Bon ben c'est super

J'ai un tout petit soupçon sur des restes d'infection, tu veux bien qu'on vérifie ?

Télécharge Random's System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.
• Clique sur Continue à l'écran Disclaimer en laissant les valeurs par défaut
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

--> Poste le contenu de log.txt (<<qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les deux rapports sont également sauvegardés dans le dossier: C:\rsit\

A bientôt ;)

Salut,

          -je passe le fichier log:

Logfile of random's system information tool 1.05 (written by random/random)
Run by Gael at 2009-02-13 22:48:45
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 61 GB (75%) free of 81 GB
Total RAM: 2047 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:48:57, on 13/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\JetAudio\JetAudio.exe
C:\WINDOWS\system32\RTLCPL.EXE
C:\WINDOWS\ALCFDRTM.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Gael\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Gael.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.orange.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1219064685734
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1219065161421
O17 - HKLM\System\CCS\Services\Tcpip\..\{B321A7B7-4E20-4746-A7A2-EFE751E13ABE}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E6BE0B8B-7F8C-4AAA-8E37-2F78A78B7ABA}: NameServer = 192.168.1.1
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

--
End of file - 7544 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SW20"=C:\WINDOWS\system32\sw20.exe [2006-02-06 208896]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"WINSOS VERIFY"=C:\Program Files\Winsos\WINSOS.EXE [2008-08-19 2152893]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Program Files\DNA\btdna.exe [2008-12-19 342848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogonStudio]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-04-04 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ORAHSSSessionManager]
C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QUAD Scheduler]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QUAD Windows service]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW24]
C:\WINDOWS\system32\sw24.exe [2006-02-06 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystrayORAHSS]
C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009]
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe [2008-08-26 2019624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^TrayMin200.exe.lnk]
C:\PROGRA~1\Philips\SPC200~1\TRAYMI~1.EXE [2005-07-12 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Gael^Menu Démarrer^Programmes^Démarrage^Outil de notification Live Search.lnk]
C:\DOCUME~1\Gael\APPLIC~1\MICROS~1\LIVESE~1\NOTIFI~1.EXE [2008-12-19 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Gael^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\TransBar\TransBar.exe [2005-06-01 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Gael^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\UberIcon\UBERIC~1.EXE [2006-05-21 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Gael^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\YzShadow\YzShadow.exe [2006-05-21 155648]

C:\Documents and Settings\Gael\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

C:\Documents and Settings\Gael\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDesktop"=0
"NoActiveDesktop"=0
"HideClock"=0
"NoStartMenuPinnedList"=0
"NoStartMenuMFUprogramsList"=0
"NoUserNameInStartMenu"=0
"StartmenuLogoff"=0
"NoStartMenuSubFolders"=0
"NoCommonGroups"=0
"NoPrinterTabs"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoPrinters"=0
"NoFavoritesMenu"=0
"NoRun"=0
"NoFind"=0
"NoClose"=0
"NoSetFolders"=0
"NoViewContextMenu"=0
"NoDrives"=0
"NoToolbarCustomize"=0
"NoRecentDocsNetHood"=0
"NoChangeAnimation"=0
"NoChangeKeyboardNavigationIndicators"=0
"NoThemesTab"=0
"NoSMConfigurePrograms"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"D:\BitTorrent\bittorrent.exe"="D:\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"D:\eMule\emule.exe"="D:\eMule\emule.exe:*:Enabled:eMule"
"E:\Program Files\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe"="E:\Program Files\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe:*:Enabled:jk2mp"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"E:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe"="E:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer"
"E:\Program Files\LucasArts\Star Wars Galactic Battlegrounds\Game\battlegrounds_x1.exe"="E:\Program Files\LucasArts\Star Wars Galactic Battlegrounds\Game\battlegrounds_x1.exe:*:Enabled:Star Wars Galactic Battlegrounds: Clone Campaigns"
"E:\Program Files\uTorrent\uTorrent.exe"="E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\Program Files\Bullfrog\Populous\popTB.exe"="E:\Program Files\Bullfrog\Populous\popTB.exe:*:Enabled:D3Ddpop3w"
"E:\Program Files\LucasArts\Star Wars Galactic Battlegrounds\Game\Battlegrounds.exe"="E:\Program Files\LucasArts\Star Wars Galactic Battlegrounds\Game\Battlegrounds.exe:*:Enabled:Star Wars Galactic Battlegrounds"
"E:\Program Files\Quake III Arena\quake3.exe"="E:\Program Files\Quake III Arena\quake3.exe:*:Enabled:quake3"
"E:\Program Files\Bullfrog\Populous\D3DPopTB.exe"="E:\Program Files\Bullfrog\Populous\D3DPopTB.exe:*:Enabled:D3Ddpop3w"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"K:\Program Files\uTorrent\uTorrent.exe"="K:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"M:\eMule\emule.exe"="M:\eMule\emule.exe:*:Enabled:eMule"
"K:\Program Files\eMule\emule.exe"="K:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0, Public Beta 4"
"E:\Program Files\Microsoft Games\Halo\halo.exe"="E:\Program Files\Microsoft Games\Halo\halo.exe:*:Enabled:Halo"
"E:\Program Files\eMule\emule.exe"="E:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"E:\Program Files\Crysis\Bin32\Crysis.exe"="E:\Program Files\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis"
"E:\Program Files\Return to Castle Wolfenstein\WolfMP.exe"="E:\Program Files\Return to Castle Wolfenstein\WolfMP.exe:*:Enabled:WolfMP"
"E:\UnrealTournament\System\UnrealTournament.exe"="E:\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament"
"E:\Program Files\Gameforge4D\AirRivals\Launcher.atm"="E:\Program Files\Gameforge4D\AirRivals\Launcher.atm:Enabled:GameExe2"
"E:\Program Files\Gameforge4D\AirRivals\Res-Voip\SCVoIP.exe"="E:\Program Files\Gameforge4D\AirRivals\Res-Voip\SCVoIP.exe:Enabled:GameVoIP"
"E:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe"="E:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Enabled:DarkCrusade"
"C:\Program Files\GameFace Messenger\GameFace.exe"="C:\Program Files\GameFace Messenger\GameFace.exe:*:Enabled:IM"
"E:\Program Files\alaplaya\S4League\S4Client.exe"="E:\Program Files\alaplaya\S4League\S4Client.exe:*:Enabled:Project S4 Client.exe"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"E:\DeusEx\System\DeusEx.exe"="E:\DeusEx\System\DeusEx.exe:*:Enabled:DeusEx"
"E:\Program Files\BitTorrent\bittorrent.exe"="E:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"F:\Livebox\others\Livebox\RGWRepair.exe"="F:\Livebox\others\Livebox\RGWRepair.exe:*:Enabled:RGWRepair"
"C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1b\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1b\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"E:\Program Files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe"="E:\Program Files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:*:Enabled:Star Wars(R): Empire at War(TM): Forces of Corruption(TM)"
"C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupXu.exe"="C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupXu.exe:*:Enabled:Nero ProductSetup"
"E:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="E:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"E:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="E:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"E:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="E:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editeur"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\FileZilla FTP Client\filezilla.exe"="C:\Program Files\FileZilla FTP Client\filezilla.exe:*:Disabled:FileZilla FTP Client"
"C:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe"="C:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe:*:Disabled:VirtualBox"
"C:\Program Files\Xfire\xfire.exe"="C:\Program Files\Xfire\xfire.exe:*:Disabled:Xfire"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-02-13 22:48:45 ----D---- C:\rsit
2009-02-13 21:59:17 ----D---- C:\WINDOWS\LastGood
2009-02-13 19:16:17 ----D---- C:\Program Files\Avira
2009-02-13 19:16:17 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-02-12 21:11:00 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-12 21:10:36 ----D---- C:\WINDOWS\SQLTools9_KB960089_ENU
2009-02-12 21:08:57 ----D---- C:\WINDOWS\SQL9_KB960089_ENU
2009-02-12 21:08:46 ----A---- C:\WINDOWS\imsins.BAK
2009-02-08 12:59:41 ----D---- C:\Documents and Settings\Gael\Application Data\gtk-2.0
2009-02-08 12:57:55 ----D---- C:\Program Files\GIMP-2.0
2009-02-08 11:04:51 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-02-08 11:04:42 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2009-02-08 11:04:41 ----A---- C:\WINDOWS\system32\pbsvc.exe
2009-02-03 23:43:36 ----D---- C:\Documents and Settings\Gael\Application Data\Canneverbe_Limited
2009-02-03 23:43:26 ----D---- C:\Program Files\CDBurnerXP
2009-02-01 11:34:18 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-02-01 11:34:14 ----D---- C:\Program Files\Winsos
2009-01-31 20:52:35 ----D---- C:\Program Files\Fichiers communs\Merge Modules
2009-01-31 20:29:06 ----A---- C:\WINDOWS\system32\Nucleus.dll
2009-01-31 20:29:06 ----A---- C:\WINDOWS\system32\msvcrtnew.dll
2009-01-31 20:29:06 ----A---- C:\WINDOWS\system32\dxgi.dll
2009-01-31 20:28:37 ----A---- C:\WINDOWS\system32\d3dx10.dll
2009-01-31 20:28:37 ----A---- C:\WINDOWS\system32\d3d10core.dll
2009-01-31 20:28:37 ----A---- C:\WINDOWS\system32\d3d10.dll
2009-01-31 20:17:03 ----A---- C:\WINDOWS\system32\xaudioD2_3.dll
2009-01-31 20:17:02 ----A---- C:\WINDOWS\system32\XAPOFXD1_2.dll
2009-01-31 20:17:02 ----A---- C:\WINDOWS\system32\XactEngineD3_3.dll
2009-01-31 20:17:02 ----A---- C:\WINDOWS\system32\XactEngineA3_3.dll
2009-01-31 20:17:02 ----A---- C:\WINDOWS\system32\X3DAudioD1_5.dll
2009-01-31 20:17:02 ----A---- C:\WINDOWS\system32\dinput8d.dll
2009-01-31 20:17:02 ----A---- C:\WINDOWS\system32\D3dx9d_40.dll
2009-01-31 20:17:01 ----A---- C:\WINDOWS\system32\d3dx9d_33.dll
2009-01-31 20:17:00 ----A---- C:\WINDOWS\system32\D3DX10d_40.dll
2009-01-31 20:17:00 ----A---- C:\WINDOWS\system32\d3dref9.dll
2009-01-31 20:17:00 ----A---- C:\WINDOWS\system32\d3d9d.dll
2009-01-31 20:16:13 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-01-31 20:16:10 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-01-31 20:16:09 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-01-31 20:16:07 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-01-31 20:16:05 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-01-31 20:16:04 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-01-31 20:16:02 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-01-31 20:16:00 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-01-31 20:15:01 ----D---- C:\Program Files\Microsoft DirectX SDK (November 2008)
2009-01-31 20:14:40 ----A---- C:\WINDOWS\dxsdkuninst.exe
2009-01-31 12:35:53 ----D---- C:\WINDOWS\Internet Logs
2009-01-30 15:05:42 ----D---- C:\Program Files\RegCure
2009-01-24 11:25:35 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-01-22 22:32:29 ----D---- C:\WINDOWS\system32\Adobe
2009-01-22 22:10:09 ----D---- C:\Program Files\Star Downloader
2009-01-22 21:35:29 ----D---- C:\Program Files\BC-Mod Packager
2009-01-21 21:57:26 ----D---- C:\WINDOWS\system32\NtmsData
2009-01-18 19:20:22 ----A---- C:\WINDOWS\system32\D3D10SDKLayers.DLL
2009-01-18 17:19:10 ----D---- C:\Documents and Settings\Gael\Application Data\everlight
2009-01-18 16:57:29 ----A---- C:\WINDOWS\LogonStudio.ini
2009-01-18 16:32:42 ----D---- C:\Program Files\Fichiers communs\Stardock
2009-01-18 16:32:42 ----A---- C:\WINDOWS\wb.ini
2009-01-18 16:32:42 ----A---- C:\WINDOWS\system32\wbsys.dll
2009-01-18 16:32:41 ----D---- C:\Program Files\Stardock
2009-01-18 16:32:41 ----A---- C:\WINDOWS\system32\DartWeb.dll
2009-01-18 16:32:41 ----A---- C:\WINDOWS\system32\DartSock.dll
2009-01-18 16:32:41 ----A---- C:\WINDOWS\system32\DartObjects.dll
2009-01-17 14:59:31 ----D---- C:\Program Files\HooTech
2009-01-17 14:35:53 ----D---- C:\Documents and Settings\All Users\Application Data\YAHOO
2009-01-17 14:34:45 ----D---- C:\Program Files\Yahoo!
2009-01-17 12:55:19 ----RA---- C:\WINDOWS\system32\OLDFB.tmp
2009-01-16 18:08:18 ----A---- C:\WINDOWS\WORDPAD.INI
2009-01-16 17:45:06 ----D---- C:\Documents and Settings\Gael\Application Data\Blender Foundation
2009-01-16 17:45:02 ----D---- C:\Program Files\Blender Foundation
2009-01-15 22:55:49 ----A---- C:\WINDOWS\system32\WgaTray.exe
2009-01-15 22:55:49 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2009-01-15 22:55:48 ----A---- C:\WINDOWS\system32\Vista.Emulation.dll
2009-01-15 22:55:48 ----A---- C:\WINDOWS\system32\SDL.dll
2009-01-15 22:55:48 ----A---- C:\WINDOWS\system32\PhysXCore.dll
2009-01-15 22:55:48 ----A---- C:\WINDOWS\system32\PhysXCooking.dll
2009-01-15 22:55:48 ----A---- C:\WINDOWS\system32\OGACheckControl.dll
2009-01-15 22:55:47 ----A---- C:\WINDOWS\system32\NPSWF32.dll
2009-01-15 22:55:47 ----A---- C:\WINDOWS\system32\Newton.dll
2009-01-15 22:55:47 ----A---- C:\WINDOWS\system32\fmodex.dll
2009-01-15 22:55:47 ----A---- C:\WINDOWS\system32\fmod.dll
2009-01-15 22:55:47 ----A---- C:\WINDOWS\system32\eax.dll
2009-01-15 22:55:47 ----A---- C:\WINDOWS\system32\CompressATI2.dll
2009-01-15 22:55:47 ----A---- C:\WINDOWS\system32\bass.dll
2009-01-15 22:55:47 ----A---- C:\WINDOWS\system32\avrt.dll
2009-01-15 22:55:47 ----A---- C:\WINDOWS\system32\atimgpud.dll
2009-01-15 22:55:45 ----A---- C:\WINDOWS\system32\d2d1.dll
2009-01-15 22:55:44 ----D---- C:\WINDOWS\system32\PF
2009-01-15 22:55:44 ----D---- C:\WINDOWS\system32\Ansi
2009-01-15 22:55:44 ----A---- C:\WINDOWS\system32\zlib1.dll
2009-01-15 22:55:44 ----A---- C:\WINDOWS\system32\wnaspi32.dll
2009-01-15 22:55:44 ----A---- C:\WINDOWS\system32\vcomp.dll
2009-01-15 22:55:44 ----A---- C:\WINDOWS\system32\Vbrun300.dll
2009-01-15 22:55:44 ----A---- C:\WINDOWS\system32\vbrun200.dll
2009-01-15 22:55:44 ----A---- C:\WINDOWS\system32\vbrun100.dll
2009-01-15 22:55:44 ----A---- C:\WINDOWS\system32\Vb40032.dll
2009-01-15 22:55:44 ----A---- C:\WINDOWS\system32\Vb40016.dll
2009-01-15 22:55:44 ----A---- C:\WINDOWS\system32\ssleay32.dll
2009-01-15 22:55:43 ----A---- C:\WINDOWS\system32\msvcrt10.dll
2009-01-15 22:55:43 ----A---- C:\WINDOWS\system32\msvcr90.dll
2009-01-15 22:55:43 ----A---- C:\WINDOWS\system32\msvcr80d.dll
2009-01-15 22:55:43 ----A---- C:\WINDOWS\system32\msvcr80.dll
2009-01-15 22:55:43 ----A---- C:\WINDOWS\system32\msvcp90.dll
2009-01-15 22:55:43 ----A---- C:\WINDOWS\system32\msvcp80.dll
2009-01-15 22:55:43 ----A---- C:\WINDOWS\system32\msvcp70.dll
2009-01-15 22:55:43 ----A---- C:\WINDOWS\system32\msvcm90.dll
2009-01-15 22:55:43 ----A---- C:\WINDOWS\system32\msvcm80.dll
2009-01-15 22:55:43 ----A---- C:\WINDOWS\system32\msvci70.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfcm80u.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfcm80.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfc80.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\MFC71KOR.DLL
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\MFC71JPN.DLL
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\MFC71ITA.DLL
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\MFC71FRA.DLL
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\MFC71ESP.DLL
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\MFC71DEU.DLL
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\MFC71CHT.DLL
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\MFC71CHS.DLL
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfc70u.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfc70kor.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfc70jpn.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfc70ita.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfc70fra.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfc70esp.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfc70enu.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfc70deu.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfc70cht.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfc70chs.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\mfc70.dll
2009-01-15 22:55:42 ----A---- C:\WINDOWS\system32\libssl32.dll
2009-01-15 22:55:41 ----A---- C:\WINDOWS\system32\libeay32.dll
2009-01-15 22:55:41 ----A---- C:\WINDOWS\system32\ATL80.dll
2009-01-15 22:55:41 ----A---- C:\WINDOWS\system32\atl70.dll
2009-01-14 23:28:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 22:33:23 ----D---- C:\Program Files\OpenFX

======List of files/folders modified in the last 1 months======

2009-02-13 22:48:50 ----D---- C:\WINDOWS\Prefetch
2009-02-13 22:47:55 ----D---- C:\Program Files\Mozilla Firefox
2009-02-13 22:44:17 ----D---- C:\Program Files\Maestria
2009-02-13 22:15:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-13 22:12:18 ----D---- C:\Program Files\Movie Maker
2009-02-13 22:03:48 ----D---- C:\WINDOWS\system32
2009-02-13 21:59:17 ----D---- C:\WINDOWS
2009-02-13 21:36:00 ----D---- C:\WINDOWS\Temp
2009-02-13 21:33:46 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-13 21:09:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-13 21:07:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-13 20:49:02 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-13 20:48:14 ----SHD---- C:\WINDOWS\Installer
2009-02-13 20:48:14 ----SHD---- C:\Config.Msi
2009-02-13 20:48:14 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-02-13 19:18:50 ----D---- C:\WINDOWS\system32\drivers
2009-02-13 19:16:17 ----RD---- C:\Program Files
2009-02-13 19:01:08 ----D---- C:\Program Files\DivX
2009-02-13 17:59:25 ----HD---- C:\WINDOWS\inf
2009-02-13 17:59:25 ----D---- C:\Program Files\Windows Live Safety Center
2009-02-12 21:11:51 ----D---- C:\WINDOWS\Debug
2009-02-12 21:11:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-02-12 21:11:00 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-12 21:10:43 ----D---- C:\Program Files\Microsoft SQL Server
2009-02-12 21:10:39 ----D---- C:\WINDOWS\Registration
2009-02-12 21:09:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-12 21:08:40 ----D---- C:\Program Files\Internet Explorer
2009-02-12 21:08:35 ----D---- C:\WINDOWS\ie7updates
2009-02-12 05:56:17 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-11 20:52:59 ----RSD---- C:\WINDOWS\Fonts
2009-02-11 20:52:59 ----D---- C:\WINDOWS\Help
2009-02-09 20:58:36 ----D---- C:\Program Files\PeerGuardian2
2009-02-09 20:58:35 ----D---- C:\Documents and Settings\Gael\Application Data\BitTorrent
2009-02-08 11:06:26 ----D---- C:\WINDOWS\system32\DirectX
2009-02-08 11:06:12 ----RSD---- C:\WINDOWS\assembly
2009-02-08 11:04:41 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-08 11:01:20 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-01 01:40:13 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-31 22:05:02 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-31 20:54:34 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-31 20:54:12 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2009-01-31 20:53:32 ----SD---- C:\Documents and Settings\Gael\Application Data\Microsoft
2009-01-31 20:53:32 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-31 20:53:00 ----D---- C:\WINDOWS\WinSxS
2009-01-31 20:52:35 ----D---- C:\Program Files\Fichiers communs
2009-01-31 20:24:40 ----D---- C:\Program Files\Microsoft
2009-01-31 20:22:11 ----N---- C:\WINDOWS\win.ini
2009-01-31 20:14:47 ----D---- C:\WINDOWS\Logs
2009-01-31 18:59:04 ----D---- C:\Documents and Settings\Gael\Application Data\Samsung
2009-01-31 18:37:04 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-31 12:28:00 ----D---- C:\Program Files\QUAD Utilities
2009-01-30 15:39:46 ----D---- C:\Documents and Settings\Gael\Application Data\Webshots
2009-01-30 15:35:40 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-30 15:32:11 ----SD---- C:\WINDOWS\Tasks
2009-01-30 15:19:15 ----D---- C:\Program Files\Services en ligne
2009-01-30 15:16:44 ----D---- C:\Program Files\FileZilla Server
2009-01-30 15:16:12 ----D---- C:\Program Files\RivaTuner v2.22
2009-01-22 22:34:12 ----D---- C:\Documents and Settings\Gael\Application Data\Adobe
2009-01-22 22:34:06 ----D---- C:\WINDOWS\system32\Macromed
2009-01-21 21:45:54 ----AC---- C:\Documents and Settings\All Users\Application Data\xml133.tmp
2009-01-21 21:45:54 ----AC---- C:\Documents and Settings\All Users\Application Data\xml131.tmp
2009-01-21 21:45:54 ----AC---- C:\Documents and Settings\All Users\Application Data\xml130.tmp
2009-01-18 20:46:13 ----D---- C:\Program Files\Panda Security
2009-01-18 16:33:09 ----D---- C:\Program Files\Winamp
2009-01-17 19:40:17 ----D---- C:\Documents and Settings\Gael\Application Data\Winamp
2009-01-17 15:03:41 ----D---- C:\Program Files\Orange
2009-01-17 14:35:41 ----D---- C:\WINDOWS\Downloaded Installations
2009-01-17 13:02:47 ----D---- C:\Program Files\Outlook Express
2009-01-17 13:02:33 ----D---- C:\WINDOWS\system32\usmt
2009-01-16 21:15:42 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 EIO_XP;EIO_XP; \??\C:\WINDOWS\system32\drivers\EIO_XP.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-08-20 5632]
R2 NVR0FLASHDev;NVR0FLASHDev; \??\C:\WINDOWS\nvflash.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-09-18 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-07-08 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-07-08 22016]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 ZSMC301b;Philips SPC 200NC PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2005-02-26 91527]
S1 AmdPPM;Pilote de processeur AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
S2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\drivers\AmdLLD.sys []
S3 ap2lqugt;ap2lqugt; C:\WINDOWS\system32\drivers\ap2lqugt.sys []
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2008-05-28 12416]
S3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\WINDOWS\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
S3 atidgllk;atidgllk; \??\C:\Program Files\Asus\SmartDoctor\atidgllk.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cmpci;Gamesurround Muse 5.1 DVD; C:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-08-21 25280]
S3 LwAdiHid;Périphériques numériques WingMan Logitech (détection automatique); C:\WINDOWS\system32\DRIVERS\LwAdiHid.sys [2004-08-03 20864]
S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1b\WNt500x86\Sandra.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbmsd;USB Mass storage Device Driver; C:\WINDOWS\system32\drivers\usbmsd.sys [2001-09-17 100544]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\drivers\VBoxNetFlt.sys []
S3 VBoxTAP;VirtualBox TAP Adapter; C:\WINDOWS\system32\DRIVERS\VBoxTAP.sys [2008-11-21 47184]
S3 VBoxUSB;VirtualBox USB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [2008-11-21 31824]
S3 Video3D;ASUS Video3D Service; C:\WINDOWS\system32\drivers\Video3D.sys []
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Diskeeper;Diskeeper; C:\Program Files\Executive Software\DiskeeperLite\DKService.exe [2002-10-16 176128]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-12-18 29181272]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-04-04 126976]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-02-08 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-02-08 107832]
R2 SQLWriter;Enregistreur VSS SQL Server; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 UpdateCenterService;Update Center Service; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [2008-09-10 114688]
R3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-12-19 195752]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-22 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------

            -fichier info:

info.txt logfile of random's system information tool 1.05 2009-02-13 22:49:00

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
1.0-->"E:\Program Files\gPotato.eu\Street Gears\unins000.exe"
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\Shockwave 11\UNWISE.EXE C:\WINDOWS\system32\Adobe\Shockwave 11\Install.log
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x040c -removeonly
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BC-Mod Installer .NET - FINAL Version-->"C:\Program Files\BC-Mod Installer .NET\uninstall.exe"
BC-Mod Packager BETA 4.4 - FULL Version-->"C:\Program Files\BC-Mod Packager\uninstall.exe"
BCUT-->"C:\Program Files\InstallShield Installation Information\{942D019C-6248-4015-8F22-7ACE0D13C0F1}\setup.exe" -runfromtemp -l0x0009 -removeonly
Blender (remove only)-->"C:\Program Files\Blender Foundation\Blender\uninstall.exe"
Canon iP2200-->C:\WINDOWS\system32\CNMCP74.exe "-PRINTERNAMECanon iP2200" "-HELPERDLLC:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP2200 Installer\Inst2\cnmis.dll" "-RCDLLcnmi040c.dll"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Comptabilité-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93A837CB-5919-4BBA-B1AE-2E42F0E00794}\setup.exe" -l0x40c
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
dBpowerAMP-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP.dat
Diskeeper Lite-->MsiExec.exe /X{A3F60446-48FB-48A8-B5FC-BB3430AEF806}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver Detective-->C:\Program Files\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.exe -runfromtemp -l0x0409
EAWMapEditor-->MsiExec.exe /I{ECB4D56B-E365-4922-AC0F-70CF770443A3}
eMule-->"E:\Program Files\eMule\Uninstall.exe"
Encyclopédie Microsoft Encarta 98-->RunDll32 C:\PROGRA~1\MIE1DB~1\ENCYCL~1\UNENC98.DLL,Uninstall  C:\PROGRA~1\MIE1DB~1\ENCYCL~1\SETUP98F\INST98F.LOG
Entropia Universe-->E:\Program Files\MindArk\Entropia Universe\Uninstall.exe
EVEREST Ultimate Edition-->"C:\WINDOWS\EVEREST Ultimate Edition\uninstall.exe" "/U:C:\Program Files\EVEREST Ultimate Edition\Uninstall\uninstall.xml"
Everlight-->MsiExec.exe /I{7990E879-F6D5-45FC-9CC8-B34314ADBF71}
eXperience112-->C:\Program Files\InstallShield Installation Information\{3CF44BDE-BDDC-4510-A5CF-EBE97D1B8F73}\SETUP.EXE -runfromtemp -l0x040c -removeonly
Fallout 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x40c  -removeonly
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}
Fiesta Online 1.01.000-->E:\Program Files\Gamigo Games\Fiesta Online\uninst.exe
Florensia-->C:\Program Files\InstallShield Installation Information\{69AB0E59-F19A-4BA2-BB51-B0A25B8B405A}\setup.exe -runfromtemp -l0x0009 -removeonly
Futuremark SystemInfo-->"C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
GDR 3077 for SQL Server Database Services 2005 ENU (KB960089)-->C:\WINDOWS\SQL9_KB960089_ENU\Hotfix.exe /Uninstall
GDR 3077 for SQL Server Tools and Workstation Components 2005 ENU (KB960089)-->C:\WINDOWS\SQLTools9_KB960089_ENU\Hotfix.exe /Uninstall
Gestion commerciale-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52270BD3-1B06-42B6-B76A-3E6B95D3F218}\setup.exe" -l0x40c
GIMP 2.6.4-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Gravity Ragnarok-->"E:\Program Files\Gravity\Ragnarok_france\uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Homeworld2-->E:\Program Files\Sierra\Homeworld2\uninstall.exe
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Install(US)2-->C:\Program Files\InstallShield Installation Information\{8A4D41F3-3EDA-4DAC-9403-839708EA0667}\setup.exe -runfromtemp -l0x0009 -removeonly
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
jetAudio Basic VX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe" -l0xc0c  -removeonly
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Ma-Config.com-->MsiExec.exe /X{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Branding Tool-->MsiExec.exe /I{4B5374DD-6F96-459B-9D7E-D0117C07B2A1}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft DirectX SDK (November 2008)-->C:\WINDOWS\dxsdkuninst.exe "C:\Program Files\Microsoft DirectX SDK (November 2008)" "Microsoft DirectX SDK (November 2008)"
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Halo-->"E:\Program Files\Microsoft Games\Halo\UNINSTAL.EXE" /runtemp /addremove
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2E11197791}
Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{3F59A7E0-BC01-4435-9E93-C7D7015C21DA}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Compact 3.5 Design Tools FRA-->MsiExec.exe /X{043ECF7B-4724-4F7B-8A9D-BC22719E95F7}
Microsoft SQL Server Compact 3.5 FRA-->MsiExec.exe /I{BE361597-42AC-4513-9BA6-FFAB310038FB}
Microsoft SQL Server Native Client-->MsiExec.exe /I{9C7E944F-4502-40B8-A0AB-66B2FA9EE829}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{75FF1600-6330-43FA-9022-E0835BF20778}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual Basic 2008 Express - Français-->C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition - FRA\setup.exe
Microsoft Visual Basic 2008 Express Edition - FRA-->MsiExec.exe /X{ACC61C04-48C5-3F6F-977B-AD33E94E5F40}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Express Edition - FRA-->MsiExec.exe /X{15473D70-D791-3B5E-B174-2FD19EC0D017}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual J# .NET Redistributable Package 1.1-->MsiExec.exe /X{1A655D51-1423-48A3-B748-8F5A0BE294C8}
Microsoft Visual C++ 2008 Express - Fran?ais-->C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual C++ 2008 Express Edition - FRA\setup.exe
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951618-v2)-->"C:\WINDOWS\$NtUninstallKB951618-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise ? jour de s?curit? pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise ? jour de s?curit? pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSDN Library pour les ?ditions Microsoft Visual Studio 2008 Express-->C:\Program Files\Microsoft Visual Studio 9.0\MSDN Library for Microsoft Visual Studio 2008 Express Editions\install.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero 7 Premium-->MsiExec.exe /I{B123EBD8-89B7-4834-B06D-F758815E1036}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nTune-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1036
NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
NVIDIA System Monitor-->"C:\Program Files\InstallShield Installation Information\{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}\setup.exe" -runfromtemp -l0x040c -removeonly
NVIDIA System Monitor-->MsiExec.exe /I{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}
NVIDIA System Update-->"C:\Program Files\InstallShield Installation Information\{6F69C969-2942-4E7B-B594-75B37664B8BA}\setup.exe" -runfromtemp -l0x040c -removeonly
NVIDIA System Update-->MsiExec.exe /I{6F69C969-2942-4E7B-B594-75B37664B8BA}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenFX-->MsiExec.exe /I{9EDAFC7E-F964-4600-89C1-9FAAEF6E7334}
OpenOffice.org 3.0-->MsiExec.exe /I{1572F66F-F9AD-4D45-B0D2-0F45A0D5A0F6}
Orange - Logiciels Internet-->C:\Program Files\Orange\installation\core\Installgui.exe -u
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
PCI Audio Driver-->cmuninst.exe
PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe"
Philips SPC 200NC PC Camera-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A2646FB-7BAC-451B-BF90-4889C4429C5E}\Setup.exe" -l0x40c
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
Realtek AC'97 Audio-->Alcrmv.exe -r -m
RegCure 1.5.0.1-->C:\Program Files\RegCure\uninst.exe
S4 League-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D99223D4-1F48-47BD-ADFD-D43C91CDFD00}\setup.exe" -l0x9
Safari-->MsiExec.exe /I{582D2A53-F426-4C5E-A2E6-43C1AB36B907}
Sage Pilote-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F428CE0D-0E60-432D-8254-F8EED9079DC0}\setup.exe" -l0x40c
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c  -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung Samples Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -l0x40c  -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Seismovision 2 (remove only)-->"E:\Program Files\NuGardt Software\Seismovision 2\uninst_seis.exe"
SimCity 4 Deluxe-->E:\Program Files\Maxis\SimCity 4 Deluxe\EAUninstall.exe
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
SPORE™-->"C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPORESetup.exe" -runfromtemp -l0x040c -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Star Downloader Free-->C:\PROGRA~1\Star Downloader\UNWISE.EXE C:\PROGRA~1\Star Downloader\INSTALL.LOG
Star Wars Empire at War Forces of Corruption-->C:\Program Files\InstallShield Installation Information\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}\Setup.exe -runfromtemp -l0x040c -removeonly
Star Wars Empire at War-->C:\Program Files\InstallShield Installation Information\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}\Setup.exe -runfromtemp -l0x040c -removeonly
Star Wars Jedi Knight Jedi Academy-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D994CC5-819F-4657-84DD-397B8FE1EA80}\Setup.exe" -l0x40c
Star Wars JK II Jedi Outcast-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{576E71DA-3000-48F6-9B21-B9A70D47DFCF}\Setup.exe"
Theme Manager-->C:\PROGRA~1\Stardock\Object Desktop\ThemeManager\thememgr.exe /uninstallwise
UberIcon 1.0.4-->"C:\Program Files\UberIcon\unins000.exe"
UltraISO V7.25 ME-->"C:\Program Files\UltraISO\unins000.exe"
Uniblue DriverScanner 2009-->"C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe" REMOVE=TRUE MODIFY=FALSE
Uniblue DriverScanner 2009-->C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe
Uniblue RegistryBooster 2009-->"C:\Documents and Settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}\Uniblue RegistryBooster.exe" REMOVE=TRUE MODIFY=FALSE
Uniblue RegistryBooster 2009-->C:\Documents and Settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}\Uniblue RegistryBooster.exe
Uniblue SpeedUpMyPC 2009-->"C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\SpeedUpMyPC.exe" REMOVE=TRUE MODIFY=FALSE
Uniblue SpeedUpMyPC 2009-->C:\Documents and Settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\SpeedUpMyPC.exe
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2}
USB Card Reader \Writer -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88A98BEA-BFBB-11D5-85D6-B564BD168E1C}\Setup.exe"
Vade Retro Outlook, Outlook Express, Windows Mail (Vista)-->C:\Program Files\Goto Software\Vade Retro\uninst.exe
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Warlords Beta 0.45-->"E:\Program Files\Sierra\Homeworld2\unins000.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Winsos-->"C:\Program Files\Winsos\unins000.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XviD MPEG-4 Video Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:\WINDOWS\INF\xvid.inf

======Hosts File======

127.0.0.1     www.007guard.com
127.0.0.1     007guard.com
127.0.0.1     008i.com
127.0.0.1     www.008k.com
127.0.0.1     008k.com
127.0.0.1     www.00hq.com
127.0.0.1     00hq.com
127.0.0.1     010402.com
127.0.0.1     www.032439.com
127.0.0.1     032439.com

======Security center information======

AV: Avira AntiVir PersonalEdition Classic (outdated)

System event log

Computer Name: TRINITAS
Event Code: 7036
Message: Le service Office Source Engine est entré dans l'état : en cours d'exécution.

Record Number: 11351
Source Name: Service Control Manager
Time Written: 20090114232851.000000+060
Event Type: Informations
User:

Computer Name: TRINITAS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Office Source Engine.

Record Number: 11350
Source Name: Service Control Manager
Time Written: 20090114232851.000000+060
Event Type: Informations
User: TRINITAS\Gael

Computer Name: TRINITAS
Event Code: 19
Message: Installation réussie : Windows a installé la mise à jour suivante : Mise à jour pour le filtre de courrier indésirable de Microsoft Office Outlook 2007 (KB959141)

Record Number: 11349
Source Name: Windows Update Agent
Time Written: 20090114232842.000000+060
Event Type: Informations
User:

Computer Name: TRINITAS
Event Code: 19
Message: Installation réussie : Windows a installé la mise à jour suivante : Mise à jour de sécurité pour Windows XP (KB958687)

Record Number: 11348
Source Name: Windows Update Agent
Time Written: 20090114232822.000000+060
Event Type: Informations
User:

Computer Name: TRINITAS
Event Code: 7036
Message: Le service Windows Installer est entré dans l'état : en cours d'exécution.

Record Number: 11347
Source Name: Service Control Manager
Time Written: 20090114232819.000000+060
Event Type: Informations
User:

Application event log

Computer Name: TRINITAS
Event Code: 2
Message: The Diskeeper Control Center has been started.
Diskeeper service started

Record Number: 2862
Source Name: Diskeeper
Time Written: 20090106230929.000000+060
Event Type: Informations
User:

Computer Name: TRINITAS
Event Code: 1
Message:
Record Number: 2861
Source Name: Bonjour Service
Time Written: 20090106230928.000000+060
Event Type: Informations
User:

Computer Name: TRINITAS
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 2860
Source Name: SecurityCenter
Time Written: 20090106230244.000000+060
Event Type: Informations
User:

Computer Name: TRINITAS
Event Code: 2
Message: The Diskeeper Control Center has been started.
Diskeeper service started

Record Number: 2859
Source Name: Diskeeper
Time Written: 20090106230211.000000+060
Event Type: Informations
User:

Computer Name: TRINITAS
Event Code: 1
Message:
Record Number: 2858
Source Name: Bonjour Service
Time Written: 20090106230210.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Executive Software\DiskeeperLite\;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\Microsoft SQL Server\90\Tools\binn\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"DiskeeperIcon"=C:\Program Files\Executive Software\DiskeeperLite\
"DXSDK_DIR"=C:\Program Files\Microsoft DirectX SDK (November 2008)\
"VS90COMNTOOLS"=C:\Program Files\Microsoft Visual Studio 9.0\Common7\Tools\

-----------------EOF-----------------

Reuh,

Ok, on a bien fait de regarder, il semble qu'il y ai des traces, RegCure est considéré comme un rogue, je te conseille de le désinstaller par ajout/suppresion.

Comme je te l'ai dit dans mon ancien post, la combinaison Spybot/Ad-Aware, à part ralentir le PC, sa sert à rien, ces 2 outils sont tous deux obsolètes.


# 1 - Suppression de l'infection

Télécharge, installe et met à jour MalwareBytes.
Aide: Un tutorial de MalwareBytes est disponible là
Fait un examen complet de tout les lecteurs. Clique sur "Afficher les résultats" puis sur "Supprimer la sélection" et poste le rapport.

On verra si MalwareBytes supprime RegCure, sinon, on le fera manuellement


@++

Salut,

         -j'envoie le rapport de l'analyse Malware:

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1760
Windows 5.1.2600 Service Pack 3

14/02/2009 09:06:48
mbam-log-2009-02-14 (09-06-46).txt

Type de recherche: Examen complet (C:\|E:\|F:\|N:\|)
Eléments examinés: 482442
Temps écoulé: 1 hour(s), 44 minute(s), 15 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\EAW Deathstar.scr (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\All Users\Application Data\EAW Vehicles.scr (Trojan.Lop.H) -> No action taken.

Salut,

Il est important que tu répondes à cette question:

Peux-tu supprimer RegCure dans Ajout/supression des programmes (Dans poste de travail) ?

Il semble que ce ne sont que des restes de vielles infection;

# 1 - Recherche des restes de Lop

Télécharge Lop S&D sur ton Bureau

- Exécute le.
- Sélectionne le français avec la touche "F" et appuie sur Entrée.
- Un message de confirmation apparait, clique sur "Ok"
- Sélectionne l'option 1 (Recherche) et appuie sur la touche Entrée.
- La recherche s'effectue, patiente.

Le rapport LopR.txt s'ouvre

Colle le rapport ici, pour cela :
• Menu Édition / Sélectionner Tout
• Menu Édition / copier
• Ici dans un nouveau message : clic droit / coller

Salut,

           -RegCure a été supprimé dans Ajouts Suppression de Programme



   --------------------\\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
   BIOS : Phoenix - AwardBIOS v6.00PG
   USER : Gael ( Administrator )
   BOOT : Normal boot
   Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
   C:\ (Local Disk) - NTFS - Total:79 Go (Free:58 Go)
   E:\ (Local Disk) - NTFS - Total:386 Go (Free:114 Go)
   F:\ (CD or DVD) - UDF - Total:2 Go (Free:0 Go)
   G:\ (CD or DVD)
   H:\ (CD or DVD)
   I:\ (CD or DVD)
   J:\ (CD or DVD)
   N:\ (Local Disk) - NTFS - Total:465 Go (Free:121 Go)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [1] ( 14/02/2009|13:03 )

   --------------------\\  Listing des dossiers dans APPLIC~1

   [25/12/2008|13:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
   [23/12/2008|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{92E7A367-8E12-4830-AA70-29C32E331A81}
   [23/12/2008|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
   [25/08/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [14/02/2009|10:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [14/12/2008|17:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
   [13/02/2009|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
   [18/08/2008|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
   [21/08/2008|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
   [23/12/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
   [09/11/2008|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fallout3
   [24/01/2009|11:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [14/12/2008|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
   [22/12/2008|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
   [20/12/2008|14:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
   [13/02/2009|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [18/08/2008|17:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [31/01/2009|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [12/02/2009|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
   [07/12/2008|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
   [25/10/2008|18:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
   [05/12/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
   [23/12/2008|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers Headquarters
   [16/11/2008|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sage
   [13/02/2009|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [07/12/2008|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir
   [28/11/2008|16:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [04/11/2008|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
   [05/12/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VadeRetro
   [18/08/2008|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [19/12/2008|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
   [18/08/2008|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [17/01/2009|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\YAHOO

   [18/08/2008|13:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [15/11/2008|20:34] C:\DOCUME~1\Gael\APPLIC~1\ABSOLUTIST.com
   [30/10/2008|11:21] C:\DOCUME~1\Gael\APPLIC~1\AccurateRip
   [22/01/2009|22:34] C:\DOCUME~1\Gael\APPLIC~1\Adobe
   [18/08/2008|12:17] C:\DOCUME~1\Gael\APPLIC~1\Ahead
   [16/12/2008|18:37] C:\DOCUME~1\Gael\APPLIC~1\Apple Computer
   [10/01/2009|16:53] C:\DOCUME~1\Gael\APPLIC~1\Bioshock
   [09/02/2009|20:58] C:\DOCUME~1\Gael\APPLIC~1\BitTorrent
   [16/01/2009|17:45] C:\DOCUME~1\Gael\APPLIC~1\Blender Foundation
   [03/02/2009|23:43] C:\DOCUME~1\Gael\APPLIC~1\Canneverbe_Limited
   [18/08/2008|13:37] C:\DOCUME~1\Gael\APPLIC~1\COWON
   [18/08/2008|12:43] C:\DOCUME~1\Gael\APPLIC~1\DAEMON Tools
   [30/10/2008|11:25] C:\DOCUME~1\Gael\APPLIC~1\dBpoweramp
   [27/08/2008|10:02] C:\DOCUME~1\Gael\APPLIC~1\DivX
   [09/01/2009|19:15] C:\DOCUME~1\Gael\APPLIC~1\DNA
   [25/11/2008|22:50] C:\DOCUME~1\Gael\APPLIC~1\Download Manager
   [06/01/2009|21:53] C:\DOCUME~1\Gael\APPLIC~1\dvdcss
   [30/11/2008|01:50] C:\DOCUME~1\Gael\APPLIC~1\eMule
   [18/01/2009|18:05] C:\DOCUME~1\Gael\APPLIC~1\everlight
   [28/12/2008|19:45] C:\DOCUME~1\Gael\APPLIC~1\FileZilla
   [20/08/2008|15:45] C:\DOCUME~1\Gael\APPLIC~1\Godlike
   [14/12/2008|21:24] C:\DOCUME~1\Gael\APPLIC~1\Grisoft
   [14/02/2009|09:48] C:\DOCUME~1\Gael\APPLIC~1\gtk-2.0
   [22/11/2008|20:30] C:\DOCUME~1\Gael\APPLIC~1\Hamachi
   [20/08/2008|15:33] C:\DOCUME~1\Gael\APPLIC~1\Help
   [18/08/2008|11:56] C:\DOCUME~1\Gael\APPLIC~1\Identities
   [18/10/2008|20:12] C:\DOCUME~1\Gael\APPLIC~1\InstallShield
   [18/08/2008|14:17] C:\DOCUME~1\Gael\APPLIC~1\Macromedia
   [13/02/2009|23:41] C:\DOCUME~1\Gael\APPLIC~1\Malwarebytes
   [31/01/2009|20:53] C:\DOCUME~1\Gael\APPLIC~1\Microsoft
   [30/10/2008|21:05] C:\DOCUME~1\Gael\APPLIC~1\mIRC
   [18/08/2008|12:30] C:\DOCUME~1\Gael\APPLIC~1\Mozilla
   [19/12/2008|17:54] C:\DOCUME~1\Gael\APPLIC~1\OpenOffice.org
   [19/12/2008|15:56] C:\DOCUME~1\Gael\APPLIC~1\OpenOffice.org2
   [10/09/2008|22:05] C:\DOCUME~1\Gael\APPLIC~1\Opera
   [18/10/2008|22:00] C:\DOCUME~1\Gael\APPLIC~1\Petroglyph
   [16/11/2008|12:57] C:\DOCUME~1\Gael\APPLIC~1\Sage
   [31/01/2009|18:59] C:\DOCUME~1\Gael\APPLIC~1\Samsung
   [24/10/2008|16:27] C:\DOCUME~1\Gael\APPLIC~1\SecuROM
   [24/12/2008|11:12] C:\DOCUME~1\Gael\APPLIC~1\SPORE
   [26/08/2008|19:29] C:\DOCUME~1\Gael\APPLIC~1\Styler
   [18/08/2008|12:27] C:\DOCUME~1\Gael\APPLIC~1\Sun
   [25/12/2008|13:46] C:\DOCUME~1\Gael\APPLIC~1\Uniblue
   [25/12/2008|13:50] C:\DOCUME~1\Gael\APPLIC~1\uTorrent
   [05/12/2008|15:10] C:\DOCUME~1\Gael\APPLIC~1\VadeRetro
   [08/12/2008|18:49] C:\DOCUME~1\Gael\APPLIC~1\vlc
   [30/01/2009|15:39] C:\DOCUME~1\Gael\APPLIC~1\Webshots
   [17/01/2009|19:40] C:\DOCUME~1\Gael\APPLIC~1\Winamp
   [19/08/2008|16:09] C:\DOCUME~1\Gael\APPLIC~1\Windows Search
   [18/08/2008|12:14] C:\DOCUME~1\Gael\APPLIC~1\WinRAR

   [27/11/2008|23:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
   [09/01/2009|21:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [10/01/2009|16:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
   [24/10/2008|16:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

   --------------------\\  Tâches planifiées dans C:\WINDOWS\tasks

   [13/02/2009 21:09][--ah-----] C:\WINDOWS\tasks\SA.DAT
   [18/09/2002 16:27][-r-h-----] C:\WINDOWS\tasks\desktop.ini

   --------------------\\  Listing des dossiers dans C:\Program Files

   [25/08/2008|15:31] C:\Program Files\Adobe
   [27/12/2008|16:29] C:\Program Files\AGEIA Technologies
   [14/12/2008|22:14] C:\Program Files\Alwil Software
   [26/12/2008|18:37] C:\Program Files\AMD
   [18/08/2008|12:19] C:\Program Files\AVG
   [13/02/2009|19:16] C:\Program Files\Avira
   [14/02/2009|10:14] C:\Program Files\Avira GmbH
   [20/12/2008|15:50] C:\Program Files\AvRack
   [20/10/2008|21:14] C:\Program Files\BC-Mod Installer .NET
   [22/01/2009|21:35] C:\Program Files\BC-Mod Packager
   [16/01/2009|17:45] C:\Program Files\Blender Foundation
   [25/12/2008|15:04] C:\Program Files\CCleaner
   [03/02/2009|23:43] C:\Program Files\CDBurnerXP
   [05/11/2008|18:40] C:\Program Files\Common Files
   [18/08/2008|11:52] C:\Program Files\ComPlus Applications
   [03/11/2008|15:23] C:\Program Files\Crystal Dynamics
   [18/08/2008|12:47] C:\Program Files\DAEMON Tools Lite
   [25/12/2008|16:29] C:\Program Files\directx
   [13/02/2009|23:47] C:\Program Files\DivX
   [01/01/2009|17:15] C:\Program Files\DNA
   [06/12/2008|11:56] C:\Program Files\EVEREST Ultimate Edition
   [18/08/2008|12:34] C:\Program Files\Executive Software
   [31/01/2009|20:52] C:\Program Files\Fichiers communs
   [30/01/2009|15:16] C:\Program Files\FileZilla Server
   [07/12/2008|11:16] C:\Program Files\GameFace Messenger
   [16/11/2008|12:56] C:\Program Files\GecoMaes
   [08/02/2009|12:58] C:\Program Files\GIMP-2.0
   [20/08/2008|15:45] C:\Program Files\Godlike Developers
   [05/12/2008|15:10] C:\Program Files\Goto Software
   [14/12/2008|21:24] C:\Program Files\Grisoft
   [10/12/2008|22:16] C:\Program Files\Hard Disk Sentinel
   [30/10/2008|00:23] C:\Program Files\Helexis
   [17/01/2009|15:05] C:\Program Files\HooTech
   [30/10/2008|11:21] C:\Program Files\Illustrate
   [14/02/2009|10:14] C:\Program Files\InstallShield Installation Information
   [12/02/2009|21:08] C:\Program Files\Internet Explorer
   [07/01/2009|17:31] C:\Program Files\Inventel
   [06/12/2008|14:35] C:\Program Files\iXi Tools
   [18/08/2008|12:43] C:\Program Files\Java
   [11/10/2008|00:30] C:\Program Files\JetAudio
   [22/12/2008|22:12] C:\Program Files\Lavasoft
   [20/12/2008|14:22] C:\Program Files\ma-config.com
   [13/02/2009|22:44] C:\Program Files\Maestria
   [13/02/2009|23:41] C:\Program Files\Malwarebytes' Anti-Malware
   [24/10/2008|15:34] C:\Program Files\Messenger
   [18/08/2008|14:02] C:\Program Files\Messenger Plus! Live
   [31/01/2009|20:24] C:\Program Files\Microsoft
   [31/01/2009|20:16] C:\Program Files\Microsoft DirectX SDK (November 2008)
   [18/08/2008|11:53] C:\Program Files\microsoft frontpage
   [24/10/2008|15:59] C:\Program Files\Microsoft Office
   [19/12/2008|16:36] C:\Program Files\Microsoft Office Outlook Connector
   [20/08/2008|15:32] C:\Program Files\Microsoft R‚f‚rence
   [10/01/2009|16:24] C:\Program Files\Microsoft SDKs
   [24/10/2008|15:20] C:\Program Files\Microsoft Silverlight
   [12/02/2009|21:10] C:\Program Files\Microsoft SQL Server
   [10/01/2009|16:27] C:\Program Files\Microsoft SQL Server Compact Edition
   [10/01/2009|16:27] C:\Program Files\Microsoft Synchronization Services
   [07/01/2009|17:55] C:\Program Files\Microsoft Virtual PC
   [19/08/2008|09:20] C:\Program Files\Microsoft Visual Studio
   [31/01/2009|20:54] C:\Program Files\Microsoft Visual Studio 9.0
   [24/10/2008|16:12] C:\Program Files\Microsoft Works
   [10/01/2009|16:31] C:\Program Files\Microsoft.NET
   [30/10/2008|16:16] C:\Program Files\Monkey's Audio
   [11/12/2008|00:17] C:\Program Files\Motherboard Monitor 5
   [13/02/2009|22:12] C:\Program Files\Movie Maker
   [14/02/2009|13:02] C:\Program Files\Mozilla Firefox
   [19/08/2008|13:08] C:\Program Files\MSBuild
   [18/08/2008|11:51] C:\Program Files\MSN Gaming Zone
   [25/08/2008|12:16] C:\Program Files\MSXML 4.0
   [19/08/2008|02:02] C:\Program Files\MSXML 6.0
   [25/10/2008|18:31] C:\Program Files\My Company Name
   [08/11/2008|18:46] C:\Program Files\Navilog1
   [18/08/2008|12:17] C:\Program Files\Nero
   [24/10/2008|15:31] C:\Program Files\NetMeeting
   [31/12/2008|14:01] C:\Program Files\NVIDIA Corporation
   [22/12/2008|22:10] C:\Program Files\OpenAL
   [14/01/2009|22:33] C:\Program Files\OpenFX
   [19/12/2008|17:06] C:\Program Files\OpenOffice.org 2.4
   [19/12/2008|17:07] C:\Program Files\OpenOffice.org 3
   [01/12/2008|00:15] C:\Program Files\Opera
   [17/01/2009|15:03] C:\Program Files\Orange
   [17/01/2009|13:02] C:\Program Files\Outlook Express
   [18/01/2009|20:46] C:\Program Files\Panda Security
   [14/02/2009|13:03] C:\Program Files\PeerGuardian2
   [18/08/2008|12:13] C:\Program Files\Philips
   [31/01/2009|12:28] C:\Program Files\QUAD Utilities
   [30/12/2008|20:28] C:\Program Files\Realtek AC97
   [18/08/2008|12:10] C:\Program Files\Realtek Sound Manager
   [19/08/2008|13:04] C:\Program Files\Reference Assemblies
   [13/12/2008|01:16] C:\Program Files\RegClean
   [30/01/2009|15:16] C:\Program Files\RivaTuner v2.22
   [16/11/2008|12:55] C:\Program Files\Sage
   [20/08/2008|15:22] C:\Program Files\Samsung
   [30/01/2009|15:19] C:\Program Files\Services en ligne
   [13/02/2009|23:42] C:\Program Files\Spybot - Search & Destroy
   [23/01/2009|18:11] C:\Program Files\Star Downloader
   [30/01/2009|15:33] C:\Program Files\Stardock
   [01/09/2008|11:37] C:\Program Files\Styler
   [23/12/2008|12:50] C:\Program Files\THQ
   [08/11/2008|18:40] C:\Program Files\Trend Micro
   [19/10/2008|19:58] C:\Program Files\Trust
   [09/11/2008|13:28] C:\Program Files\UberIcon
   [25/10/2008|15:53] C:\Program Files\UltraISO
   [25/12/2008|13:46] C:\Program Files\Uniblue
   [16/11/2008|12:56] C:\Program Files\Uninstall Information
   [18/08/2008|12:26] C:\Program Files\VideoLAN
   [11/12/2008|00:00] C:\Program Files\Western Digital Technologies
   [18/01/2009|16:33] C:\Program Files\Winamp
   [21/08/2008|02:06] C:\Program Files\Windows Desktop Search
   [19/12/2008|16:34] C:\Program Files\Windows Live
   [13/02/2009|17:59] C:\Program Files\Windows Live Safety Center
   [19/12/2008|16:35] C:\Program Files\Windows Live SkyDrive
   [18/08/2008|14:01] C:\Program Files\Windows Media Connect 2
   [22/11/2008|10:25] C:\Program Files\Windows Media Player
   [24/10/2008|15:31] C:\Program Files\Windows NT
   [18/08/2008|11:51] C:\Program Files\WindowsUpdate
   [18/08/2008|12:14] C:\Program Files\WinRAR
   [02/02/2009|21:12] C:\Program Files\Winsos
   [18/08/2008|11:53] C:\Program Files\xerox
   [17/01/2009|15:07] C:\Program Files\Yahoo!

   --------------------\\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [25/08/2008|15:32] C:\Program Files\Fichiers communs\Adobe
   [18/08/2008|12:18] C:\Program Files\Fichiers communs\Ahead
   [10/10/2008|20:30] C:\Program Files\Fichiers communs\COWON
   [19/08/2008|09:20] C:\Program Files\Fichiers communs\DESIGNER
   [04/01/2009|01:44] C:\Program Files\Fichiers communs\DirectX
   [07/01/2009|17:46] C:\Program Files\Fichiers communs\France Telecom
   [05/12/2008|19:27] C:\Program Files\Fichiers communs\Futuremark Shared
   [05/12/2008|15:11] C:\Program Files\Fichiers communs\Goto Software
   [18/08/2008|12:13] C:\Program Files\Fichiers communs\InstallShield
   [18/08/2008|12:27] C:\Program Files\Fichiers communs\Java
   [31/01/2009|20:52] C:\Program Files\Fichiers communs\Merge Modules
   [31/01/2009|20:54] C:\Program Files\Fichiers communs\Microsoft Shared
   [18/08/2008|11:52] C:\Program Files\Fichiers communs\MSSoap
   [18/08/2008|12:48] C:\Program Files\Fichiers communs\ODBC
   [16/11/2008|12:56] C:\Program Files\Fichiers communs\SAGE
   [18/08/2008|11:52] C:\Program Files\Fichiers communs\Services
   [18/08/2008|12:48] C:\Program Files\Fichiers communs\SpeechEngines
   [18/01/2009|16:34] C:\Program Files\Fichiers communs\Stardock
   [19/12/2008|16:36] C:\Program Files\Fichiers communs\System
   [19/12/2008|16:30] C:\Program Files\Fichiers communs\Windows Live
   [18/08/2008|17:02] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [13/02/2009|20:48] C:\Program Files\Fichiers communs\Wise Installation Wizard

   --------------------\\  Process

   ( 50 Processes )

   ... OK !

   --------------------\\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !

   --------------------\\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\Gael\LOCALS~1\Temp\nsj7C.tmp
   C:\DOCUME~1\Gael\LOCALS~1\Temp\nst7A.tmp
   C:\DOCUME~1\Gael\Cookies\gael@adopt.euroclick[1].txt

   --------------------\\  Verification du Registre

   ..... OK !

   --------------------\\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\\  Recherche de fichiers avec Catchme

   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-02-14 13:04:42
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 24

   --------------------\\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:92][D:71]-> C:\DOCUME~1\Gael\LOCALS~1\Temp
   [F:52][D:0]-> C:\DOCUME~1\Gael\Cookies
   [F:197][D:6]-> C:\DOCUME~1\Gael\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 14/02/2009|13:05 - Option : [1]

   --------------------\\  Fin du rapport a 13:05:36

Salut,

Parfait, tout est bien propre ;)

# 1 - Suppression des outils précédemment utilisés

Télécharge ToolsCleaner2 par A.Rothstein sur ton Bureau.

• Execute le, clique droit >> Executer en tant qu'administrateur sous Vista (si sous XP, ignore cette étape).
• Clique sur le bouton Recherche, si le programme ne répond pas ou si la fenêtre devient blanche c'est normal.
• Une fois que la recherche est terminé, clique sur Suppression.
• Ensuite clique sur, Vider la corbeille et Vider les fichiers temporaires.

NB: A la fin (il y aura des indications dans le cadre en-dessous), clique sur "Quitter" et poste le rapport qui se trouve dans C:\Tcleaner.txt

~~

Juste par pur paranoïa, peux tu scanner ce fichier sur Virus total (à moins que tu ne le connaisse) :

Rend toi sur Virustotal
Clique sur "Parcourir", dans la barre de recherche :

Copie colle : C:\Documents and Settings\All Users\Application Data\EAW Deathstar.scr
Clique alors sur le bouton "Envoyer le fichier" :

Comunique moi le rapport de scan.

- C'est fait pour la suppression, mais pour le fichier à envoyer, je les ais supprimer....