WINDOWS\system32\mnmsrvc.exe
    O23 - Service: Motkkdio - Unknown - C:\WINDOWS\system32\autofmt.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NMSAccess - Unknown - D:\Program Files\studioline web\NMSAccess.exe (file missing)
    O23 - Service: Plug-and-Play - Unknown - C:\WINDOWS\system32\services.exe
    O23 - Service: ProtexisLicensing - Unknown - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance - Unknown - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Carte à puce - Unknown - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: ScsiAccess - Unknown - d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
    O23 - Service: Service SNMP - Unknown - C:\WINDOWS\System32\snmp.exe
    O23 - Service: Spyware Terminator Realtime Shield Service - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
    O23 - Service: Journaux et alertes de performance - Unknown - C:\WINDOWS\system32\smlogsvc.exe
    O23 - Service: TuneUp Drive Defrag Service - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: TuneUp Program Statistics Service - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
    O23 - Service: Cliché instantané de volume - Unknown - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: BitDefender Virus Shield - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
    O23 - Service: wampapache - Apache Software Foundation - d:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown - d:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
    O23 - Service: Carte de performance WMI - Unknown - C:\WINDOWS\system32\wbem\wmiapsrv.exe
    O23 - Service: Service Partage réseau du Lecteur Windows Media - Unknown - C:\Program Files\Windows Media Player\WMPNetwk.exe
    O23 - Service: X10 Device Network Service - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    
    


    2

    Logfile of HijackThis v1.99.0
    Scan saved at 22:53:52, on 15/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Launch Manager\LaunchAp.exe
    C:\Program Files\Launch Manager\HotkeyApp.exe
    C:\Program Files\Launch Manager\OSD.exe
    C:\Program Files\Launch Manager\Wbutton.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
    C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    C:\WINDOWS\system32\PSIService.exe
    d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\System32\TUProgSt.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\WINDOWS\system32\cidaemon.exe
    D:\divers\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
    O2 - BHO: HunterSite Class - {A83E9D7E-119A-4A2C-94FE-2D4315ED3D40} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: GooglePreviewIE Toolbar Helper - {D476B977-AF6C-481A-8472-2ABAB5E89F20} - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: GooglePreviewIE Toolbar - {AEC32322-9D72-4C55-A108-33875F07BC03} - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
    O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
    O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
    O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe
    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [1&1 EasyLogin] C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O8 - Extra context menu item: Afficher cette page dans Firefox - file://C:\Documents and Settings\bg\Application Data\Mozilla\Firefox\Profiles\27cecemc.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O8 - Extra context menu item: Ouvrir avec GetRight - C:\Program Files\GetRight\GRbrowse.htm
    O8 - Extra context menu item: Ouvrir la cible dans Firefox - file://C:\Documents and Settings\bg\Application Data\Mozilla\Firefox\Profiles\27cecemc.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
    O8 - Extra context menu item: Save Flash to GetFlash - res://D:\Program Files\Superhunter\GetFlash\GetFlash.dll/GetFlash.htm
    O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
    O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - d:\Program Files\Systran\Premium\menuClearCache.html
    O8 - Extra context menu item: SYSTRAN: &Options - d:\Program Files\Systran\Premium\menuConfigure.html
    O8 - Extra context menu item: SYSTRAN: &Traduire - d:\Program Files\Systran\Premium\menuTranslate.html
    O8 - Extra context menu item: SYSTRAN: En&registrement - d:\Program Files\Systran\Premium\menuRegister.html
    O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - d:\Program Files\Systran\Premium\menuUpdate.html
    O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - d:\Program Files\Systran\Premium\menuTranslateAll.html
    O8 - Extra context menu item: Télecharger avec GetRight - C:\Program Files\GetRight\GRdownload.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O9 - Extra 'Tools' menuitem: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslate.html
    O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslate.html
    O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslateAll.html
    O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuTranslateAll.html
    O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuConfigure.html
    O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuConfigure.html
    O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuClearCache.html
    O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuClearCache.html
    O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuRegister.html
    O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuRegister.html
    O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
    O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - d:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
    O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
    O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
    O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
    O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
    O11 - Options group: [!AGetFlash] GetFlash
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: a-squared Free Service - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: BitDefender Scan Server - Unknown - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service d'administration du Gestionnaire de disque logique - Unknown - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Journal des événements - Unknown - C:\WINDOWS\system32\services.exe
    O23 - Service: Fax - Unknown - C:\WINDOWS\system32\fxssvc.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service COM de gravage de CD IMAPI - Unknown - C:\WINDOWS\system32\imapi.exe
    O23 - Service: BitDefender Desktop Update Service - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: RaySat_3dsmax8 Server - Unknown - D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
    O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - C:\WINDOWS\system32\mnmsrvc.exe
    O23 - Service: Motkkdio - Unknown - C:\WINDOWS\system32\autofmt.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NMSAccess - Unknown - D:\Program Files\studioline web\NMSAccess.exe (file missing)
    O23 - Service: Plug-and-Play - Unknown - C:\WINDOWS\system32\services.exe
    O23 - Service: ProtexisLicensing - Unknown - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance - Unknown - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Carte à puce - Unknown - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: ScsiAccess - Unknown - d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
    O23 - Service: Service SNMP - Unknown - C:\WINDOWS\System32\snmp.exe
    O23 - Service: Spyware Terminator Realtime Shield Service - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
    O23 - Service: Journaux et alertes de performance - Unknown - C:\WINDOWS\system32\smlogsvc.exe
    O23 - Service: TuneUp Drive Defrag Service - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: TuneUp Program Statistics Service - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
    O23 - Service: Cliché instantané de volume - Unknown - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: BitDefender Virus Shield - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
    O23 - Service: wampapache - Apache Software Foundation - d:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown - d:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
    O23 - Service: Carte de performance WMI - Unknown - C:\WINDOWS\system32\wbem\wmiapsrv.exe
    O23 - Service: Service Partage réseau du Lecteur Windows Media - Unknown - C:\Program Files\Windows Media Player\WMPNetwk.exe
    O23 - Service: X10 Device Network Service - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    
    


    sos !!!!!
    b g
    0
  11. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    ouf ... 3 jours !
    je vous prépare la solution "ultime" ...
    b g
    0
  12. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    re ... et ouf !!!
    la solution ultime et la plus simple finalement :
    http://www.unesourisetmoi.info/blog/index.php?226-virus-ou-trojan-backdoor-tdss
    la preuve, je reviens ...
    merci à tous
    b g
    0
  13. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    Dernier rapport (j'espère ..):
    Logfile of HijackThis v1.99.0
    Scan saved at 16:30:43, on 19/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Launch Manager\LaunchAp.exe
    C:\Program Files\Launch Manager\HotkeyApp.exe
    C:\Program Files\Launch Manager\OSD.exe
    C:\Program Files\Launch Manager\Wbutton.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    C:\WINDOWS\system32\PSIService.exe
    d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\System32\TUProgSt.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Softwin\BitDefender10\bdmcon.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    D:\divers\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
    O2 - BHO: HunterSite Class - {A83E9D7E-119A-4A2C-94FE-2D4315ED3D40} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: GooglePreviewIE Toolbar Helper - {D476B977-AF6C-481A-8472-2ABAB5E89F20} - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: GooglePreviewIE Toolbar - {AEC32322-9D72-4C55-A108-33875F07BC03} - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
    O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
    O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
    O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe
    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [1&1 EasyLogin] C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O8 - Extra context menu item: Afficher cette page dans Firefox - file://C:\Documents and Settings\bg\Application Data\Mozilla\Firefox\Profiles\27cecemc.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O8 - Extra context menu item: Ouvrir avec GetRight - C:\Program Files\GetRight\GRbrowse.htm
    O8 - Extra context menu item: Ouvrir la cible dans Firefox - file://C:\Documents and Settings\bg\Application Data\Mozilla\Firefox\Profiles\27cecemc.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
    O8 - Extra context menu item: Save Flash to GetFlash - res://D:\Program Files\Superhunter\GetFlash\GetFlash.dll/GetFlash.htm
    O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
    O8 - Extra context menu item: Télecharger avec GetRight - C:\Program Files\GetRight\GRdownload.htm
    O9 - Extra button: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O9 - Extra 'Tools' menuitem: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - d:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll
    O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
    O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
    O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - D:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
    O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
    O11 - Options group: [!AGetFlash] GetFlash
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B048FAF6-E932-4DE4-AEF9-7E9091D207C4}: NameServer = 213.36.80.1
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: a-squared Free Service - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: BitDefender Scan Server - Unknown - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service d'administration du Gestionnaire de disque logique - Unknown - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Journal des événements - Unknown - C:\WINDOWS\system32\services.exe
    O23 - Service: Fax - Unknown - C:\WINDOWS\system32\fxssvc.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service COM de gravage de CD IMAPI - Unknown - C:\WINDOWS\system32\imapi.exe
    O23 - Service: Java Quick Starter - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: BitDefender Desktop Update Service - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: RaySat_3dsmax8 Server - Unknown - D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
    O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - C:\WINDOWS\system32\mnmsrvc.exe
    O23 - Service: Motkkdio - Unknown - C:\WINDOWS\system32\autofmt.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NMSAccess - Unknown - D:\Program Files\studioline web\NMSAccess.exe (file missing)
    O23 - Service: Plug-and-Play - Unknown - C:\WINDOWS\system32\services.exe
    O23 - Service: ProtexisLicensing - Unknown - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance - Unknown - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Carte à puce - Unknown - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: ScsiAccess - Unknown - d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
    O23 - Service: Service SNMP - Unknown - C:\WINDOWS\System32\snmp.exe
    O23 - Service: Spyware Terminator Realtime Shield Service - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
    O23 - Service: Journaux et alertes de performance - Unknown - C:\WINDOWS\system32\smlogsvc.exe
    O23 - Service: TuneUp Drive Defrag Service - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: TuneUp Program Statistics Service - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
    O23 - Service: Cliché instantané de volume - Unknown - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: BitDefender Virus Shield - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
    O23 - Service: wampapache - Apache Software Foundation - d:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown - d:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
    O23 - Service: Carte de performance WMI - Unknown - C:\WINDOWS\system32\wbem\wmiapsrv.exe
    O23 - Service: Service Partage réseau du Lecteur Windows Media - Unknown - C:\Program Files\Windows Media Player\WMPNetwk.exe
    O23 - Service: X10 Device Network Service - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    
    

    @+
    0
  14. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Salut,

    - Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

    - Double-clique sur RSIT.exe afin de lancer le programme.

    - Clique sur Continue à l'écran Disclaimer.

    - Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    - Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
    0
  15. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    log.txt:
    Logfile of random's system information tool 1.05 (written by random/random)
    Run by bg at 2008-12-19 16:42:48
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 20 GB (58%) free of 35 GB
    Total RAM: 511 MB (19% free)
    
    HijackThis download failed
    
    ======Scheduled tasks folder======
    
    C:\WINDOWS\tasks\1-Click Maintenance.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{3AC4AFA8-0829-4309-809A-731BBABF44CD}.job
    
    ======Registry dump======
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll []
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31FF080D-12A3-439A-A2EF-4BA95A3148E8}]
    bho2gr Class - C:\Program Files\GetRight\xx2gr.dll [2005-02-14 233472]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-18 320920]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E}]
    SnapFlash Class - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll [2006-03-16 131072]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A83E9D7E-119A-4A2C-94FE-2D4315ED3D40}]
    HunterSite Class - D:\Program Files\Superhunter\GetFlash\GetFlash.dll [2004-09-03 335872]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-19 2436160]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D476B977-AF6C-481A-8472-2ABAB5E89F20}]
    GooglePreviewIE Toolbar Helper - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll [2008-12-14 806912]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-18 34816]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-18 73728]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-01-19 2436160]
    {AEC32322-9D72-4C55-A108-33875F07BC03} - GooglePreviewIE Toolbar - C:\Program Files\GooglePreviewIE Toolbar\v3.3.0.1\GooglePreviewIE_Toolbar.dll [2008-12-14 806912]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-02-26 65024]
    "LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2004-08-06 32768]
    "HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2004-07-26 49152]
    "CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480]
    "LMgrOSD"=C:\Program Files\Launch Manager\OSD.exe [2004-07-26 204800]
    "Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2004-08-06 73728]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-07-25 110592]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-07-25 618496]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-07-17 339968]
    "PCMService"=C:\Program Files\Home Cinema\PowerCinema\PCMService.exe [2004-09-08 81920]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-18 136600]
    "CloneCDTray"=D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2004-12-09 57344]
    "BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2007-09-21 290816]
    "BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-09-21 69632]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "1&1 EasyLogin"=C:\Program Files\1&1\1&1 Connexion directe\EasyLogin.exe [2008-01-24 1545216]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="sockspy.dll"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=
    :\WINDOWS\syste
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=91000000
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "D:\Program Files\BearShare\BearShare.exe"="D:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare"
    "D:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe"="D:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe:*:Enabled:AceFTP v3"
    "C:\Program Files\Media Player Classic\mplayerc.exe"="C:\Program Files\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
    "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "D:\Program Files\Autodesk\3dsMax8\3dsmax.exe"="D:\Program Files\Autodesk\3dsMax8\3dsmax.exe:*:Disabled:Autodesk 3ds Max 8"
    "D:\Program Files\Macromedia\Flash MX\Flash.exe"="D:\Program Files\Macromedia\Flash MX\Flash.exe:*:Disabled:Flash 6.0 r25"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour"
    "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
    "D:\wamp\bin\apache\apache2.2.8\bin\httpd.exe"="D:\wamp\bin\apache\apache2.2.8\bin\httpd.exe:*:Enabled:Apache HTTP Server"
    "C:\Program Files\Radio Fr Solo\Radio_Fr_Solo.exe"="C:\Program Files\Radio Fr Solo\Radio_Fr_Solo.exe:*:Enabled:Radio Fr Solo"
    "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
    shell\AutoRun\command - F:\LaunchU3.exe
    
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{448febe0-bdae-11da-b7d1-000e354d8506}]
    shell\AutoRun\command - E:\LaunchU3.exe
    
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99e362f0-18b6-11dc-b88b-000e354d8506}]
    shell\AutoRun\command - F:\WinStressCopie.exe
    
    
    ======File associations======
    
    .js - edit - 
    .js - open - 
    
    ======List of files/folders created in the last 1 months======
    
    2008-12-19 16:42:54 ----D---- C:\Program Files\trend micro
    2008-12-19 16:42:48 ----D---- C:\rsit
    2008-12-18 18:20:47 ----A---- C:\WINDOWS\system32\deploytk.dll
    2008-12-18 18:20:42 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-12-18 18:20:37 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-12-18 18:20:30 ----A---- C:\WINDOWS\system32\java.exe
    2008-12-16 17:34:32 ----SHD---- C:\$RECYCLE.BIN
    2008-12-15 20:28:57 ----A---- C:\FindyKill.txt
    2008-12-15 12:44:10 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-12-15 12:00:31 ----D---- C:\WINDOWS\Temp
    2008-12-15 08:07:49 ----D---- C:\Program Files\WinClamAVShield
    2008-12-14 22:33:39 ----D---- C:\Documents and Settings\bg\Application Data\Spyware Terminator
    2008-12-14 22:33:31 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
    2008-12-14 22:33:24 ----D---- C:\Program Files\Spyware Terminator
    2008-12-14 18:14:28 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-12-14 15:17:13 ----A---- C:\WINDOWS\GooglePreviewIE_Toolbar_Uninstaller_5040.exe
    2008-12-13 11:58:32 ----A---- C:\WINDOWS\system32\WowCtl.dll
    2008-12-13 11:58:31 ----A---- C:\WINDOWS\system32\dXTList.dll
    2008-12-13 11:58:31 ----A---- C:\WINDOWS\system32\dXPSystm.dll
    2008-12-11 19:49:06 ----D---- C:\Program Files\uTorrent
    2008-12-11 19:48:56 ----D---- C:\Documents and Settings\bg\Application Data\uTorrent
    2008-12-03 17:54:50 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
    2008-12-02 11:23:11 ----A---- C:\WINDOWS\system32\TUProgSt.exe
    2008-12-02 11:23:09 ----A---- C:\WINDOWS\system32\uxtuneup.dll
    2008-12-02 11:23:08 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
    2008-12-02 11:23:01 ----D---- C:\Documents and Settings\bg\Application Data\TuneUp Software
    2008-12-02 11:20:59 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
    2008-12-02 11:20:22 ----D---- C:\Program Files\TuneUp Utilities 2009
    2008-12-02 11:19:13 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
    2008-11-25 17:01:36 ----D---- C:\Documents and Settings\All Users\Application Data\WhereIsIt
    2008-11-25 11:47:37 ----D---- C:\Documents and Settings\bg\Application Data\CD Bank
    2008-11-23 11:12:50 ----A---- C:\WINDOWS\system32\zlib.dll
    2008-11-23 11:12:50 ----A---- C:\WINDOWS\system32\vbpng.dll
    2008-11-23 11:12:50 ----A---- C:\WINDOWS\system32\unzip.dll
    2008-11-23 11:12:50 ----A---- C:\WINDOWS\system32\unrar.dll
    2008-11-23 11:12:50 ----A---- C:\WINDOWS\system32\PaintX.dll
    
    ======List of files/folders modified in the last 1 months======
    
    2008-12-19 16:42:54 ----D---- C:\Program Files
    2008-12-19 12:19:42 ----D---- C:\WINDOWS\Prefetch
    2008-12-19 10:27:29 ----D---- C:\WINDOWS\system32
    2008-12-19 10:07:51 ----A---- C:\WINDOWS\win.ini
    2008-12-19 10:06:53 ----A---- C:\WINDOWS\ModemLog_Intel(R) 537EA Modem.txt
    2008-12-19 08:40:48 ----D---- C:\Program Files\Mozilla Firefox
    2008-12-19 02:19:21 ----D---- C:\WINDOWS
    2008-12-19 02:02:13 ----SHD---- C:\WINDOWS\Installer
    2008-12-19 02:02:13 ----D---- C:\Config.Msi
    2008-12-19 01:58:49 ----D---- C:\Program Files\Fichiers communs
    2008-12-19 01:56:32 ----D---- C:\Program Files\Softwin
    2008-12-19 01:55:26 ----D---- C:\Program Files\Nero
    2008-12-19 01:45:11 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2008-12-18 20:29:16 ----SHD---- C:\System Volume Information
    2008-12-18 20:29:16 ----D---- C:\WINDOWS\system32\Restore
    2008-12-18 19:03:40 ----D---- C:\Program Files\a-squared Free
    2008-12-18 18:09:34 ----D---- C:\Program Files\Java
    2008-12-18 17:56:58 ----A---- C:\WINDOWS\ModemLog_Modem 56000 bps Standard.txt
    2008-12-18 17:45:06 ----D---- C:\WINDOWS\system32\drivers
    2008-12-16 12:06:21 ----HD---- C:\WINDOWS\inf
    2008-12-16 12:05:38 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-12-15 12:39:20 ----D---- C:\WINDOWS\system32\LogFiles
    2008-12-14 19:24:00 ----D---- C:\WINDOWS\system32\config
    2008-12-14 18:41:22 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2008-12-14 18:41:22 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2008-12-14 18:41:07 ----HDC---- C:\WINDOWS\$NtUninstallWMCSetup$
    2008-12-14 18:41:07 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
    2008-12-14 18:41:06 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
    2008-12-14 18:27:01 ----D---- C:\WINDOWS\Debug
    2008-12-14 18:11:31 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-12-14 17:35:10 ----D---- C:\Program Files\RamBoost XP
    2008-12-14 16:57:25 ----SD---- C:\Documents and Settings\bg\Application Data\Microsoft
    2008-12-14 16:57:21 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-12-14 16:56:14 ----D---- C:\WINDOWS\system32\FxsTmp
    2008-12-14 11:48:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-12-14 11:48:48 ----D---- C:\Program Files\Internet Explorer
    2008-12-14 11:48:10 ----D---- C:\WINDOWS\ie7updates
    2008-12-14 11:47:12 ----HD---- C:\WINDOWS\$hf_mig$
    2008-12-14 11:32:39 ----RSD---- C:\WINDOWS\assembly
    2008-12-14 11:30:41 ----D---- C:\WINDOWS\WinSxS
    2008-12-14 11:26:14 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-12-14 10:00:50 ----D---- C:\Documents and Settings\bg\Application Data\Google
    2008-12-09 15:24:38 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-12-06 16:56:00 ----D---- C:\EasyPHP1-8
    2008-12-03 20:52:17 ----D---- C:\Documents and Settings\bg\Application Data\Adobe
    2008-12-03 20:52:17 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-12-03 18:42:50 ----D---- C:\WINDOWS\Registration
    2008-12-03 17:54:55 ----D---- C:\WINDOWS\Help
    2008-12-02 11:23:04 ----SD---- C:\WINDOWS\Tasks
    2008-11-22 17:41:14 ----D---- C:\Documents and Settings\bg\Application Data\U3
    
    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []
    R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
    R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
    R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
    R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2005-11-21 16512]
    R2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
    R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-07-21 9856]
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
    R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
    R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-05 63232]
    R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-05 55936]
    R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-02-26 611820]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-07-17 768512]
    R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2004-05-26 44928]
    R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
    R3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 IntelC51;IntelC51; C:\WINDOWS\system32\DRIVERS\IntelC51.sys [2004-01-20 1086853]
    R3 IntelC52;IntelC52; C:\WINDOWS\system32\DRIVERS\IntelC52.sys [2004-01-20 619369]
    R3 IntelC53;IntelC53; C:\WINDOWS\system32\DRIVERS\IntelC53.sys [2004-01-20 77925]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 mohfilt;mohfilt; C:\WINDOWS\system32\DRIVERS\mohfilt.sys [2004-01-20 31440]
    R3 NSCIRDA;Pilote de périphérique infrarouge NSC; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2003-07-25 270544]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-05-26 67584]
    R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 w22n51;Pilote Intel(R) PRO/Wireless 2200 Adapter; C:\WINDOWS\system32\DRIVERS\w22n51.sys [2004-01-02 1646720]
    R3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792]
    S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
    S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
    S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
    S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
    S2 FILESpy;FILESpy; \??\C:\Program Files\Softwin\BitDefender9\filespy.sys []
    S2 REGSpy;REGSpy; \??\C:\Program Files\Softwin\BitDefender9\regspy.sys []
    S3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2004-09-03 698368]
    S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2004-08-31 26240]
    S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
    S3 MPCSYS;MPCSYS; \??\C:\WINDOWS\system32\DRIVERS\mpcsys.sys []
    S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
    S3 Profos;Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys []
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 Trufos;Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 uxddrv;Dynamically loaded UxdDrv; \??\C:\Documents and Settings\All Users\Bureau\WinStress\uxddrv.sys []
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S3 X10UIF;%DESCRIPTION%; C:\WINDOWS\System32\Drivers\x10uif.sys [2001-11-14 10761]
    S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
    
    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2008-12-18 419448]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-07-17 389120]
    R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2007-07-13 72704]
    R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2007-09-21 81920]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-18 152984]
    R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-08-15 278528]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
    R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
    R2 ScsiAccess;ScsiAccess; d:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2006-01-04 181312]
    R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456]
    R2 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
    R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-12-14 539136]
    R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2007-11-03 462848]
    R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-01-13 86016]
    R3 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
    S2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
    S2 mi-raysat_3dsmax8;RaySat_3dsmax8 Server; D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe [2005-09-21 65536]
    S2 NMSAccess;NMSAccess; D:\Program Files\studioline web\NMSAccess.exe []
    S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2008-12-02 603904]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-01-04 68096]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-08-07 654848]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-27 138168]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 LPDSVC;Serveur d'impression TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456]
    S3 Motkkdio;Motkkdio; C:\WINDOWS\system32\autofmt.exe [2008-04-14 616960]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 p2pgasvc;Authentification de groupe réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S3 p2pimsvc;Gestionnaire d'identité réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S3 p2psvc;Réseau homologue; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S3 PNRPSvc;Protocole de résolution de noms d'homologues; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S3 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
    S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-12-02 362240]
    S3 wampapache;wampapache; d:\wamp\bin\apache\apache2.2.8\bin\httpd.exe [2008-01-18 24635]
    S3 wampmysqld;wampmysqld; d:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe [2008-04-17 5750784]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    
    -----------------EOF-----------------
    


    info.txt:

    info.txt logfile of random's system information tool 1.05 2008-12-19 16:44:12
    
    ======Uninstall list======
    
    -->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}\zidxp.exe"
    -->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}\setup.exe"
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C0DAEA5-826C-4A76-B176-56959B99D3F0}\setup.exe" -l0x40c 
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c 
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    1&1 Connexion directe-->C:\Program Files\1&1\1&1 Connexion directe\Uninstall.exe
    3D Exploration-->"d:\Program Files\3D Exploration\Uninstal.exe"
    3D Photo Browser 7.6-->d:\Program Files\3D Photo Browser\uninst.exe
    3D Screen Creator 0.3.5-->"d:\Program Files\3D Screen Creator\unins000.exe"
    7-Zip 4.42-->"d:\Program Files\7-Zip\Uninstall.exe"
    AAA Logo 1.2-->"d:\Program Files\AAALOGO\unins000.exe"
    AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
    Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
    Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
    Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
    Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
    Adobe Creative Suite-->C:\PROGRA~1\INSTAL~1\{D52EC~1\setup.exe /Relaunched=yes /Uninstall /Relaunched=yes
    Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe Dreamweaver CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\ad19d2ae8332572b119cf35fd0a30d8\Setup.exe
    Adobe Dreamweaver CS3-->MsiExec.exe /I{4BDB76C6-902E-41D5-9064-68768E02886B}
    Adobe ExtendScript Toolkit 2-->C:\Program Files\Fichiers communs\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{77D2A9D3-5800-43E3-B274-87841BC87DB2}
    Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
    Adobe Flash CS3-->MsiExec.exe /I{80FD3971-8482-49C8-BA8C-B6464A15882F}
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Video Encoder-->MsiExec.exe /I{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}
    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
    Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\32e9033392a51340b32fdc6ad893ab7\Setup.exe
    Adobe Premiere Elements 1.0-->msiexec /I {6CCDF4E6-D2AE-4DD8-80FD-F9AFF951AEAE}
    Adobe Reader 8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A80000000002}
    Adobe Setup-->MsiExec.exe /I{82503EA7-7E08-4AA8-90E9-BE4D0A6D453F}
    Adobe Setup-->MsiExec.exe /I{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}
    Adobe Setup-->MsiExec.exe /I{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}
    Adobe Setup-->MsiExec.exe /I{D2E18162-47FB-4216-8AB3-F420C1AF75A4}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE C:\WINDOWS\system32\Macromed\Shockwave 10\Install.log
    Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
    Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
    AirXonix version 1.35-->"d:\Program Files\AirXonix\unins000.exe"
    Alien Skin Xenofex 2.0-->D:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ADOBEP~1\plugins\ALIENS~1\XENOFE~1\UNWISE.EXE D:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ADOBEP~1\plugins\ALIENS~1\XENOFE~1\INSTALL.LOG
    Amapi 3D v4.1-->C:\WINDOWS\IsUn040c.exe -f"D:\Program Files\Amapi 3D\Uninst.isu"
    AmazingMIDI-->D:\PROGRA~1\AMAZIN~1\UNWISE.EXE D:\PROGRA~1\AMAZIN~1\INSTALL.LOG
    AM-DeadLink 2.8-->"C:\Program Files\AM-DeadLink\unins000.exe"
    Annuaire Web Maker 1.0-->"d:\Program Files\AnnuWeb\unins000.exe"
    Anvil Studio-->C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\Anvil Studio\ST5UNST.LOG"  
    Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe
    a-squared Free 3.0-->"C:\Program Files\a-squared Free\unins000.exe"
    ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" 
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
    Audacity 1.2.3-->"d:\Program Files\Audacity\unins000.exe"
    Autodesk 3ds Max 8-->MsiExec.exe /I{DBB313D6-4B13-4961-BD5F-673CDA1793CC}
    AVIcodec (remove only)-->"d:\Program Files\AVIcodec\uninst.exe"
    AviSynth 2.5-->"d:\Program Files\AviSynth 2.5\Uninstall.exe"
    Axialis IconWorkshop 6.0-->d:\Program Files\Axialis\IconWorkshop\UnInstall.exe "IconWorkshop" "IconWorkshop.exe"
    BitDefender Antivirus Plus v10-->MsiExec.exe /I{10FFFFFD-E5EA-4AA7-902F-2B057ACF7C8A}
    Blagues-->C:\Program Files\Blagues\uninstall.exe
    Briberry 1.2-->"d:\Program Files\Astase\Briberry\unins000.exe"
    Broadcom 440x 10/100 Integrated Controller-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{52504CE6-E909-4113-B232-4AFEC6543A61} /l1036 
    Bryce(R) 5-->C:\WINDOWS\IsUninst.exe -f"d:\Program Files\Corel\Bryce 5\Uninst.isu"
    CANAL Numedia Avatar Studio-->C:\WINDOWS\IsUn040c.exe -f"d:\Program Files\CANAL Numedia\Avatar Studio\DelCPLUS.isu"
    Capturino V1.3-->d:\Program Files\Capturino V1.3\Uninstal.exe
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    CDCheck (remove only)-->"d:\Program Files\CDCheck\uninst.exe"
    CDex FR - extraction audio-->"d:\Program Files\CDex\uninstall.exe"
    CD'n'Go! Suite 2.00-->"d:\Program Files\CD'n'Go! Suite\unins000.exe"
    ChaosPro 3.2-->D:\PROGRA~1\CHAOSP~1.2\UNWISE.EXE D:\PROGRA~1\CHAOSP~1.2\INSTALL.LOG
    Citations-->c:\Citations\Uninstal.exe
    Cleanerzoomer 1.01 Free Edition-->"d:\Program Files\Cleanerzoomer\Uninstall.exe" "d:\Program Files\Cleanerzoomer\install.log"
    CloneCD-->"D:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="D:\Program Files\SlySoft\CloneCD"
    Codecs X264 (c) Ripp-it Te@m-->C:\Program Files\Codecs X264\Uninstal.exe
    Compacteur HTML-->d:\Program Files\Compacteur HTML\Uninstall.exe
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
    Compel Adaptec WinASPI-->"d:\Program Files\WinASPI\unins000.exe"
    CoreAAC Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreAAC-uninstall.exe"
    CoreVorbis Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreVorbis-uninstall.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    DAZ|Studio 1.3.0.1-->C:\WINDOWS\unvise32.exe d:\Program Files\DAZ\Studio\DAZ Studio Uninstall.log
    Debris Visual Art-->"d:\Program Files\Debris Visual Art\debris-uninst.exe"
    Dico-->C:\WINDOWS\st6unst.exe -n "D:\Program Files\DICO\ST6UNST.LOG"  
    Direct Show Ogg Vorbis Filter (remove only)-->"C:\WINDOWS\system32\OggDSuninst.exe"
    DivX 5.0.2 Bundle-->C:\WINDOWS\unvise32.exe C:\Program Files\DivX\uninstal.log
    DivX Codec 3.1alpha release-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\WINDOWS\INF\DivX.inf
    DivX Player-->C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Player\uninstal.log
    DVD Decrypter 3.5.4.0 Fr-->d:\Program Files\DVD Decrypter\UnInstall_DVDdecrypt.exe
    DVD Ripper Platinum 4-->d:\Program Files\Xilisoft\DVD Ripper Platinum 4\Uninstall.exe
    DVD Shrink 3.2-->"D:\Program Files\DVD Shrink\unins000.exe"
    DVDFab Decrypter 3.0.3.5-->"d:\Program Files\DVDFab Decrypter 3\unins000.exe"
    DxPlante 3.0-->C:\WINDOWS\unin040c.exe -f"d:\Program Files\DxSoft\DxPlante 3.0\DeIsL1.isu"  -c"d:\Program Files\DxSoft\DxPlante 3.0\_ISREG32.DLL"
    e-anim603-->d:\Program Files\e-anim603\uninstall.exe
    EasyDivX v0.820 Standard-->C:\EasyDivX\uninstall.exe
    EasyPHP 1.8-->C:\EasyPHP1-8\unins000.exe
    Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
    Extensis Mask Pro 2.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Extensis\Mask Pro 2.0\Uninst.isu"
    Eye Candy 4000-->D:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ADOBEP~1\plugins\EYECAN~1\EYECAN~1\UNWISE.EXE D:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ADOBEP~1\plugins\EYECAN~1\EYECAN~1\INSTALL.LOG
    FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe"
    Flash Catcher-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C6B728E-31B1-48B3-99B5-6B6BB85BC896}\setup.exe" 
    FlashMP3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7BCD5D82-FD06-4AB1-98D8-BB557895FC1A}\setup.exe" 
    Font Creator Program 3.0-->"d:\Program Files\High-Logic\Font Creator Program\unins000.exe"
    FrameFun 1.0.4.9-->"d:\Program Files\FrameFun\unins000.exe"
    Free Mp3 Wma Converter V 1.3.0-->"d:\Program Files\Free Audio Pack\unins000.exe"
    Free WMA to MP3 Converter 1.16-->"d:\Program Files\Free WMA to MP3 Converter\unins000.exe"
    FTP Expert 3-->"g:\Program Files\Visicom Media\FTP Expert 3\uninst-ftp.exe"
    Galerie photo xhtml-->MsiExec.exe /I{09C393BF-FD7A-4B0B-8A43-CAC585ABB22D}
    Générateur de Mot de Passe version 2.0-->"d:\Program Files\GenerateurMotPasse20\unins000.exe"
    GetFlash-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0AECFC8C-1721-4F74-9C60-6A726067D028}\Setup.exe" 
    GetRight-->C:\Program Files\GetRight\GETRIGHT.EXE /UNINSTALL
    Google Earth-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c  -removeonly
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
    GooglePreviewIE Toolbar-->"C:\WINDOWS\GooglePreviewIE_Toolbar_Uninstaller_5040.exe"  _?=C:\Program Files\GooglePreviewIE Toolbar
    GX::Transcoder.net AWE-->"d:\Program Files\GXTranscoder.net AWE\unins000.exe"
    Harry's Filters-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\HRRYFIL2.INF, DefaultUninstall.ntx86
    Hello Engines! Standard 4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51974F4F-7A40-48AE-99B8-243F34F17884}\setup.exe" -l0x40c  -removeonly
    HijackThis 1.99.1-->D:\sauvegarde\logs\HijackThis.exe /uninstall
    HyperSnap-DX-->C:\WINDOWS\UnHSDX.bat
    Images Webscan 2.2b-->D:\Program Files\Images Webscan\uninst.exe
    Incomedia WebSite X5 Evolution-->C:\WINDOWS\system32\iwpsetup.exe Uninst /Evolution /FR /d:\Program Files\WebSite X5 Evolution
    Indispensables RV9/RV10 pour Ri4m-->C:\Program Files\Ripp-it_AM\Uninstal.exe
    Intel(R) 537EA Modem-->rundll32 IntelCci.dll,iSMUninstallation "Intel(R) 537EA Modem"
    IrfanView (remove only)-->D:\Program Files\IrfanView\iv_uninstall.exe
    IsoBuster 1.4-->"d:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
    Izimailing v 3.00.18-->d:\Program Files\Izimailing v3\Uninstal.exe
    J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
    J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Kai's Power Goo OEM-->C:\WINDOWS\uninst.exe -f"d:\Kai's Power Goo OEM\DeIsL1.isu"
    KC Softwares AudioGrail-->"d:\Program Files\KC Softwares\AudioGrail\unins000.exe"
    KC Softwares VideoInspector-->"d:\Program Files\KC Softwares\VideoInspector\unins000.exe"
    Kit Runtime VB6.0-->C:\WINDOWS\st6unst.exe -n "C:\WINDOWS\system32\ST6UNST.LOG"  
    KPT 6-->C:\WINDOWS\IsUninst.exe -f"d:\program files\adobe\adobe photoshop cs\modules externes\adobe photoshop only\plugins\kpt6\KPT6\KPT6Unin.isu"
    KPT(R) effects(TM)-->C:\WINDOWS\IsUninst.exe -f"d:\program files\adobe\adobe photoshop cs\modules externes\adobe photoshop only\plugins\kpt7\KPT effects\KPTUnins.isu"
    Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
    Launch Manager V1.1.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\Setup.exe" -l0x40c  -uninst 
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Link200 v3.2-->"d:\Program Files\Veign\Link200\unins000.exe"
    Macromedia Extension Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x40c mmUninstall
    Macromedia Flash MX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}\Setup.exe" -l0x40c UNINSTALL
    Matroska Pack (remove only)-->C:\Program Files\Matroska Pack\Uninstall.exe
    Medi@Show-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Home Cinema\MediaShow\Uninst.isu"
    Media Lab SiteGrinder 2 (Basic & Pro)-->c:\Program Files\Adobe\Adobe Photoshop CS\Modules externes\Media Lab SiteGrinder 2\Uninstall SiteGrinder 2.exe
    MediaCoder 0.6.0-->D:\Program Files\MediaCoder\uninst.exe
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft Calculatrice Plus-->MsiExec.exe /I{13922F10-BD74-4912-AB11-E34B35062700}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Office XP Media Content-->MsiExec.exe /I{9030040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
    Microsoft PowerPoint Viewer 97-->C:\Program Files\PowerPoint Viewer\setup\install.exe
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    ModelMagic3D-->C:\WINDOWS\uninst.exe -f"d:\Program Files\ImageWare Development\ModelMagic3D\DeIsL1.isu"  -c"d:\Program Files\ImageWare Development\ModelMagic3D\_ISREG32.DLL"
    Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    MojoWorld2SE-->"d:\Program Files\Pandromeda\MojoWorld2SE\unins000.exe"
    morillon01-->"C:\WINDOWS\uninstall morillon01.exe"
    Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MP3 CD Maker-->"d:\Program Files\MP3CD\unins000.exe"
    MP3Producer-->C:\WINDOWS\MP3Producer Uninstaller.exe
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    N1busMetaEditor-->D:\Program Files\N1busMetaEditor\uninstall.exe
    Nero 9-->C:\Program Files\Fichiers communs\Nero\Nero ProductInstaller 4\SetupX.exe  REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    OSS Audio Extractor 5.6.0.4-->"d:\Program Files\OSS\AudioExtractor\unins000.exe"
    P3dO Explorer (remove only)-->"d:\Program Files\P3dO Explorer\UninstallP3dO.exe"
    Pack PSP - Ri4m - v1.0-->C:\Program Files\Pack PSP - Ri4m\Uninstal.exe
    Painter Classic-->C:\WINDOWS\IsUn040c.exe -f"d:\Program Files\Painter Classic\DeIsL1.isu"
    PC Inspector smart recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9A87D86-FDFD-418B-BF96-EF09320973B3}\Setup.exe" -l0x40c 
    PC Wizard 2006.1.71-->"d:\Program Files\PC Wizard 2006\unins000.exe"
    PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
    PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
    Photo Story 3 for Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
    Photodex Presenter-->C:\Program Files\Photodex Presenter\uninst.exe
    Poser 6-->C:\WINDOWS\unvise32.exe d:\Program Files\Curious Labs\Poser 6\uninstal.log
    PowerCinema 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe"  -uninstall
    PowerDirector-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe"  -uninstall
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe"  -uninstall
    PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe"  -uninstall
    PrintFolder-->"d:\Program Files\PrintFolder\unins000.exe"
    ProShow Gold-->d:\Program Files\Photodex\ProShowGold\proshow.exe . -u
    PSPad editor-->"d:\Program Files\PSPad editor\Uninst\unins000.exe"
    Questions-Réponses 1.55-->d:\Program Files\Atlence\Questions-Réponses 1.55\unins000.exe
    QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083} /l1036 
    Radio Fr Solo 2.1-->C:\Program Files\Radio Fr Solo\Uninstall.exe
    RamBoost XP 4.0.6-->"C:\Program Files\RamBoost XP\unins000.exe"
    Ranking Toolbox 4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2388C625-9532-467F-ADEA-B92E027B85E3}\setup.exe" -l0x40c  -removeonly
    Real Alternative 1.36-->"C:\Program Files\Real Alternative\unins000.exe"
    Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
    Revo Uninstaller 1.30-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
    Ri4m v4.1.1b-->C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
    RIAM Video Enhancer-->C:\Program Files\RIAM Video Enhancer\Uninstal.exe
    Ripp-It Codec Pack v 4.0.1-->C:\Program Files\Ripp-It Codec Pack\uninst.exe
    Riva FLV Encoder 2.0-->"d:\Program Files\Riva\Riva FLV Encoder 2.0\unins000.exe"
    ROR Feed Generator-->MsiExec.exe /I{3ADE7385-A897-4F5F-A8CD-C750E244FEBD}
    ROR Sitemap Generator 1.0-->MsiExec.exe /I{3E039E39-438E-42B4-9C05-9B3120CD8672}
    RssReader-->MsiExec.exe /I{D88857C8-B36B-42CE-AC26-9FFFEEDB181A}
    Runtime VB 5.0 fr-->C:\WINDOWS\ST5UNST.EXE -n "C:\WINDOWS\system32\ST5UNST.LOG"  
    SaverWiz-->D:\PROGRA~1\SaverWiz\UNWISE.EXE D:\PROGRA~1\SaverWiz\INSTALL.LOG
    Screensaver Factory 4 Enterprise-->"d:\Program Files\Screensaver Factory 4 Enterprise\unins000.exe"
    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
    Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
    Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
    Security Update for Outlook 2007 (KB946983)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
    Simple Sudoku 4.1-->"D:\Program Files\Simple Sudoku\unins000.exe"
    Site Map Builder.NET-->MsiExec.exe /I{61C2CE21-9172-4678-BE6F-5DDD0FBF8D4E}
    SkyFox Promotion-->C:\WINDOWS\uninst.exe -f"d:\Program Files\DZH\SkyFox Promotion\DeIsL1.isu"  -c"d:\Program Files\DZH\SkyFox Promotion\_ISREG32.DLL"
    Sqirlz Water Reflections-->C:\WINDOWS\Sqirlz Water Reflections Uninstaller.exe
    SuDokuFree-->"D:\Program Files\Sudoku\unins000.exe"
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    tangram-->C:\WINDOWS\uninst.exe -f"d:\Program Files\MOSoft\tangram\DeIsL1.isu"  -c"d:\Program Files\MOSoft\tangram\_ISREG32.DLL"
    Terragen 2 Technology Preview-->MsiExec.exe /I{B9C7402D-C744-4630-845D-D42DFEE59EBF}
    Tests de QI et Mémoire-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A164036A-722E-41CB-A1C1-3C3825A575D6}\Setup.exe" -l0x40c 
    Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C9D90376-50C8-4907-AFA2-CA77364A8D51} 
    Texture Processor v1.3-->"d:\Program Files\Texture Processor\unins000.exe"
    ThumbsPlus version 7.0sp1-->D:\PROGRA~1\Thumbs7\UNWISE.EXE D:\PROGRA~1\Thumbs7\INSTALL.LOG
    Topaz DeJPEG (freeware)-->MsiExec.exe /I{80A35F57-8C90-42A2-AD77-7D39F1FEC1C9}
    Total Validator Tool-->d:\Program Files\TotalValidatorTool\uninstall.exe
    TreeSize 1.74-->"d:\Program Files\JAM Software\TreeSize\unins000.exe"
    TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
    Turbo Lister-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{99CC78D1-2356-497C-84C1-F239884001EC} 
    Ulead COOL 3D 3.0-->C:\WINDOWS\Ulead.dat\c3d3unin\setup.exe
    Ulead GIF Animator 5 Evaluation-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8AF3E926-ED59-11D4-A44B-0000E86D2305}\Setup.exe" 
    Ultra Fractal 3.05-->D:\Program Files\Ultra Fractal 3\Uninst.exe
    Ultra Screen Saver Maker-->"d:\Program Files\Ultra Screen Saver Maker\Uninstall.exe" "d:\Program Files\Ultra Screen Saver Maker\install.log"
    UltraISO V6.52-->"d:\Program Files\UltraISO\unins000.exe"
    Ultralingua 4.4-->"d:\Program Files\Ultralingua\Ultralingua 4\unins000.exe"
    Unlocker 1.7.3-->d:\Program Files\Unlocker\uninst.exe
    Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}
    videon-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{261D0486-9127-4071-BA1D-FE784310752E}\Setup.exe" -l0x40c 
    Votre Economiseur Personnel 1.0-->"d:\Program Files\VSoft\Votre Economiseur Personnel\unins000.exe"
    VP6 VFW Codec-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A23866A0-738B-4091-9924-0B0DE3988A15}\Setup.exe" -l0x9 
    VroomHTML-->"d:\Program Files\VroomHTML\unins000.exe"
    Vue 5 Esprit-->D:\Program Files\e-on software\Vue 5 Esprit\Uninstall.exe
    WampServer 2.0-->"d:\wamp\unins001.exe"
    Web CEO 7.5-->"d:\Program Files\Web CEO\Uninstall\unins000.exe"
    WebBulle 1.04-->"d:\Program Files\WebBulle\unins000.exe"
    webGobbler 1.2.6 for Windows-->"d:\Program Files\webGobbler\unins000.exe"
    WhereIsIt? 3.94-->"D:\Program Files\WhereIsIt\unins000.exe"
    WinAce Archiver 2.0-->d:\Program Files\WinAce\SXUNINST.EXE d:\Program Files\WinAce\SXUNINST.INI
    WinAVI Video Converter-->"c:\Program Files\WinAVI Video Converter\unins000.exe"
    WinChess-->C:\WINDOWS\IsUninst.exe -f"d:\Program Files\Home\WinChess 1.0\Uninst.isu"
    Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Support Tools-->MsiExec.exe /I{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}
    WinHTTrack Website Copier 3.33-->"d:\Program Files\WinHTTrack\unins000.exe"
    WinMorph v2.01-->"d:\Program Files\WinMorph\unins000.exe"
    WinZip-->"d:\Program Files\WinZip\WINZIP32.EXE" /uninstall
    WJChess 1.0-->D:\PROGRA~1\JeffProd\WJChess\UNWISE.EXE D:\PROGRA~1\JeffProd\WJChess\INSTALL.LOG
    Wood Workshop-->MsiExec.exe /X{7AACE39E-A19F-468A-B130-6DBA27203075}
    X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
    x264 H.264/AVC CODEC-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_x264 132 C:\WINDOWS\INF\x264vfw.inf
    X'nStop 2.2-->"C:\Program Files\X'nStop 2.2\unins000.exe"
    XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"
    Yooda Map-->MsiExec.exe /I{633A27AE-C1C4-48E7-85D4-3C34994B5331}
    Yooda Match Density-->MsiExec.exe /I{4BF5A325-DEB6-4F24-BF52-E4BF76329E56}
    Zipcat Pro-->MsiExec.exe /I{8E8322AD-BA19-42F8-95D8-640D1CA1F57B}
    
    ======Hosts File======
    
    127.0.0.1	unesourisetmoi.local.dev
    
    ======Security center information======
    
    AV: Bitdefender Antivirus
    FW: Bitdefender Firewall
    
    System event log
    
    Computer Name: LIFETEC
    Event Code: 20159
    Message: La connexion à alice2 effectuée par l'utilisateur bgri0085@tiscali.fr utilisant le périphérique COM3 a été déconnectée.
    
    Record Number: 15680992
    Source Name: RemoteAccess
    Time Written: 20081129091519.000000+060
    Event Type: Informations
    User: 
    
    Computer Name: LIFETEC
    Event Code: 20158
    Message: L'utilisateur bgri0085@tiscali.fr a établi une connexion à alice2 en utilisant le périphérique COM3.
    
    Record Number: 15680991
    Source Name: RemoteAccess
    Time Written: 20081129085022.000000+060
    Event Type: Informations
    User: 
    
    Computer Name: LIFETEC
    Event Code: 20159
    Message: La connexion à alice2 effectuée par l'utilisateur bgri0085@tiscali.fr utilisant le périphérique COM3 a été déconnectée.
    
    Record Number: 15680990
    Source Name: RemoteAccess
    Time Written: 20081128174735.000000+060
    Event Type: Informations
    User: 
    
    Computer Name: LIFETEC
    Event Code: 20158
    Message: L'utilisateur bgri0085@tiscali.fr a établi une connexion à alice2 en utilisant le périphérique COM3.
    
    Record Number: 15680989
    Source Name: RemoteAccess
    Time Written: 20081128174353.000000+060
    Event Type: Informations
    User: 
    
    Computer Name: LIFETEC
    Event Code: 7036
    Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.
    
    Record Number: 15680988
    Source Name: Service Control Manager
    Time Written: 20081128172648.000000+060
    Event Type: Informations
    User: 
    
    Application event log
    
    Computer Name: LIFETEC
    Event Code: 1004
    Message: Échec de détection du produit '{9028040C-6000-11D3-8CFE-0050048383C9}', fonctionnalité 'ProductFiles', composant '{9DD907C3-2BB1-11D2-A185-00A0C90AB50F}. La ressource 'C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO7FTP.EXE' n'existe pas
    
    Record Number: 3853
    Source Name: MsiInstaller
    Time Written: 20081008154706.000000+120
    Event Type: Avertissement
    User: LIFETEC\bg
    
    Computer Name: LIFETEC
    Event Code: 1004
    Message: Échec de détection du produit '{9028040C-6000-11D3-8CFE-0050048383C9}', fonctionnalité 'ProductFiles', composant '{9DD907C3-2BB1-11D2-A185-00A0C90AB50F}. La ressource 'C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO7FTP.EXE' n'existe pas
    
    Record Number: 3852
    Source Name: MsiInstaller
    Time Written: 20081008154706.000000+120
    Event Type: Avertissement
    User: LIFETEC\bg
    
    Computer Name: LIFETEC
    Event Code: 1004
    Message: Échec de détection du produit '{9028040C-6000-11D3-8CFE-0050048383C9}', fonctionnalité 'ProductFiles', composant '{9DD907C3-2BB1-11D2-A185-00A0C90AB50F}. La ressource 'C:\Program Files\Fichiers communs\Microsoft Shared\Office10\MSO7FTP.EXE' n'existe pas
    
    Record Number: 3851
    Source Name: MsiInstaller
    Time Written: 20081008154706.000000+120
    Event Type: Avertissement
    User: LIFETEC\bg
    
    Computer Name: LIFETEC
    Event Code: 11729
    Message: Produit : Microsoft Office XP Professional avec FrontPage -- La configuration a échoué.
    
    Record Number: 3850
    Source Name: MsiInstaller
    Time Written: 20081008152242.000000+120
    Event Type: Informations
    User: LIFETEC\bg
    
    Computer Name: LIFETEC
    Event Code: 1001
    Message: Échec de détection du produit '{9028040C-6000-11D3-8CFE-0050048383C9}', fonctionnalité 'SpellingAndGrammarFiles_1033' lors de la demande du composant '{CC29EB3F-7BC2-11D1-A921-00A0C91E2AA2}'
    
    Record Number: 3849
    Source Name: MsiInstaller
    Time Written: 20081008152241.000000+120
    Event Type: Avertissement
    User: LIFETEC\bg
    
    ======Environment variables======
    
    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Support Tools\;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\Autodesk Shared\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 6, GenuineIntel
    "PROCESSOR_REVISION"=0d06
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
    
    -----------------EOF-----------------
    


    0
  16. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Ok.

    ---> Télécharge Lop S&D sur ton Bureau.
    ---> Double-clique dessus pour lancer l'installation.
    ---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
    ---> Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
    ---> Patiente jusqu'à la fin du scan.
    ---> Poste le rapport généré (C:\lopR.txt).
    0
  17. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    c'est en route ... mais tu me fais faire quoi là ... c'est trop balaise pour moi !
    b g
    0
  18. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Le RSIT, c'était pour avoir une vue d'ensemble on va dire.
    0
    1. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
       
      ben voilà ... et là je crise !!!
      trois rapports le premier te le dernier m'affichent une section " --------------------\\ ROOTKIT !!" qui m'inquiète ...
      le voilà :
         --------------------\\  Lop S&D 4.2.4-9c   XP/Vista
      
         Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
         X86-based PC ( Uniprocessor Free :         Intel(R) Pentium(R) M processor 1.70GHz )
         BIOS : PhoenixBIOS 4.0 Release 6.0     
         USER : bg ( Administrator )
         BOOT : Normal boot
         Antivirus : Bitdefender Antivirus 8.0 (Activated)
         Firewall  : Bitdefender Firewall 8.0 (Activated)
         C:\ (Local Disk) - NTFS - Total:34 Go (Free:19 Go)
         D:\ (Local Disk) - NTFS - Total:40 Go (Free:24 Go)
         E:\ (CD or DVD)
      
         "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
         Option : [1] ( 19/12/2008|21:46 )
       
         --------------------\\  Listing des dossiers dans APPLIC~1
      
         [30/01/2008|18:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
         [18/09/2007|10:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
         [17/09/2007|19:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Visicom Media
      
         [02/12/2008|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
         [03/12/2008|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
         [18/02/2006|12:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
         [13/07/2007|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
         [21/09/2007|08:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
         [08/09/2008|09:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
         [05/01/2006|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
         [06/05/2006|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\db net solutions
         [04/01/2006|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
         [07/08/2007|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
         [04/11/2006|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
         [18/09/2007|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
         [14/12/2008|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
         [04/01/2006|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
         [12/10/2008|09:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
         [14/12/2008|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
         [05/01/2006|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
         [12/10/2008|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
         [14/12/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
         [19/12/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
         [02/12/2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
         [25/11/2008|17:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhereIsIt
         [05/01/2006|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
      
         [18/03/2008|11:21] C:\DOCUME~1\bg\APPLIC~1\1&1
         [03/12/2008|20:52] C:\DOCUME~1\bg\APPLIC~1\Adobe
         [24/01/2007|15:44] C:\DOCUME~1\bg\APPLIC~1\AdobeAUM
         [16/10/2006|09:50] C:\DOCUME~1\bg\APPLIC~1\AdobeUM
         [05/11/2006|15:29] C:\DOCUME~1\bg\APPLIC~1\Ahead
         [01/07/2006|20:10] C:\DOCUME~1\bg\APPLIC~1\aignes
         [02/02/2006|20:34] C:\DOCUME~1\bg\APPLIC~1\Alien Skin
         [30/04/2006|11:31] C:\DOCUME~1\bg\APPLIC~1\Anvil Studio
         [18/02/2006|12:11] C:\DOCUME~1\bg\APPLIC~1\Apple Computer
         [23/12/2006|19:50] C:\DOCUME~1\bg\APPLIC~1\Artweaver
         [04/09/2007|18:03] C:\DOCUME~1\bg\APPLIC~1\Axialis
         [21/09/2007|05:51] C:\DOCUME~1\bg\APPLIC~1\Bitdefender
         [07/02/2008|22:42] C:\DOCUME~1\bg\APPLIC~1\Blumentals
         [08/09/2008|09:56] C:\DOCUME~1\bg\APPLIC~1\Canon
         [25/11/2008|11:47] C:\DOCUME~1\bg\APPLIC~1\CD Bank
         [14/01/2006|11:50] C:\DOCUME~1\bg\APPLIC~1\CyberLink
         [05/06/2008|13:28] C:\DOCUME~1\bg\APPLIC~1\Debris Visual Art
         [01/02/2006|20:40] C:\DOCUME~1\bg\APPLIC~1\DMCache
         [22/05/2008|17:53] C:\DOCUME~1\bg\APPLIC~1\EBookSys
         [29/08/2007|10:02] C:\DOCUME~1\bg\APPLIC~1\Eclipsit
         [17/09/2008|17:28] C:\DOCUME~1\bg\APPLIC~1\flashpaste
         [14/12/2008|10:00] C:\DOCUME~1\bg\APPLIC~1\Google
         [04/01/2006|18:42] C:\DOCUME~1\bg\APPLIC~1\Help
         [22/02/2006|16:55] C:\DOCUME~1\bg\APPLIC~1\Hyperionics
         [03/01/2006|20:26] C:\DOCUME~1\bg\APPLIC~1\Identities
         [13/10/2008|23:19] C:\DOCUME~1\bg\APPLIC~1\InstallShield
         [15/06/2006|21:52] C:\DOCUME~1\bg\APPLIC~1\Likno
         [05/12/2007|10:35] C:\DOCUME~1\bg\APPLIC~1\Macromedia
         [24/01/2006|20:45] C:\DOCUME~1\bg\APPLIC~1\Media Player Classic
         [12/07/2007|14:43] C:\DOCUME~1\bg\APPLIC~1\MegauploadToolbar
         [23/02/2006|18:02] C:\DOCUME~1\bg\APPLIC~1\Micrografx
         [14/12/2008|16:57] C:\DOCUME~1\bg\APPLIC~1\Microsoft
         [23/01/2006|18:05] C:\DOCUME~1\bg\APPLIC~1\Mootools
         [06/09/2008|11:15] C:\DOCUME~1\bg\APPLIC~1\Mozilla
         [06/10/2008|09:17] C:\DOCUME~1\bg\APPLIC~1\NCH Swift Sound
         [12/10/2008|20:36] C:\DOCUME~1\bg\APPLIC~1\Nero
         [04/01/2006|17:50] C:\DOCUME~1\bg\APPLIC~1\Netscape
         [18/07/2006|19:47] C:\DOCUME~1\bg\APPLIC~1\PSpad
         [14/01/2006|11:10] C:\DOCUME~1\bg\APPLIC~1\Real
         [07/04/2006|20:17] C:\DOCUME~1\bg\APPLIC~1\SignupShield
         [05/12/2007|17:53] C:\DOCUME~1\bg\APPLIC~1\Simple Sudoku
         [19/12/2008|18:02] C:\DOCUME~1\bg\APPLIC~1\Spyware Terminator
         [08/01/2006|00:58] C:\DOCUME~1\bg\APPLIC~1\Sun
         [17/04/2006|09:40] C:\DOCUME~1\bg\APPLIC~1\Talkback
         [04/01/2006|20:08] C:\DOCUME~1\bg\APPLIC~1\ThumbsPlus
         [27/03/2006|17:29] C:\DOCUME~1\bg\APPLIC~1\Thunderbird
         [02/12/2008|11:23] C:\DOCUME~1\bg\APPLIC~1\TuneUp Software
         [22/11/2008|17:41] C:\DOCUME~1\bg\APPLIC~1\U3
         [19/12/2006|17:38] C:\DOCUME~1\bg\APPLIC~1\uk.co.planetside
         [04/01/2006|17:56] C:\DOCUME~1\bg\APPLIC~1\Ultra Fractal 3
         [13/12/2008|20:48] C:\DOCUME~1\bg\APPLIC~1\uTorrent
         [04/01/2006|17:40] C:\DOCUME~1\bg\APPLIC~1\Visicom Media
         [06/08/2007|17:04] C:\DOCUME~1\bg\APPLIC~1\VSRevoGroup
      
         [03/01/2006|20:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
      
         [04/01/2006|21:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
         [18/09/2007|10:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
         [05/01/2006|19:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
      
         [18/09/2007|10:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
         [25/07/2007|18:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\X10 Commander
       
         --------------------\\  Tâches planifiées dans C:\WINDOWS\tasks
      
         [19/12/2008 21:00][--a------] C:\WINDOWS\tasks\1-Click Maintenance.job
         [19/12/2008 21:45][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{3AC4AFA8-0829-4309-809A-731BBABF44CD}.job
         [19/12/2008 17:54][--ah-----] C:\WINDOWS\tasks\SA.DAT
         [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
      
         --------------------\\  Listing des dossiers dans C:\Program Files
      
         [17/11/2006|16:52] C:\Program Files\1&1
         [12/01/2006|13:57] C:\Program Files\AC3Filter
         [18/02/2008|19:54] C:\Program Files\Adobe
         [01/07/2006|19:43] C:\Program Files\AM-DeadLink
         [30/04/2006|11:28] C:\Program Files\Anvil Studio
         [19/12/2008|19:48] C:\Program Files\a-squared Free
         [04/01/2006|10:47] C:\Program Files\ATI Technologies
         [10/01/2006|22:23] C:\Program Files\AviSynth 2.5
         [08/02/2006|17:54] C:\Program Files\Blagues
         [07/08/2007|18:31] C:\Program Files\Bonjour
         [04/01/2006|10:40] C:\Program Files\Broadcom
         [22/05/2008|17:52] C:\Program Files\CC Hyper File
         [21/01/2008|15:31] C:\Program Files\CCleaner
         [12/01/2006|13:58] C:\Program Files\Codecs X264
         [07/01/2006|18:11] C:\Program Files\Common Files
         [05/01/2006|18:52] C:\Program Files\CyberLink
         [11/01/2006|20:13] C:\Program Files\DivX
         [13/01/2006|20:26] C:\Program Files\Extensis
         [05/11/2006|19:42] C:\Program Files\ffdshow
         [19/12/2008|01:58] C:\Program Files\Fichiers communs
         [06/06/2007|09:50] C:\Program Files\FileZilla
         [20/05/2008|07:20] C:\Program Files\GetRight
         [29/01/2007|22:33] C:\Program Files\Google
         [26/06/2008|14:54] C:\Program Files\GooglePreviewIE Toolbar
         [06/01/2006|15:57] C:\Program Files\HighMAT CD Writing Wizard
         [05/01/2006|18:57] C:\Program Files\Home Cinema
         [14/12/2008|11:26] C:\Program Files\InstallShield Installation Information
         [04/01/2006|10:39] C:\Program Files\Intel
         [14/12/2008|11:48] C:\Program Files\Internet Explorer
         [18/12/2008|18:09] C:\Program Files\Java
         [04/01/2006|10:42] C:\Program Files\Launch Manager
         [18/09/2007|10:00] C:\Program Files\Ma‹do Production
         [12/01/2006|13:56] C:\Program Files\Matroska Pack
         [12/01/2006|18:29] C:\Program Files\Media Player Classic
         [04/10/2008|14:45] C:\Program Files\Messenger
         [04/01/2006|18:59] C:\Program Files\Microsoft Calculatrice Plus
         [03/01/2006|20:21] C:\Program Files\microsoft frontpage
         [12/10/2008|09:30] C:\Program Files\Microsoft Office
         [12/10/2008|09:30] C:\Program Files\Microsoft Visual Studio
         [12/10/2008|09:15] C:\Program Files\Microsoft Visual Studio 8
         [12/10/2008|09:31] C:\Program Files\Microsoft Works
         [12/10/2008|09:27] C:\Program Files\Microsoft.NET
         [04/10/2008|13:43] C:\Program Files\Movie Maker
         [19/12/2008|08:40] C:\Program Files\Mozilla Firefox
         [12/10/2008|09:31] C:\Program Files\MSBuild
         [02/01/2007|20:10] C:\Program Files\MSECache
         [03/01/2006|20:15] C:\Program Files\MSN
         [30/01/2008|18:30] C:\Program Files\msn gaming zone
         [16/11/2006|07:54] C:\Program Files\MSXML 4.0
         [06/10/2008|09:22] C:\Program Files\NCH Swift Sound
         [19/12/2008|01:55] C:\Program Files\Nero
         [04/10/2008|13:20] C:\Program Files\NetMeeting
         [07/01/2006|11:47] C:\Program Files\OfficeUpdate11
         [12/01/2006|13:59] C:\Program Files\On2 Technologies
         [03/01/2006|20:16] C:\Program Files\Online Services
         [04/10/2008|13:19] C:\Program Files\Outlook Express
         [10/01/2006|22:19] C:\Program Files\Pack PSP - Ri4m
         [25/09/2007|18:53] C:\Program Files\PDFCreator
         [04/01/2006|17:50] C:\Program Files\Photodex Presenter
         [04/01/2006|20:20] C:\Program Files\PowerPoint Viewer
         [18/07/2006|19:09] C:\Program Files\PSPad editor
         [18/02/2006|12:04] C:\Program Files\QuickTime
         [14/09/2008|14:46] C:\Program Files\Radio Fr Solo
         [14/12/2008|17:35] C:\Program Files\RamBoost XP
         [12/01/2006|18:29] C:\Program Files\Real Alternative
         [10/01/2006|22:18] C:\Program Files\RIAM Video Enhancer
         [10/01/2006|22:19] C:\Program Files\Ripp-It Codec Pack
         [12/01/2006|13:31] C:\Program Files\Ripp-it_AM
         [03/10/2008|07:46] C:\Program Files\SDHelper (Spybot - Search & Destroy)
         [03/01/2006|20:19] C:\Program Files\Services en ligne
         [19/04/2006|16:38] C:\Program Files\SiteMapBuilder.NET
         [19/12/2008|01:56] C:\Program Files\Softwin
         [19/12/2008|19:24] C:\Program Files\Spyware Terminator
         [08/01/2006|17:02] C:\Program Files\Ssce
         [03/01/2006|20:35] C:\Program Files\Support Tools
         [04/01/2006|10:45] C:\Program Files\Synaptics
         [03/10/2008|07:46] C:\Program Files\TeaTimer (Spybot - Search & Destroy)
         [12/10/2008|21:39] C:\Program Files\The GodFather
         [19/12/2008|16:42] C:\Program Files\trend micro
         [02/12/2008|11:22] C:\Program Files\TuneUp Utilities 2009
         [03/01/2006|20:26] C:\Program Files\Uninstall Information
         [11/12/2008|19:49] C:\Program Files\uTorrent
         [18/09/2007|10:01] C:\Program Files\VS Revo Group
         [19/08/2007|15:45] C:\Program Files\WinAVI Video Converter
         [19/12/2008|18:04] C:\Program Files\WinClamAVShield
         [25/07/2007|17:16] C:\Program Files\Windows Media Connect 2
         [04/10/2008|13:19] C:\Program Files\Windows Media Player
         [04/10/2008|13:19] C:\Program Files\Windows NT
         [12/10/2008|19:37] C:\Program Files\Windows Sidebar
         [03/01/2006|20:19] C:\Program Files\WindowsUpdate
         [04/01/2006|10:44] C:\Program Files\X10 Hardware
         [03/01/2006|20:21] C:\Program Files\xerox
         [12/01/2006|19:25] C:\Program Files\X'nStop 2.2
         [12/01/2006|13:55] C:\Program Files\XviD
         [14/03/2008|15:53] C:\Program Files\Yooda
      
         --------------------\\  Listing des dossiers dans C:\Program Files\Fichiers communs
      
         [05/09/2007|07:58] C:\Program Files\Fichiers communs\Adobe
         [04/01/2006|21:47] C:\Program Files\Fichiers communs\Adobe Systems Shared
         [12/10/2008|13:56] C:\Program Files\Fichiers communs\Ahead
         [08/02/2006|14:50] C:\Program Files\Fichiers communs\Atlence
         [13/07/2007|10:08] C:\Program Files\Fichiers communs\Autodesk Shared
         [19/05/2007|16:15] C:\Program Files\Fichiers communs\DAZ
         [04/01/2006|20:22] C:\Program Files\Fichiers communs\Designer
         [04/01/2006|21:23] C:\Program Files\Fichiers communs\InstallShield
         [05/01/2006|19:03] C:\Program Files\Fichiers communs\Java
         [29/10/2007|07:15] C:\Program Files\Fichiers communs\Justdo
         [04/01/2006|22:19] C:\Program Files\Fichiers communs\Macromedia
         [07/08/2007|18:08] C:\Program Files\Fichiers communs\Macrovision Shared
         [19/12/2008|01:45] C:\Program Files\Fichiers communs\Microsoft Shared
         [03/01/2006|20:18] C:\Program Files\Fichiers communs\MSSoap
         [05/01/2006|18:40] C:\Program Files\Fichiers communs\muvee Technologies
         [12/10/2008|20:23] C:\Program Files\Fichiers communs\Nero
         [03/01/2006|21:09] C:\Program Files\Fichiers communs\ODBC
         [21/09/2007|05:47] C:\Program Files\Fichiers communs\Softwin
         [03/01/2006|21:09] C:\Program Files\Fichiers communs\SpeechEngines
         [28/02/2007|16:59] C:\Program Files\Fichiers communs\SWF Studio
         [04/10/2008|13:19] C:\Program Files\Fichiers communs\System
      
         --------------------\\  Process
      
         ( 55 Processes )
      
         ... OK !
      
         --------------------\\  Recherche avec S_Lop
      
         Aucun fichier / dossier Lop trouvé !
       
         --------------------\\  Recherche de Fichiers / Dossiers Lop
      
         Aucun fichier / dossier Lop trouvé ! 
       
         --------------------\\  Verification du Registre
       
         ..... OK !
      
         --------------------\\  Verification du fichier Hosts
      
         Fichier Hosts PROPRE
      
      
         --------------------\\  Recherche de fichiers avec Catchme
       
         catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
         Rootkit scan 2008-12-19 21:55:39
         Windows 5.1.2600 Service Pack 3 NTFS
         scanning hidden processes ...
         scanning hidden files ...
         scan completed successfully
         hidden processes: 0
         hidden files: 0
       
         --------------------\\  Recherche d'autres infections
      
         --------------------\\  ROOTKIT !!
      
         Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
         Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TDSSSERV.SYS]
         Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS]
         Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS]
         Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]
         Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys]
         Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys]
         Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv.sys]
      
         --------------------\\  Cracks & Keygens ..
      
        
         
         [F:6][D:2]-> C:\DOCUME~1\bg\LOCALS~1\Temp
         [F:8][D:0]-> C:\DOCUME~1\bg\Cookies
         [F:238][D:5]-> C:\DOCUME~1\bg\LOCALS~1\TEMPOR~1\content.IE5
         [F:11][D:2]-> C:\$Recycle.Bin
      
         1 - "C:\Lop SD\LopR_1.txt" - 19/12/2008|20:41 - Option : [1]
         2 - "C:\Lop SD\LopR_2.txt" - 19/12/2008|22:14 - Option : [1]
      
         --------------------\\  Fin du rapport a 22:14:25
      

      reste plus à savoir ce qu'il faut faire maintenant
      @+
      b g
      0
  19. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    " --------------------\\ ROOTKIT !!

    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TDSSSERV.SYS]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv.sys]"

    ---> Justement, c'était le but.

    ---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    /!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

    ---> Double-clique sur Combofix.exe
    Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
    Accepte en cliquant sur "Oui"

    ---> Je te conseille vivement d'installer la Console de récupération.

    ---> Mets-le en langue française F
    Tape sur la touche 1 (Yes) pour démarrer le scan.

    /!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

    En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

    Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

    /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

    Note : Le rapport se trouve également là : C:\Combofix.txt

    Tutoriel officiel :
    https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
    0
  20. bg62 Messages postés 23433 Date d'inscription   Statut Modérateur Dernière intervention   2 435
     
    je télécharge ...lentement ...
    Je te conseille vivement d'installer la Console de récupération. 

    c'est combofix qui va me le demander ?
    @+
    b g
    0
  21. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Oui, il va te le demander.
    0
  • 1
  • 2
  • 3
  • 4