Infecté par un virus, mais lequel?

Bonjour à tous, voilà hier soir après une négligence de ma part, je me suis rendu compte que j’avais été infecté par un virus, avast m’a signalé plusieurs fichiers infectés que j’ai placé en quarantaine mais il en reste un ou plusieurs qui posent problème.

Tout d’abord il m’est impossible d’ouvrir mon gestionnaire des tâches, j’ai le message “le gestionnaire des tâches a été desactivé par l’administrateur” , j’ai donc essayé de le réactivé via “regedit.exe” mais il m’est impossible aussi d’accéder à l’éditeut de registre.
J’ai fais un scan avec avast au démarrage mais il n’a rien trouvé à part un fichier que j’ai mis en quarantaine, et un autre scan avec spybot qui a trouvé divers spyware, adware… et les a éliminés.

J’ai donc besoin de votre aide sur ce coup là, je ne sais pas quoi faire, je vais relancer un scan minutieux en attendant, si vous avez des solutions je suis preneur.

En espérant que vous pourrez m’aider.
Merci.

:hello:

Clique [ici](http://images.malwareremoval.com/random/RSIT.exe) pour télécharger random's system information tool (RSIT) par random/random et sauvegarde le sur ton [b]Bureau[/b]

• Double-clique sur RSIT.exe pour l’exécuter.

• Clique sur le bouton “Continue” sur la fenêtre d’avertissement.

• Une fois le scan terminé, tu auras deux rapports qui seront ouverts : log.txt et info.txt (c:\rsit)

• Poste les dans ta prochaine réponse s’il te plait,en les séparant
  Note : un rapport hijackthis est contenu dans le rapport log.txt
  Edité le 23/01/2009 à 13:35

Faut que je poste la totalité de ces 2 rapports? ils sont hyper longs :s

EDIT: bon alors en 1er, le fichier info.txt

info.txt logfile of random’s system information tool 1.05 2009-01-23 14:19:32

======Uninstall list======

–>C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe” -l0x40c
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)–>msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
Adobe Flash Player ActiveX–>C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin–>C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3 - Français–>MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Advanced Audio FX Engine–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe” -l0x40c /remove
Advanced Video FX Engine–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe” -l0x40c /remove
AIMP2–>C:\Program Files\AIMP2\UnInstall.exe
Apple Mobile Device Support–>MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update–>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR–>C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live–>MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Audacity 1.3.4 (Unicode)–>“C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe”
avast! Antivirus–>C:\Program Files\Alwil Software\Avast4\aswRunDll.exe “C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll”,RunSetup
Bonjour–>MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Browser Address Error Redirector–>MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
CDex extraction audio–>“C:\Program Files\CDex_170b2\uninstall.exe”
Choice Guard–>MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Correctif pour Windows XP (KB952287)–>“C:\WINDOWS$NtUninstallKB952287$\spuninst\spuninst.exe”
Dawn of War - Dark Crusade–>C:\Program Files\InstallShield Installation Information{FF39FC01-819B-42E4-AE49-1968AF12DDD4}\setup.exe -runfromtemp -l0x0009 -removeonly
Dawn of War - Soulstorm–>“C:\Program Files\InstallShield Installation Information{20533183-D42D-4261-A125-956736FBEA8C}\setup.exe” -runfromtemp -l0x0009 -removeonly
DawnOfWar–>C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{362D5167-9716-44BE-89FD-BF9EB6EF814B}
Dell Support Center–>MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
Dell Touchpad–>C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
Dell Webcam Center–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe” -l0x40c /remove
Dell Webcam Manager–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe” -l0x40c /remove
Fable - The Lost Chapters–>C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}
Glary Utilities 2.6–>“C:\Program Files\Glary Utilities\unins000.exe”
Grand Theft Auto IV–>“C:\Program Files\InstallShield Installation Information{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe” -runfromtemp -l0x040c -removeonly
Guitar Pro 5.0–>“C:\Program Files\Guitar Pro 5\unins000.exe”
Half-Life® 2–>MsiExec.exe /I{D45EC259-4A19-4656-B588-C2C360DD18EA}
Hellgate : London–>MsiExec.exe /X{A2B4455D-1046-4732-BFBC-0821BEFC07BC}
High Definition Audio Driver Package - KB835221–>C:\WINDOWS$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2–>“C:\Program Files\trend micro\HijackThis.exe” /uninstall
Installation Windows Live–>C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live–>MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
iTunes–>MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java™ 6 Update 5–>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java™ 6 Update 7–>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Laptop Integrated Webcam Driver (1.00.01.0108) -->C:\WINDOWS\CtDrvIns.exe -uninstall -script OEM013.uns -plugin OEM13Pin.dll -pluginres OEM13Pin.crl -nodisconprompt -langid 0x040C
Live! Cam Avatar Creator–>C:\Program Files\InstallShield Installation Information{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe -runfromtemp -l0x040c -removeonly /remove
Live! Cam Avatar–>C:\Program Files\InstallShield Installation Information{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}\setup.exe -runfromtemp -l0x040c -removeonly /remove
Logiciel Intel® PROSet/Wireless–>C:\WINDOWS\Installer\iProInst.exe
mCore–>MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDrWiFi–>MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
Messenger Plus! Live–>“C:\Program Files\Messenger Plus! Live\Uninstall.exe”
mHlpDell–>MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft .NET Framework 1.1 French Language Pack–>MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)–>“C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe” “C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp”
Microsoft .NET Framework 1.1–>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1–>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0–>C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0 French Language Pack–>MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0–>c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0–>MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable–>MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5–>“C:\WINDOWS$NtUninstallWdf01005$\spuninst\spuninst.exe”
Microsoft Office Access MUI (French) 2007–>MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007–>MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007–>MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)–>msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007–>MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007–>MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)–>MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007–>“C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe” /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007–>MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007–>MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007–>MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007–>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007–>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007–>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007–>MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007–>MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007–>MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007–>MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007–>MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0–>“C:\WINDOWS$NtUninstallWudf01000$\spuninst\spuninst.exe”
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft WinUsb 1.0–>“C:\WINDOWS$NtUninstallwinusb0100$\spuninst\spuninst.exe”
Microsoft Works–>MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)–>“C:\WINDOWS$NtUninstallKB952069_WM9$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)–>“C:\WINDOWS$NtUninstallKB923723$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB938464)–>“C:\WINDOWS$NtUninstallKB938464$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB946648)–>“C:\WINDOWS$NtUninstallKB946648$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB950759)–>“C:\WINDOWS$NtUninstallKB950759$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB950760)–>“C:\WINDOWS$NtUninstallKB950760$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB950762)–>“C:\WINDOWS$NtUninstallKB950762$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB950974)–>“C:\WINDOWS$NtUninstallKB950974$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951066)–>“C:\WINDOWS$NtUninstallKB951066$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951376-v2)–>“C:\WINDOWS$NtUninstallKB951376-v2$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951698)–>“C:\WINDOWS$NtUninstallKB951698$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951748)–>“C:\WINDOWS$NtUninstallKB951748$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB952954)–>“C:\WINDOWS$NtUninstallKB952954$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB953838)–>“C:\WINDOWS$NtUninstallKB953838$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB953839)–>“C:\WINDOWS$NtUninstallKB953839$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB954211)–>“C:\WINDOWS$NtUninstallKB954211$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB954459)–>“C:\WINDOWS$NtUninstallKB954459$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB954600)–>“C:\WINDOWS$NtUninstallKB954600$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB955069)–>“C:\WINDOWS$NtUninstallKB955069$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956390)–>“C:\WINDOWS$NtUninstallKB956390$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956391)–>“C:\WINDOWS$NtUninstallKB956391$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956802)–>“C:\WINDOWS$NtUninstallKB956802$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956803)–>“C:\WINDOWS$NtUninstallKB956803$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956841)–>“C:\WINDOWS$NtUninstallKB956841$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB957095)–>“C:\WINDOWS$NtUninstallKB957095$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB957097)–>“C:\WINDOWS$NtUninstallKB957097$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB958215)–>“C:\WINDOWS$NtUninstallKB958215$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB958644)–>“C:\WINDOWS$NtUninstallKB958644$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB958687)–>“C:\WINDOWS$NtUninstallKB958687$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB960714)–>“C:\WINDOWS$NtUninstallKB960714$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB951072-v2)–>“C:\WINDOWS$NtUninstallKB951072-v2$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB951978)–>“C:\WINDOWS$NtUninstallKB951978$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB955839)–>“C:\WINDOWS$NtUninstallKB955839$\spuninst\spuninst.exe”
mIWA–>MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView–>MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse–>MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Module de compatibilité pour Microsoft Office System 2007–>MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA–>C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0–>c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
mPfMgr–>MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz–>MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe–>MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSCfg–>MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538}
mSSO–>MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSVCRT–>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 6.0 Parser (KB933579)–>MsiExec.exe /I{1787603C-E6E3-42D4-8034-55F358486F1D}
mWlsSafe–>MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mWMI–>MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA}
mZConfig–>MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Need for Speed™ Carbon–>C:\Program Files\Electronic Arts\Need for Speed Carbon\EAUninstall.exe
NVIDIA Drivers–>C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OpenAL–>“C:\Program Files\OpenAL\OalinstGridRelease.exe” /U
Opera 9.51–>MsiExec.exe /X{179624B1-2683-45ED-965A-B72189EB5820}
Outil de téléchargement Windows Live–>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Vista Inspirat 2 1.0–>C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
PowerDVD–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe” -l0x40c -cluninstall
Pro Evolution Soccer 2008–>C:\Program Files\InstallShield Installation Information{2FDFD600-7338-4738-90D5-FC4ACA08DC36}\setup.exe -runfromtemp -l0x040c
Pure–>C:\Program Files\InstallShield Installation Information{FF3C203A-2F19-43A2-9C7C-EC1B5A0FC873}\setup.exe -runfromtemp -l0x0c0c Pure -removeonly
QuickSet–>C:\Program Files\InstallShield Installation Information{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe -runfromtemp -l0x040c APPDRVNT4 -removeonly
QuickTime–>MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Realtek High Definition Audio Driver–>RtlUpd.exe -r -m
Rockstar Games Social Club–>“C:\Program Files\InstallShield Installation Information{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe” -runfromtemp -l0x040c -removeonly
Roxio Activation Module–>MsiExec.exe /I{07159635-9DFE-4105-BFC0-2817DB540C68}
Roxio Creator Audio–>MsiExec.exe /I{83FFCFC7-88C6-41C6-8752-958A45325C82}
Roxio Creator BDAV Plugin–>MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy–>MsiExec.exe /I{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}
Roxio Creator Data–>MsiExec.exe /I{0D397393-9B50-4C52-84D5-77E344289F87}
Roxio Creator DE–>MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools–>MsiExec.exe /I{0394CDC8-FABD-4ED8-B104-03393876DFDF}
Roxio Drag-to-Disc–>MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}
Roxio Express Labeler 3–>MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio Update Manager–>MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SearchAssist–>C:\DELL\SearchAssist\UninstSA.bat
Security Update for 2007 Microsoft Office System (KB951550)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Segoe UI–>MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Serious Samurize–>“C:\Program Files\Samurize\Uninstall.exe”
Sonic CinePlayer Decoder Pack–>MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}
SpeedFan (remove only)–>“C:\Program Files\SpeedFan\uninstall.exe”
Spybot - Search & Destroy–>“C:\Program Files\Spybot - Search & Destroy\unins000.exe”
Steam™–>MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Test Drive Unlimited–>MsiExec.exe /X{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}
The KMPlayer (remove only)–>“C:\Program Files\The KMPlayer\uninstall.exe”
Transfert Windows–>“C:\WINDOWS$NtUninstallWETCable$\spuninst\spuninst.exe”
Update for Microsoft Office Outlook 2007 (KB952142)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb959141)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CC6191C2-B0CE-473C-AD77-61EA3497D796}
VideoLAN VLC media player 0.8.6i–>C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Communication Foundation–>MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Live Call–>MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform–>MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Messenger–>MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Media Format 11 runtime–>“C:\Program Files\Windows Media Player\wmsetsdk.exe” /UninstallAll
Windows Media Format 11 runtime–>“C:\WINDOWS$NtUninstallWMFDist11$\spuninst\spuninst.exe”
Windows Presentation Foundation Language Pack (FRA)–>MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation–>MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack–>MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows Workflow Foundation–>MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 3–>“C:\WINDOWS$NtServicePackUninstall$\spuninst\spuninst.exe”
XML Paper Specification Shared Components Language Pack 1.0–>“C:\WINDOWS$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe”

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 090122-0]

System event log

Computer Name: BEN
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l’état : en cours d’exécution.

Record Number: 12499
Source Name: Service Control Manager
Time Written: 20081226221645.000000+060
Event Type: Informations
User:

Computer Name: BEN
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Carte de performance WMI.

Record Number: 12498
Source Name: Service Control Manager
Time Written: 20081226221645.000000+060
Event Type: Informations
User: BEN\B3n

Computer Name: BEN
Event Code: 7036
Message: Le service Acquisition d’image Windows (WIA) est entré dans l’état : en cours d’exécution.

Record Number: 12497
Source Name: Service Control Manager
Time Written: 20081226205616.000000+060
Event Type: Informations
User:

Computer Name: BEN
Event Code: 4202
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{CCA953B0-BE31-4436-813D-AE6C34A28D91} était déconnectée du réseau,
et la configuration réseau de la carte a été abandonnée. Si la carte
réseau n’était pas déconnectée, ceci peut indiquer un disfonctionnement.
Contactez le fabricant pour des pilotes mis à jour.

Record Number: 12496
Source Name: Tcpip
Time Written: 20081226205609.000000+060
Event Type: Informations
User:

Computer Name: BEN
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l’état : arrêté.

Record Number: 12495
Source Name: Service Control Manager
Time Written: 20081226191732.000000+060
Event Type: Informations
User:

Application event log

Computer Name: BEN
Event Code: 32068
Message: La règle de routage de trafic sortant n’est pas valide car elle ne peut pas trouver de périphérique valide. Les télécopies sortantes qui utilisent cette règle ne peuvent pas être acheminées. Vérifiez que le ou les périphériques concernés (en cas de routage vers un groupe de périphériques) sont connectés et installés correctement et allumés. En cas de routage vers un groupe, vérifiez que le groupe est configuré correctement.
Code de pays/région : ‘’
Indicatif régional : '’

Record Number: 3320
Source Name: Microsoft Fax
Time Written: 20081204144101.000000+060
Event Type: Avertissement
User:

Computer Name: BEN
Event Code: 32026
Message: Le service de télécopie n’a pas pu initialiser de périphériques de télécopies attribués (virtuel ou TAPI).
Aucune télécopie ne peut être envoyée ou reçue tant qu’un périphérique de télécopies n’a pas été installé.

Record Number: 3319
Source Name: Microsoft Fax
Time Written: 20081204144101.000000+060
Event Type: Avertissement
User:

Computer Name: BEN
Event Code: 0
Message:
Record Number: 3318
Source Name: RegSrvc
Time Written: 20081204144100.000000+060
Event Type: Informations
User:

Computer Name: BEN
Event Code: 0
Message:
Record Number: 3317
Source Name: EvtEng
Time Written: 20081204144059.000000+060
Event Type: Informations
User:

Computer Name: BEN
Event Code: 1
Message:
Record Number: 3316
Source Name: Bonjour Service
Time Written: 20081204144059.000000+060
Event Type: Informations
User:

======Environment variables======

“ComSpec”=%SystemRoot%\system32\cmd.exe
“Path”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared;C:\Program Files\Fichiers communs\Roxio Shared\9.0\DLLShared;C:\Program Files\QuickTime\QTSystem
“windir”=%SystemRoot%
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“PROCESSOR_ARCHITECTURE”=x86
“PROCESSOR_LEVEL”=6
“PROCESSOR_IDENTIFIER”=x86 Family 6 Model 23 Stepping 6, GenuineIntel
“PROCESSOR_REVISION”=1706
“NUMBER_OF_PROCESSORS”=2
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“RoxioCentral”=C:\Program Files\Fichiers communs\Roxio Shared\9.0\Roxio Central33
“SamDir”=SINSTDIR
“CLASSPATH”=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
“QTJAVA”=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
“HellgateEnv”=C:\Program Files\Flagship Studios\Hellgate London
“RGSCLauncher”=C:\Program Files\Rockstar Games\Rockstar Games Social Club
“RGSC”=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------

Et en 2ème le fichier log.txt:

Logfile of random’s system information tool 1.05 (written by random/random)
Run by B3n at 2009-01-23 14:18:33
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 2 GB (1%) free of 305 GB
Total RAM: 3070 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:19:27, on 23/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\OEM13Mon.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\B3n\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Documents and Settings\B3n\Bureau\RSIT.exe
C:\Program Files\trend micro\B3n.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.fr…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www1.euro.dell.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www1.euro.dell.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com…
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = www.vista-inspirat.net…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google plugin - {085E2757-F41D-42d1-B4CC-9DADF7113BBC} - aj32.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O4 - HKLM…\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM…\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [OEM13Mon.exe] C:\WINDOWS\OEM13Mon.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe”
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [IntelZeroConfig] “C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe”
O4 - HKLM…\Run: [IntelWireless] “C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” /tf Intel PROSet/Wireless
O4 - HKLM…\Run: [dscactivate] “C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe”
O4 - HKLM…\Run: [PDVDDXSrv] “C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe”
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM…\RunOnce: [SpybotDeletingA1259] command /c del “C:\WINDOWS\system32\cmds.txt”
O4 - HKLM…\RunOnce: [SpybotDeletingC7217] cmd /c del “C:\WINDOWS\system32\cmds.txt”
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [ISUSPM] “C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe” -scheduler
O4 - HKCU…\Run: [AlcoholAutomount] “C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe” /automount
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [Google Update] “C:\Documents and Settings\B3n\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” /c
O4 - HKCU…\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU…\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU…\RunOnce: [SpybotDeletingB8442] command /c del “C:\WINDOWS\system32\cmds.txt”
O4 - HKCU…\RunOnce: [SpybotDeletingD6416] cmd /c del “C:\WINDOWS\system32\cmds.txt”
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE…
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com…
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com…
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

–
End of file - 11647 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-792045890-538127406-2422677965-1005.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d’Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{085E2757-F41D-42d1-B4CC-9DADF7113BBC}]
Google plugin - C:\WINDOWS\system32\aj32.dll [2009-01-22 55296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Apoint”=C:\Program Files\DellTPad\Apoint.exe [2008-02-21 159744]
“NvCplDaemon”=C:\WINDOWS\system32\NvCpl.dll [2008-03-04 13508608]
“nwiz”=nwiz.exe /installquiet []
“NVHotkey”=C:\WINDOWS\system32\nvHotkey.dll [2008-03-04 86016]
“NvMediaCenter”=C:\WINDOWS\system32\NvMcTray.dll [2008-03-04 86016]
“OEM13Mon.exe”=C:\WINDOWS\OEM13Mon.exe [2008-02-21 36864]
“SunJavaUpdateSched”=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
“RTHDCPL”=C:\WINDOWS\RTHDCPL.EXE [2008-02-21 16855552]
“Alcmtr”=C:\WINDOWS\ALCMTR.EXE [2008-02-21 69632]
“IntelZeroConfig”=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-07-25 823296]
“IntelWireless”=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-07-25 974848]
“dscactivate”=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]
“PDVDDXSrv”=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2008-02-26 128296]
“avast!”=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
“QuickTime Task”=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
“iTunesHelper”=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
“DAEMON Tools”=C:\Program Files\DAEMON Tools\daemon.exe [2006-09-14 157592]
“Adobe Reader Speed Launcher”=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
“SpybotDeletingA1259”=command /c del C:\WINDOWS\system32\cmds.txt []
“SpybotDeletingC7217”=cmd /c del C:\WINDOWS\system32\cmds.txt []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
“ISUSPM”=C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]
“AlcoholAutomount”=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-12-22 222080]
“MSMSGS”=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
“Google Update”=C:\Documents and Settings\B3n\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-10-15 133104]
“RGSC”=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2009-01-22 306088]
“SpybotSD TeaTimer”=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
“SpybotDeletingB8442”=command /c del C:\WINDOWS\system32\cmds.txt []
“SpybotDeletingD6416”=cmd /c del C:\WINDOWS\system32\cmds.txt []

C:\Documents and Settings\B3n\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati3bixx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati3ubxx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati4jpxx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati6jqxx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati7gmxx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ati3bixx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ati3ubxx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ati4jpxx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ati6jqxx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ati7gmxx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“DisableRegistryTools”=1
“DisableTaskMgr”=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe”="C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe::Enabled:CyberLink PowerDVD DX"
“C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe”=“C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe::Enabled:CyberLink PowerDVD DX Resident Program"
“C:\Program Files\THQ\Dawn of War\W40k.exe”="C:\Program Files\THQ\Dawn of War\W40k.exe::Enabled:W40K”
“C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe”=“C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe::Enabled:DarkCrusade"
“C:\Program Files\Opera\opera.exe”="C:\Program Files\Opera\opera.exe::Enabled:Opera Internet Browser”
“C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE”=“C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE::Enabled:Microsoft Office Outlook"
“C:\Program Files\THQ\Dawn of War - Soulstorm\Soulstorm.exe”="C:\Program Files\THQ\Dawn of War - Soulstorm\Soulstorm.exe::Enabled:Soulstorm”
“C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe”=“C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe::Enabled:Test Drive Unlimited"
“C:\Program Files\Valve\Steam\SteamApps\b3n59\counter-strike source\hl2.exe”="C:\Program Files\Valve\Steam\SteamApps\b3n59\counter-strike source\hl2.exe::Enabled:hl2”
“C:\Program Files\uTorrent\uTorrent.exe”=“C:\Program Files\uTorrent\uTorrent.exe::Enabled:µTorrent"
“C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe”="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe::Enabled:Pro Evolution Soccer 2008”
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“C:\Program Files\Bonjour\mDNSResponder.exe”="C:\Program Files\Bonjour\mDNSResponder.exe::Enabled:Bonjour"
“C:\Program Files\iTunes\iTunes.exe”=“C:\Program Files\iTunes\iTunes.exe::Enabled:iTunes"
“C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe”="C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe::Enabled:Hellgate : London”
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”=“C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Enabled:Windows Live Call"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger”
“C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe”=“C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe::Enabled:Rockstar Games Social Club"
“C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe”="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe::Enabled:Grand Theft Auto IV”

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe”="C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe::Enabled:CyberLink PowerDVD DX"
“C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe”=“C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe::Enabled:CyberLink PowerDVD DX Resident Program"
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000”
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”=“C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Enabled:Windows Live Call"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger”

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{299d5fd8-6152-11dd-a254-001c23590b38}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{4a3fd0df-e0a4-11dd-a364-9ec15bec9b6a}]
shell\Auto\command - Start.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{505b3651-baeb-11dd-a31e-001c23590b38}]
shell\AutoRun\command - G:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{535df48b-cf9a-11dd-a341-001c23590b38}]
shell\AutoRun\command - H:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{6fb9736e-ab30-11dd-a304-001c23590b38}]
shell\AutoRun\command - F:\autorun.exe
shell\directx\command - F:\DirectX9\dxsetup.exe
shell\setup\command - F:\install.exe

======List of files/folders created in the last 1 months======

2009-01-23 14:18:36 ----D---- C:\Program Files\trend micro
2009-01-23 14:18:33 ----D---- C:\rsit
2009-01-23 13:37:27 ----A---- C:\WINDOWS\system32\alog.txt
2009-01-23 13:01:06 ----HD---- C:\WINDOWS\system32\GroupPolicy
2009-01-23 12:44:00 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-23 12:44:00 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-22 22:15:41 ----A---- C:\WINDOWS\system32\aj32.dll
2009-01-22 21:24:05 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-01-22 21:24:03 ----HDC---- C:\WINDOWS$NtUninstallWudf01000$
2009-01-22 21:23:32 ----HDC---- C:\WINDOWS$NtUninstallWMFDist11$
2009-01-22 21:22:35 ----D---- C:\WINDOWS\system32\xlive
2009-01-22 21:22:32 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2009-01-22 20:32:39 ----HDC---- C:\WINDOWS$NtUninstallXPSEPSCLP$
2009-01-22 20:29:24 ----D---- C:\WINDOWS\system32\XPSViewer
2009-01-22 20:29:23 ----D---- C:\WINDOWS\system32\en-us
2009-01-22 20:29:05 ----D---- C:\Program Files\Reference Assemblies
2009-01-22 20:28:41 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-01-22 20:26:06 ----D---- C:\Program Files\Rockstar Games
2009-01-14 07:27:53 ----HDC---- C:\WINDOWS$NtUninstallKB958687$
2009-01-07 18:52:51 ----D---- C:\Program Files\Windows Live SkyDrive
2009-01-07 18:46:40 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-01-02 13:52:28 ----N---- C:\WINDOWS\system32\pxhpinst.exe

======List of files/folders modified in the last 1 months======

2009-01-23 14:18:36 ----RD---- C:\Program Files
2009-01-23 13:38:19 ----D---- C:\WINDOWS\system32
2009-01-23 12:58:55 ----A---- C:\WINDOWS\wininit.ini
2009-01-23 12:44:37 ----D---- C:\WINDOWS\Temp
2009-01-23 12:37:31 ----D---- C:\WINDOWS\system32\drivers
2009-01-23 12:36:09 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-23 12:35:15 ----D---- C:\WINDOWS
2009-01-23 11:04:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-22 22:55:19 ----RSD---- C:\WINDOWS\assembly
2009-01-22 22:55:01 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-22 21:43:09 ----SHD---- C:\WINDOWS\Installer
2009-01-22 21:42:57 ----HD---- C:\WINDOWS\inf
2009-01-22 21:42:57 ----D---- C:\WINDOWS\system32\DirectX
2009-01-22 21:24:48 ----D---- C:\WINDOWS\WinSxS
2009-01-22 21:24:48 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-22 21:24:05 ----D---- C:\WINDOWS\system32\LogFiles
2009-01-22 21:23:51 ----A---- C:\WINDOWS\imsins.BAK
2009-01-22 21:23:41 ----D---- C:\Program Files\Windows Media Player
2009-01-22 21:23:38 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-01-22 20:50:47 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-22 20:32:32 ----D---- C:\WINDOWS\system32\fr-fr
2009-01-22 20:31:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-22 20:31:32 ----D---- C:\Program Files\MSBuild
2009-01-22 20:29:21 ----RSD---- C:\WINDOWS\Fonts
2009-01-22 20:28:45 ----D---- C:\WINDOWS\system32\spool
2009-01-22 20:27:49 ----D---- C:\WINDOWS\Prefetch
2009-01-21 10:06:33 ----D---- C:\Program Files\SpeedFan
2009-01-15 10:53:06 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-01-14 07:27:46 ----HD---- C:\WINDOWS$hf_mig$
2009-01-10 15:41:21 ----SD---- C:\Documents and Settings\B3n\Application Data\Microsoft
2009-01-10 02:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-07 18:53:06 ----D---- C:\Program Files\Microsoft
2009-01-07 18:52:55 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-07 18:52:32 ----D---- C:\Program Files\Windows Live
2009-01-07 18:46:40 ----D---- C:\Program Files\Fichiers communs
2009-01-01 23:22:23 ----D---- C:\Documents and Settings\All Users\Application Data\Test Drive Unlimited
2008-12-31 10:40:43 ----SD---- C:\WINDOWS\Tasks
2008-12-29 14:18:34 ----D---- C:\Documents and Settings\B3n\Application Data\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-07-23 30064]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.4.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-07-23 21393]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\Drivers\DLABMFSM.SYS [2007-07-23 37360]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\Drivers\DLABOIOM.SYS [2007-07-23 32848]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\Drivers\DLADResM.SYS [2007-07-23 9136]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\Drivers\DLAIFS_M.SYS [2007-07-23 108752]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\Drivers\DLAOPIOM.SYS [2007-07-23 27216]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\Drivers\DLAPoolM.SYS [2007-07-23 16304]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\Drivers\DLAUDF_M.SYS [2007-07-23 98448]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\Drivers\DLAUDFAM.SYS [2007-07-23 93552]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-07-23 52000]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-05-29 12416]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2008-02-21 155136]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-02-21 4625408]
R3 NETw4x32;Pilote de carte Intel® Wireless WiFi Link pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-08-12 2211456]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-03-04 6658592]
R3 O2MDRDR;O2MDRDR; C:\WINDOWS\system32\DRIVERS\o2media.sys [2008-02-21 48472]
R3 O2SDRDR;O2SDRDR; C:\WINDOWS\system32\DRIVERS\o2sd.sys [2008-02-21 43480]
R3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver; C:\WINDOWS\system32\DRIVERS\OEM13Vfx.sys [2008-02-21 7424]
R3 OEM13Vid;Creative Camera OEM013 Driver; C:\WINDOWS\system32\DRIVERS\OEM13Vid.sys [2008-02-21 235200]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d’hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 aiwkb8yn;aiwkb8yn; C:\WINDOWS\system32\drivers\aiwkb8yn.sys []
S3 am3uyvc5;am3uyvc5; C:\WINDOWS\system32\drivers\am3uyvc5.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 E100B;Pilote de carte Intel ® PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-02-21 105856]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Classe d’imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 winusb;Service WinUSB; C:\WINDOWS\system32\DRIVERS\WinUSB.SYS [2006-11-02 39368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-07-25 647168]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-03-04 155716]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-07-25 327680]
R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-07-25 987136]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WLANKEEPER;Intel® PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-07-25 294912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 stllssvr;stllssvr; C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------
Edité le 23/01/2009 à 14:27

Voilà le rapport de MBAM :

Malwarebytes’ Anti-Malware 1.33
Version de la base de données: 1683
Windows 5.1.2600 Service Pack 3

23/01/2009 19:29:15
mbam-log-2009-01-23 (19-29-10).txt

Type de recherche: Examen complet (C:|)
Eléments examinés: 160124
Temps écoulé: 1 hour(s), 29 minute(s), 32 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 7

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\aj32.dll (Trojan.BHO) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID{085e2757-f41d-42d1-b4cc-9dadf7113bbc} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{085e2757-f41d-42d1-b4cc-9dadf7113bbc} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{085e2757-f41d-42d1-b4cc-9dadf7113bbc} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components{0ea88f0f-b698-4ab1-8dbc-ebe2cd00927f} (Backdoor.Bot) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\aj32.dll (Trojan.BHO) -> No action taken.
C:\WINDOWS\system32\bb1.dat (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ps1.dat (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\rc.dat (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\boa1.dat (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\cs.dat (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\alog.txt (Stolen.Data) -> No action taken.

J’ai supprimé la sélection comme tu m’as conseillé, j’ai redémarré , j’appuye sur Ctrl+Alt+Suppr et la Ô miracle ca marche

Merci beaucoup pour ton aide senosen, tu a été très clair, je n’ai recontré aucun problème dans les manips que tu m’a demandé de faire et finalement je me suis débarassé de ce petit spyware

Encore merci.

:hello:

heu tu peux me mettre le rapport Hijackthis.

car pour moi c’est pas fini

Voilà le rapport Hijackthis, tu y vois quelque chose?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:58, on 24/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\OEM13Mon.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\B3n\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\trend micro\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.fr…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www1.euro.dell.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www1.euro.dell.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com…
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = www.vista-inspirat.net…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O4 - HKLM…\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM…\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [OEM13Mon.exe] C:\WINDOWS\OEM13Mon.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe”
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [IntelZeroConfig] “C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe”
O4 - HKLM…\Run: [IntelWireless] “C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” /tf Intel PROSet/Wireless
O4 - HKLM…\Run: [dscactivate] “C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe”
O4 - HKLM…\Run: [PDVDDXSrv] “C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe”
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [ISUSPM] “C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe” -scheduler
O4 - HKCU…\Run: [AlcoholAutomount] “C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe” /automount
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [Google Update] “C:\Documents and Settings\B3n\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” /c
O4 - HKCU…\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE…
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com…
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com…
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

–
End of file - 10211 bytes

Salut

Aucune infection d’apparente dans ton log hijackthis mais par précaution fait un [scan en ligne avec bitdefender[/url] [url=http://lasecuritepourtous.free.fr/les-scanners-en-ligne/bitdefender-online-scanner.html]b[/b]](http://www.bitdefender.fr/scan_fr/scan8/ie.html)

:hello: Rid3r

:hello: Guigui

Effectivement aucune infection.

Mais car il y a toujours un mais … pour gagner en rapidité à l’ouverture de windows et pour éviter de bouffer de la mémoire pour rien fais:

démarrer >> exécuter >> tape msconfig >> ouvre l’onglet démarrage et décoche tout ce qui a un rapport avec:

Appliquer et OK

Au redémarrage de l’ordi coche la case

Acrobat reader est un bouffeur de ressources tu devrais le désinstaller et le remplacer par Foxit reader. plus léger et plus rapide.

Avast n’est plus ce qu’il était … la preuve tu es là . A lire

Tu devrais le remplacer par Antivir. Si tu es OK je te passerai la procédure.

Internet explorer n’est pas à jour. IE7 est quand même mieux au niveau sécurité … il va de soi que le mieux serait encore de naviguer avec Firefox . Je peux te guider pour ce choix.
Edité le 25/01/2009 à 17:28

Salut, j’ai refais des analyses avec MBAM dans la semaine pour vérifier la présence ou non d’un fichier contaminé mais apparement plus de traces , pour ce qui est des programmes au démarrage j’ai suivi tes conseils et j’ai enlevé ces programmes et j’avoue que mon pc revit ^^ .

Je veux bien aussi de la procédure pour antivir car si vous pensez qu’avast a fait son temps il serait judicieux pour moi de vous écouter.
Quant a IE7 il n’est pas à jour car je ne m’en sert jamais… je navigue sous opéra et FF3.