[Resolu] trojan-downloader.win32.bagle.at; mode sans echec impossible

kalchrof · le 18 mars 2009

norton etait de base à l'achat mais je ai plus renouvellé la license (on ne rit pas stp) depuis 3 ans.

voici le rapport RSIT

info.txt logfile of random's system information tool 1.05 2009-03-18 17:14:31

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}

Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}

Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Media Player-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.amp 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

Adobe Media Player-->MsiExec.exe /I{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}

Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}

Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log

Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}

Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}

ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

Auto Gordian Knot 2.45-->C:\Program Files\AutoGK\uninst.exe

AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"

Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}

Brickshooter Egypt-->"C:\Program Files\Brickshooter Egypt\unins000.exe"

Canon i560-->C:\WINDOWS\system32\CNMCP58.exe "-PRINTERNAMECanon i560" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon i560 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon i560 Installer\Inst2\cnmi040c.dll"

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

Coffret de pilotes Logitech Legacy USB Camera-->"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\legacyqcam\10.51.2023\LgDrvInst.exe" -remove -instdir"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\legacyqcam\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"legacyqcam_10.51" /clone_wait /hide_progress

Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress

Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"

dBpoweramp DSP Effects-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp DSP Effects.dat

dBpoweramp Musepack Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Musepack Codec.dat

dBpoweramp Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat

dBpoweramp WavPack Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp WavPack Codec.dat

Defenza-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B3AA536-2193-4D9B-812A-DE45C4D57AD1}\Setup.exe" -l0x9

Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}

DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC

DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER

DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER

DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN

DVDFab Platinum 3.0.9.8-->"C:\Program Files\DVDFab Platinum 3\unins000.exe"

e-Carte Bleue Banque Populaire-->"C:\Program Files\InstallShield Installation Information\{B0900CB5-8EC0-43B4-9DAC-A32FE52DC864}\setup.exe" -runfromtemp -l0x040c -removeonly

eMule Applejuice-->C:\Program Files\eMule.v0.48a.Applejuice.v2.0.1\eMule Applejuice\uninstall.exe

EncFlac 1.1.2-->"C:\Program Files\Winamp\EncFlac-Uninstall.exe"

EncVorbis 1.1-->"C:\Program Files\Winamp\EncVorbis-Uninstall.exe"

ESET Online Scanner-->C:\WINDOWS\system32\OnlineScannerUninstaller.exe

Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}

FLAC 1.1.4b (remove only)-->C:\Program Files\FLAC\uninstall.exe

foobar2000 v0.9.5.6-->"C:\Program Files\foobar2000\uninstall.exe"

Furnish Pro-->C:\WINDOWS\unvise32.exe C:\Program Files\Furnish Pro\Furnish Pro uninstal.log

HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall

iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}

Java 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}

Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}

Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Java 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}

Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

Java SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}

LG PC Suite-->C:\Program Files\InstallShield Installation Information\{993960EE-CA4D-443F-8F88-E24260DD5FD2}\setup.exe -runfromtemp -l0x040c -removeonly

LG USB Modem driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly

Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876}

Logitech Updater-->MsiExec.exe /I{53735ECE-E461-4FD0-B742-23A352436D3A}

Luxor 3-->C:\PROGRA~1\GAMEHO~1\LUXOR3~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\LUXOR3~1\INSTALL.LOG

Ma-Config.com plugin-->MsiExec.exe /I{6F06A42D-525C-49ED-8622-E16790956CD8}

Macromedia Flash Player 8-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5

Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}

Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}

Microsoft Baseline Security Analyzer 2.1-->MsiExec.exe /I{6AF5CAB9-FD0A-494F-8AA6-784D4B5D06C5}

Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}

Multi Virus Cleaner 2008-->"C:\Program Files\AxBx\Multi Virus Cleaner 2008\unins000.exe"

Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E916E61F-DE9D-4EAF-91E1-CEB50016326A}

Neuf - Media Center-->C:\Program Files\Neuf\Media Center\uninstall.exe

OpenOffice.org 2.4-->MsiExec.exe /I{1E0FF527-971B-4BBF-83D1-987E8DEE437D}

Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"

Pixie 1.4.1-->"C:\Program Files\Pixie\unins000.exe"

QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}

RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

RegCure 1.5.0.1-->C:\Program Files\RegCure\uninst.exe

Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}

Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}

Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}

Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}

Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}

Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}

Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}

SFR - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe

Spybot - Search & Destroy 1.5.2.20-->"C:\WINDOWS\unins000.exe"

SUPER © Version 2007.bld.23 (July 4, 2007)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0

TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}

UnzipThemAll 1.3-->"C:\Program Files\UnzipThemAll\unins000.exe"

Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}

Update for Office 2007 (KB946691)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C}

Version d'évaluation de Microsoft Office Professional 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL

VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe

VirusKeeper 2009 Pro Evaluation-->"C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\unins000.exe"

VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"

Winamp Essentials Pack v5.34-->C:\Program Files\Winamp\UninstallWinampEssentials.exe

Winamp Toolbar for Firefox-->"C:\Documents and Settings\christophe.SN1006475\Application Data\Mozilla\Firefox\Profiles\pl9g7xxp.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"

Winamp-->"C:\Program Files\Winamp\UninstWA.exe"

Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}

Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}

Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}

Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

WOT for Internet Explorer-->MsiExec.exe /X{08E16CBF-7029-4881-83DF-D0B3A63030B4}

Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins001.exe"

XviD MPEG4 Video Codec (remove only)-->"C:\WINDOWS\system32\xvid-uninstall.exe"

Yahoo! Anti-Spy-->C:\PROGRA~1\Yahoo!\Common\unypsr.exe

Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Security center information======

AV: Norton AntiVirus

FW: Norton AntiVirus

System event log

Computer Name: SN100647590008

Event Code: 7009

Message: Délai (30000 millisecondes) d'attente pour une connexion du service LiveUpdate.

Record Number: 2049097

Source Name: Service Control Manager

Time Written: 20090315184344.000000+060

Event Type: erreur

User:

Computer Name: SN100647590008

Event Code: 10005

Message: DCOM a reçu l'erreur "%1053" lors de la mise en route du service LiveUpdate avec les arguments ""

pour démarrer le serveur :

{03E0E6C2-363B-11D3-B536-00902771A435}

Record Number: 2049096

Source Name: DCOM

Time Written: 20090315184340.000000+060

Event Type: erreur

User: AUTORITE NT\SYSTEM

Computer Name: SN100647590008

Event Code: 7000

Message: Le service LiveUpdate n'a pas pu démarrer en raison de l'erreur :

Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.

Record Number: 2049095

Source Name: Service Control Manager

Time Written: 20090315183826.000000+060

Event Type: erreur

User:

Computer Name: SN100647590008

Event Code: 7009

Message: Délai (30000 millisecondes) d'attente pour une connexion du service LiveUpdate.

Record Number: 2049094

Source Name: Service Control Manager

Time Written: 20090315183825.000000+060

Event Type: erreur

User:

Computer Name: SN100647590008

Event Code: 10005

Message: DCOM a reçu l'erreur "%1053" lors de la mise en route du service LiveUpdate avec les arguments ""

pour démarrer le serveur :

{03E0E6C2-363B-11D3-B536-00902771A435}

Record Number: 2049093

Source Name: DCOM

Time Written: 20090315183820.000000+060

Event Type: erreur

User: AUTORITE NT\SYSTEM

Application event log

Computer Name: SN100647590008

Event Code: 101

Message: Niveau d'information : success

Retour à la planification précédente. L'exécution interviendra approximativement à 2:32 AM.

Record Number: 115522

Source Name: Automatic LiveUpdate Scheduler

Time Written: 20090317022704.000000+060

Event Type: Informations

User: AUTORITE NT\SYSTEM

Computer Name: SN100647590008

Event Code: 101

Message: Niveau d'information : error

LiveUpdate n'a pas pu poursuivre car certains fichiers binaires ne sont pas signés par Symantec. Il se peut qu'il y ait eu falsification.

Record Number: 115521

Source Name: Automatic LiveUpdate Scheduler

Time Written: 20090317022704.000000+060

Event Type: erreur

User: AUTORITE NT\SYSTEM

Computer Name: SN100647590008

Event Code: 101

Message: Niveau d'information : error

L'initialisation du sous-système COM a échoué. Code d'erreur : 0x8007041D

Record Number: 115520

Source Name: Automatic LiveUpdate Scheduler

Time Written: 20090317022659.000000+060

Event Type: erreur

User: AUTORITE NT\SYSTEM

Computer Name: SN100647590008

Event Code: 101

Message: Niveau d'information : success

Retour à la planification précédente. L'exécution interviendra approximativement à 2:26 AM.

Record Number: 115519

Source Name: Automatic LiveUpdate Scheduler

Time Written: 20090317022149.000000+060

Event Type: Informations

User: AUTORITE NT\SYSTEM

Computer Name: SN100647590008

Event Code: 101

Message: Niveau d'information : error

LiveUpdate n'a pas pu poursuivre car certains fichiers binaires ne sont pas signés par Symantec. Il se peut qu'il y ait eu falsification.

Record Number: 115518

Source Name: Automatic LiveUpdate Scheduler

Time Written: 20090317022149.000000+060

Event Type: erreur

User: AUTORITE NT\SYSTEM

======Environment variables======

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"NUMBER_OF_PROCESSORS"=1

"OS"=Windows_NT

"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\ATI Technologies\ATI Control Panel;C:\PROGRA~1\FICHIE~1\TVNAVI~1;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared;C:\Program Files\Fichiers communs\Roxio Shared\9.0\DLLShared;%PIXIEHOME%\bin;C:\Program Files\QuickTime Alternative\QTSystem

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"PIXIEHOME"=C:\Program Files\Pixie

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD

"PROCESSOR_LEVEL"=6

"PROCESSOR_REVISION"=0a00

"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

"RoxioCentral"=C:\Program Files\Fichiers communs\Roxio Shared\9.0\Roxio Central33\

"SHADERS"=%PIXIEHOME%\shaders

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"windir"=%SystemRoot%

-----------------EOF-----------------

et la suite

Logfile of random's system information tool 1.05 (written by random/random)

Run by christophe.SN1006475 at 2009-03-18 18:25:49

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 10 GB (9%) free of 111 GB

Total RAM: 1023 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:25:53, on 18/03/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\dllhost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe

C:\WINDOWS\System32\vssvc.exe

C:\WINDOWS\wanmpsvc.exe

C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

C:\WINDOWS\system32\ctfmon.exe

C:\apps\ABoard\ABoard.exe

C:\apps\ABoard\AOSD.exe

C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Keyboard\kbdap32a.EXE

C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Mouse\mouse32a.exe

C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Neuf\Media Center\MediaCenter.exe

C:\Program Files\Neuf\Media Center\httpd\httpd.exe

C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\christophe.SN1006475\Bureau\RSIT.exe

C:\Program Files\trend micro\christophe.SN1006475.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - (no file)

O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe

O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Keyboard\kbdap32a.EXE

O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Mouse\mouse32a.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm

O15 - Trusted Zone: http://www.eset.com

O15 - Trusted Zone: http://www.java.com

O15 - Trusted Zone: http://www.secuser.com

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase6662.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1145507999330

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_13.cab

O16 - DPF: {9D3AA934-55FA-4373-96FD-ED7787E4F161} (MouseHooker Class) - https://collectionsbmu.ville-ge.ch/Componen...ndowsHooker.dll

O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_fr_dl.cab

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab

O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - (no file)

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe

O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

O24 - Desktop Component 0: (no name) - C:\Documents and Settings\christophe.SN1006475\Mes documents\Mes images\DSC00877.JPG

O24 - Desktop Component 1: (no name) - C:\Documents and Settings\christophe.SN1006475\Mes documents\Mes images\DSC00874.JPG

O24 - Desktop Component 2: (no name) - C:\Documents and Settings\christophe.SN1006475\Mes documents\Mes images\DSC00840.JPG

--

End of file - 12177 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\Maintenance en 1 clic.job

C:\WINDOWS\tasks\MP Scheduled Scan.job

C:\WINDOWS\tasks\Norton AntiVirus - Analyse système complète - christophe.SN1006475.job

C:\WINDOWS\tasks\RegCure Program Check.job

C:\WINDOWS\tasks\RegCure.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{1050FBD2-23BA-4551-831E-6B72F17466F3}.job

C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]

Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]

ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-05-14 69632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-07-07 324416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-19 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]

WOT Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-17 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-17 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2003-04-28 360448]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-01-19 2436160]

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

{71576546-354D-41c9-AAE8-31F2EC22BF0D} - []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"ACTIVBOARD"=c:\apps\ABoard\ABoard.exe [2003-05-02 24576]

"OFFICEKB"=C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Keyboard\kbdap32a.EXE [2007-01-04 401920]

"FLMOFFICE4DMOUSE"=C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Mouse\mouse32a.exe [2007-01-04 370176]

"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]

"LogitechCommunicationsManager"=C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]

"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184]

"QuickTime Task"=C:\Program Files\QuickTime Alternative\qttask.exe [2008-03-28 413696]

"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-05-01 185896]

"MMTray"=C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe [2006-01-19 110592]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-07-09 36352]

"VirusKeeper"=C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe [2009-03-16 3824512]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-17 148888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Neuf Media Center"=C:\Program Files\Neuf\Media Center\MediaCenter.exe [2007-10-15 1025264]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"ccleaner"=C:\Program Files\CCleaner\ccleaner.exe [2009-02-19 1471728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

C:\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-08-12 335872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2009-03-14 115816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccRegVfy]

C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe [2002-11-19 59056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]

C:\Program Files\Roxio\Media Experience\DMXLauncher.exe [2006-08-14 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]

C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe [2006-01-19 11776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]

C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe [2006-01-19 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]

C:\Program Files\Norton AntiVirus\osCheck.exe [2009-03-16 26248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]

C:\Program Files\Picasa2\PicasaMediaDetector.exe [2007-09-28 443968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]

C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2006-07-31 1116920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]

C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-08-10 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-05-01 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

C:\Program Files\Winamp\winampa.exe [2008-07-09 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk]

C:\PROGRA~1\SAGEM\SAGEMF~1\dslmon.exe [2006-07-07 839680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Boonty Games"=3

"SymAppCore"=2

"Symantec Core LC"=3

"LiveUpdate Notice Service"=2

"LiveUpdate Notice Ex"=2

"LiveUpdate"=3

"ISPwdSvc"=3

"CLTNetCnService"=2

"ccSetMgr"=2

"ccEvtMgr"=2

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=323

"NoDriveAutoRun"=67108863

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=

"NoDriveAutoRun"=

"HonorAutoRunSetting"=

"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealOne Player"

"C:\Program Files\DivX\DivX Player\DivX Player.exe"="C:\Program Files\DivX\DivX Player\DivX Player.exe:*:Enabled:DivX Player"

"C:\Program Files\Fichiers communs\aolshare\sysinfo\sinf.exe"="C:\Program Files\Fichiers communs\aolshare\sysinfo\sinf.exe:*:Enabled:AOL - Informations sur le système"

"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"

"C:\Program Files\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\eMule.v0.48a.Applejuice.v2.0.1\emule.exe"="C:\Program Files\eMule.v0.48a.Applejuice.v2.0.1\emule.exe:*:Enabled:eMule"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Program Files\eMule.v0.48a.Applejuice.v2.0.1\eMule Applejuice\emule.exe"="C:\Program Files\eMule.v0.48a.Applejuice.v2.0.1\eMule Applejuice\emule.exe:*:Enabled:eMule"

"C:\Program Files\Neuf\Media Center\httpd\httpd.exe"="C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2009-03-18 17:14:17 ----D---- C:\Program Files\trend micro

2009-03-18 06:24:46 ----AC---- C:\ComboFix.txt

2009-03-18 06:02:44 ----D---- C:\WINDOWS\LastGood

2009-03-18 05:06:04 ----A---- C:\WINDOWS\NIRCMD.exe

2009-03-18 05:06:01 ----A---- C:\WINDOWS\SWREG.exe

2009-03-18 05:06:00 ----A---- C:\WINDOWS\zip.exe

2009-03-18 05:05:57 ----A---- C:\WINDOWS\grep.exe

2009-03-18 05:05:56 ----A---- C:\WINDOWS\sed.exe

2009-03-18 05:05:55 ----A---- C:\WINDOWS\fdsv.exe

2009-03-18 05:05:53 ----A---- C:\WINDOWS\VFIND.exe

2009-03-18 05:05:51 ----A---- C:\WINDOWS\SWSC.exe

2009-03-18 05:05:49 ----A---- C:\WINDOWS\SWXCACLS.exe

2009-03-18 05:02:41 ----D---- C:\WINDOWS\ERDNT

2009-03-18 05:00:21 ----DC---- C:\Qoobox

2009-03-17 00:06:44 ----DC---- C:\rsit

2009-03-11 18:44:15 ----D---- C:\Program Files\EsetOnlineScanner

2009-03-11 12:41:28 ----A---- C:\WINDOWS\system32\Machnm1.exe

2009-03-11 12:41:18 ----D---- C:\Program Files\Defenza

2009-03-11 10:51:18 ----D---- C:\WINDOWS\avxoscan

2009-03-11 09:42:44 ----A---- C:\WINDOWS\system32\javaws.exe

2009-03-11 09:42:44 ----A---- C:\WINDOWS\system32\javaw.exe

2009-03-11 09:42:44 ----A---- C:\WINDOWS\system32\java.exe

2009-03-11 09:23:29 ----D---- C:\Program Files\WOT

2009-03-11 02:34:00 ----D---- C:\Program Files\Windows Defender

2009-03-11 02:26:01 ----DC---- C:\fsaua.data

2009-03-11 02:22:01 ----D---- C:\Program Files\Update Services

2009-03-11 01:48:34 ----D---- C:\Program Files\Microsoft Baseline Security Analyzer 2

2009-03-11 01:45:22 ----D---- C:\Program Files\McafeeRootkitDetective

2009-03-10 18:51:09 ----DC---- C:\756ebbc6acbbe51a509140b77c43

2009-03-10 18:20:44 ----DC---- C:\679180b666ef33bd1acd4a13ce81605e

2009-03-09 18:39:45 ----DC---- C:\MFT 143762

2009-03-09 18:39:31 ----DC---- C:\MFT 123117

2009-03-09 13:56:24 ----D---- C:\Program Files\AxBx

2009-03-09 11:03:26 ----DC---- C:\00c1dd6213e4481ea3

2009-03-09 11:02:24 ----DC---- C:\f30a645f33c1db201701c677

2009-02-21 08:24:12 ----DC---- C:\lgupload

2009-02-21 08:20:58 ----D---- C:\Documents and Settings\christophe.SN1006475\Application Data\LG Electronics

2009-02-21 08:13:19 ----D---- C:\Program Files\LG Electronics

2009-02-21 08:09:37 ----D---- C:\Program Files\LG PC Suite 2

2009-02-21 08:09:01 ----D---- C:\Documents and Settings\christophe.SN1006475\Application Data\InstallShield

======List of files/folders modified in the last 1 months======

2009-03-18 17:14:30 ----D---- C:\WINDOWS\Prefetch

2009-03-18 17:14:17 ----D---- C:\Program Files

2009-03-18 06:24:50 ----HD---- C:\WINDOWS\system32\drivers

2009-03-18 06:24:50 ----D---- C:\WINDOWS\system32

2009-03-18 06:24:49 ----D---- C:\WINDOWS\Temp

2009-03-18 06:24:47 ----D---- C:\WINDOWS

2009-03-18 06:14:02 ----AC---- C:\WINDOWS\system.ini

2009-03-18 06:13:43 ----D---- C:\WINDOWS\Debug

2009-03-18 06:03:30 ----HD---- C:\WINDOWS\inf

2009-03-18 06:02:59 ----HD---- C:\WINDOWS\$hf_mig$

2009-03-18 06:02:42 ----D---- C:\WINDOWS\system32\CatRoot2

2009-03-18 06:00:10 ----D---- C:\WINDOWS\Registration

2009-03-18 05:57:42 ----D---- C:\WINDOWS\system32\config

2009-03-18 05:55:02 ----D---- C:\WINDOWS\AppPatch

2009-03-18 05:54:56 ----D---- C:\Program Files\Fichiers communs

2009-03-18 05:48:57 ----D---- C:\Program Files\Internet Explorer

2009-03-18 05:48:18 ----N---- C:\WINDOWS\SchedLgU.Txt

2009-03-18 05:05:43 ----D---- C:\WINDOWS\system32\Restore

2009-03-18 05:05:42 ----SHD---- C:\System Volume Information

2009-03-12 07:07:29 ----SD---- C:\WINDOWS\Downloaded Program Files

2009-03-11 14:11:28 ----D---- C:\Documents and Settings\christophe.SN1006475\Application Data\OpenOffice.org2

2009-03-11 13:27:43 ----HDC---- C:\BJPrinter

2009-03-11 12:41:18 ----HD---- C:\Program Files\InstallShield Installation Information

2009-03-11 11:49:40 ----D---- C:\Program Files\Spybot - Search & Destroy

2009-03-11 11:49:38 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2009-03-11 09:43:03 ----SHD---- C:\WINDOWS\Installer

2009-03-11 09:42:40 ----D---- C:\Program Files\Java

2009-03-11 08:16:09 ----D---- C:\Program Files\Windows Live Safety Center

2009-03-11 07:41:09 ----SD---- C:\WINDOWS\Tasks

2009-03-11 04:16:52 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec

2009-03-11 04:13:51 ----D---- C:\Program Files\Fichiers communs\Symantec Shared

2009-03-11 02:34:00 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2009-03-10 23:59:46 ----SD---- C:\WINDOWS\system32\Microsoft

2009-03-10 23:57:46 ----SD---- C:\Documents and Settings\christophe.SN1006475\Application Data\Microsoft

2009-03-10 23:57:37 ----DC---- C:\WINDOWS\system32\DRVSTORE

2009-03-10 18:51:05 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2009-03-10 18:34:53 ----D---- C:\WINDOWS\Minidump

2009-03-10 06:19:35 ----D---- C:\Program Files\CCleaner

2009-03-09 16:42:11 ----RSD---- C:\WINDOWS\assembly

2009-03-09 16:17:16 ----D---- C:\WINDOWS\Microsoft.NET

2009-03-09 12:20:21 ----D---- C:\WINDOWS\SxsCaPendDel

2009-03-09 12:15:12 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI

2009-03-09 12:14:32 ----D---- C:\WINDOWS\WinSxS

2009-03-06 18:25:06 ----D---- C:\Program Files\TuneUp Utilities 2008

2009-03-06 10:21:18 ----AC---- C:\WINDOWS\NeroDigital.ini

2009-03-05 03:06:08 ----D---- C:\Program Files\PeerGuardian2

2009-03-04 15:26:11 ----AD---- C:\Program Files\eMule.v0.48a.Applejuice.v2.0.1

2009-02-27 14:55:09 ----D---- C:\Program Files\Microsoft Silverlight

2009-02-25 21:03:25 ----RSHD---- C:\WINDOWS\system32\dllcache

2009-02-25 12:55:00 ----AC---- C:\WINDOWS\system32\MRT.exe

2009-02-23 10:07:42 ----D---- C:\Documents and Settings\christophe.SN1006475\Application Data\Media Player Classic

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]

R1 Asapi;Asapi; C:\WINDOWS\system32\drivers\Asapi.sys [2002-08-06 11264]

R1 c2scsi;c2scsi; C:\WINDOWS\system32\drivers\c2scsi.sys [2006-03-04 241664]

R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-01 12952]

R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2006-08-01 28216]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []

R1 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-01-12 247608]

R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-01-12 25400]

R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2006-09-02 186048]

R1 vcsmpdrv;vcsmpdrv; C:\WINDOWS\System32\DRIVERS\vcsmpdrv.sys [2002-06-07 49232]

R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]

R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-08 35128]

R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-08 32504]

R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-08 9464]

R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-08 104504]

R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-08 26136]

R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-08 14552]

R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-08 97880]

R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-08 94680]

R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-01 51800]

R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-14 404736]

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-21 462940]

R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]

R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-04-24 41984]

R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]

R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]

R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20070720.016\NAVENG.SYS []

R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20070720.016\NAVEX15.SYS []

R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-04-05 47360]

R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []

R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-08-04 33588]

S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []

S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []

S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720]

S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-03-02 50007]

S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\System32\DRIVERS\adiusbaw.sys [2005-09-19 126489]

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []

S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]

S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-05-09 41888]

S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-01-21 210024]

S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-01-21 1290312]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-01-17 162136]

S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]

S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2007-05-09 14112]

S3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys []

S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-01-31 912768]

S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-05-09 1276832]

S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-01-17 507008]

S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-01-21 84784]

S3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-01-17 39348]

S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []

S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-01-12 276792]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2006-09-02 11968]

S3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2006-09-02 144832]

S3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2006-09-02 39104]

S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\IDS-DI~1\20070709.002\SymIDSCo.sys []

S3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2006-09-02 33216]

S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2006-09-02 26432]

S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]

S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]

S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2006-08-09 50688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]

R2 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-17 152984]

R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]

R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]

R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]

R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-09-08 198336]

R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-08-10 159744]

R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

R2 VCSSecS;Virtual CD v4 Security service (SDK - Version); C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe [2002-05-16 139264]

R2 vkservice;VirusKeeper antivirus/antispyware; C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe [2008-09-26 1119584]

R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINDOWS\wanmpsvc.exe [2003-08-04 65536]

R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-08-10 880640]

S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]

S2 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Fichiers communs\Sonic Shared\RoxioUpnpService9.exe [2006-08-10 294912]

S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2006-08-10 303104]

S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 138168]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]

S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]

S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE [2006-09-08 2528960]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Fichiers communs\Sonic Shared\RoxioUPnPRenderer9.exe [2006-08-10 57344]

S3 stllssvr;stllssvr; C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe [2006-07-20 73728]

S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-04 307968]

S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]

S4 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]

S4 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]

S4 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]

S4 ISPwdSvc;Validation de mot de passe Symantec IS; C:\Program Files\Norton AntiVirus\isPwdSvc.exe [2009-03-16 79496]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

S4 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-03-14 1087680]

S4 SymAppCore;Symantec AppCore Service; C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe [2006-09-01 46736]

S4 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]

-----------------EOF-----------------

Gof · le 18 mars 2009

Bon.

Fais une tentative de désinstallation via le Panneau de configuration > Ajout/Suppression de programmes des softs suivants :

Defenza
RegCure 1.5.0.1

Assure toi d'avoir l'accès aux fichiers et dossiers cachés.

Pour afficher les fichiers et dossiers cachés du systéme :

Démarrer, Poste de travail ou autre dossier, Menu Outils -> Option des dossiers -> onglet Affichage :

Cocher la case : Afficher les fichiers et dossiers cachés

Décocher la case : Masquer les extensions des fichiers dont le type est connu

Décocher la case : Masquer les fichiers protégés du système d'exploitation
---> Répondre OUI à la demande de confirmation

Cliquer Appliquer puis OK

Supprime les éléments suivants (si souci, me le rapporter) :

C:\Program Files\RegCure <= ce répertoire
c:\program files\Defenza <= ce répertoire
C:\WINDOWS\tasks\RegCure Program Check.job <= ce fichier
C:\WINDOWS\tasks\RegCure.job <= ce fichier

Vide ta corbeille.

Si tout se passe bien, on procèdera par la suite à la désinstallation de Norton, à la mise à jour de quelques applications importantes qui introduisent des vulnérabilités dans ton système à cause de la présence de leurs versions obsolètes (JAVA, Adobe Reader, etc.).

Télécharge Malwarebytes' Anti-Malware (MBAM)

Double clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet "mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
Branche tes supports amovibles (clés USB, lecteurs MP3, cartes Flash, etc.) sans les ouvrir.
Sélectionne "Exécuter un examen complet"
Clique sur "Rechercher"
L'analyse démarre.
A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

kalchrof · le 19 mars 2009

"Supprime les éléments suivants (si souci, me le rapporter) :

C:\Program Files\RegCure <= ce répertoire

c:\program files\Defenza <= ce répertoire

C:\WINDOWS\tasks\RegCure Program Check.job <= ce fichier

C:\WINDOWS\tasks\RegCure.job <= ce fichier"

je ne trouve pas ces repertoires et fichiers

Gof · le 19 mars 2009

Ok. Enchaîne sur la suite de la procédure, nous aviserons par la suite.

kalchrof · le 19 mars 2009

bonjour Gof, je te post le mbam-log et je redemarre l'ordi comme demander par le logiciel.

Malwarebytes' Anti-Malware 1.34

Version de la base de données: 1868

Windows 5.1.2600 Service Pack 3

19/03/2009 07:13:10

mbam-log-2009-03-19 (07-13-10).txt

Type de recherche: Examen complet (C:\|F:\|J:\|K:\|L:\|)

Eléments examinés: 269404

Temps écoulé: 3 hour(s), 7 minute(s), 0 second(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 1

Elément(s) de données du Registre infecté(s): 1

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 6

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\29832656.exe.vir (Worm.Bagle) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP2\A0000480.exe (Worm.Bagle) -> Quarantined and deleted successfully.

C:\WINDOWS\Downloaded Program Files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Program Files\corona.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

C:\Program Files\ogg.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

C:\Program Files\vorbis.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

Gof · le 19 mars 2009

Bonjour kalchrof,

MBAM a bien bossé. Exécute ceci : Rends toi dans ton Menu Démarrer > Exécuter et copie-colle l'intégratilité de la ligne ci-dessous :

"%userprofile%\bureau\RSIT.exe" /info

Puis valide. Poste à nouveau les deux rapports. Normalement tes deux softs ont disparu, et tu ne devrais plus avoir de soucis. Confirmes-tu ?

Si oui, on procède à la désinstallation de Norton et à quelques mises à jour.

kalchrof · le 19 mars 2009

re Gof, voici les rapports RTIS

Logfile of random's system information tool 1.05 (written by random/random)

Run by christophe.SN1006475 at 2009-03-19 10:13:09

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 10 GB (9%) free of 111 GB

Total RAM: 1023 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:13:21, on 19/03/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\dllhost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe

C:\WINDOWS\System32\vssvc.exe

C:\WINDOWS\wanmpsvc.exe

C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\apps\ABoard\ABoard.exe

C:\apps\ABoard\AOSD.exe

C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Keyboard\kbdap32a.EXE

C:\Program Files\Trust\DS-4500X Wireless Laser Deskset\Mouse\mouse32a.exe

C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Neuf\Media Center\MediaCenter.exe

C:\Program Files\Neuf\Media Center\httpd\httpd.exe

C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\christophe.SN1006475\bureau\RSIT.exe