Bonjour

Pouvez vous m'analyser mon rapport RSIT. J'aimerai bien me débarrasser de ce xp antivirus pro

merci de votre aide.

voici mon rapport

Logfile of random's system information tool 1.06 (written by random/random)
Run by Packo at 2010-03-10 03:32:18
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 23 GB (76%) free of 31 GB
Total RAM: 959 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:30:33, on 09/03/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
D:\Documents and Settings\Packo\Local Settings\Application Data\av.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\apps\ABoard\ABoard.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Java\jre1.5.0_02\bin\jucheck.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\trend micro\Packo.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_0_2_0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6655 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\HDReg.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-25 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-25 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-25 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-10-24 90112]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe [2005-03-04 36975]
"Vade Retro Outlook Express"=C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe [2004-10-04 310272]
"Ulead AutoDetector v2"=C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe [2004-11-26 90112]
"PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"ACTIVBOARD"=c:\apps\ABoard\ABoard.exe [2003-05-02 24576]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-02-24 98304]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-03-09 2769336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-02-25 39408]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\AOL 9.0\aol.exe"="%ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:PANDORA"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"D:\Documents and Settings\Packo\Local Settings\Temp\WZSE0.TMP\SymNRT.exe"="D:\Documents and Settings\Packo\Local Settings\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Norton Removal Tool"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39cd6e28-215d-11df-a898-806d6172696f}]
shell\AutoRun\command - E:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de466312-284a-11df-a8a8-00038a000015}]
shell\AutoRun\command - G:\driver\usb\–��¼‡‘Š•†‘Í€ŒŽ
shell\open\command - G:\driver\usb\–��¼‡‘Š•†‘Í€ŒŽ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de466313-284a-11df-a8a8-00038a000015}]
shell\AutoRun\command - H:\driver\usb\–��¼‡‘Š•†‘Í€ŒŽ
shell\open\command - H:\driver\usb\–��¼‡‘Š•†‘Í€ŒŽ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de466314-284a-11df-a8a8-00038a000015}]
shell\AutoRun\command - G:\driver\usb\–��¼‡‘Š•†‘Í€ŒŽ
shell\open\command - G:\driver\usb\–��¼‡‘Š•†‘Í€ŒŽ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de466315-284a-11df-a8a8-00038a000015}]
shell\AutoRun\command - H:\driver\usb\–��¼‡‘Š•†‘Í€ŒŽ
shell\open\command - H:\driver\usb\–��¼‡‘Š•†‘Í€ŒŽ


======File associations======

.exe - open - "D:\Documents and Settings\Packo\Local Settings\Application Data\av.exe" /START "%1" %*

======List of files/folders created in the last 1 months======

2010-03-10 03:17:46 ----D---- C:\WINDOWS\pss
2010-03-09 20:26:36 ----A---- C:\WINDOWS\ntbtlog.txt
2010-03-09 20:17:41 ----D---- C:\Program Files\trend micro
2010-03-09 20:17:39 ----D---- C:\rsit
2010-03-09 19:35:55 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-03-09 19:35:50 ----D---- C:\Program Files\Alwil Software
2010-03-09 17:20:11 ----D---- C:\WINDOWS\system32\LogFiles
2010-03-09 17:19:56 ----D---- D:\Documents and Settings\Packo\Application Data\Sun
2010-03-09 17:19:56 ----D---- C:\WINDOWS\Sun
2010-03-09 07:43:55 ----A---- C:\WINDOWS\WORDPAD.INI
2010-03-08 13:03:39 ----D---- D:\Documents and Settings\Packo\Application Data\OD2
2010-03-04 03:00:45 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-03-04 03:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2010-03-03 14:02:33 ----D---- D:\Documents and Settings\Packo\Application Data\TransRender
2010-03-03 14:02:33 ----D---- D:\Documents and Settings\Packo\Application Data\Temporary
2010-03-03 14:02:33 ----D---- D:\Documents and Settings\Packo\Application Data\ConvertTemp
2010-03-03 14:02:32 ----D---- D:\Documents and Settings\Packo\Application Data\Samsung
2010-03-03 13:56:21 ----A---- C:\WINDOWS\system32\framedyn.dll
2010-03-03 13:56:08 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2010-03-03 13:55:38 ----D---- C:\Program Files\Samsung
2010-03-02 07:31:15 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-02 07:31:13 ----D---- C:\Program Files\MSBuild
2010-03-02 07:31:11 ----D---- C:\WINDOWS\system32\en-US
2010-03-02 07:31:07 ----D---- C:\Program Files\Reference Assemblies
2010-03-02 07:30:48 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-03-02 07:30:48 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-03-02 07:30:48 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-03-02 07:28:57 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-03-02 07:28:49 ----D---- C:\Program Files\MSXML 6.0
2010-02-28 03:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-28 03:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-27 21:03:38 ----D---- D:\Documents and Settings\Packo\Application Data\Mozilla
2010-02-27 21:03:29 ----D---- C:\Program Files\Mozilla Firefox
2010-02-27 08:17:24 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-26 19:36:35 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-02-26 12:20:24 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-26 12:20:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-26 12:20:16 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-02-26 12:20:12 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-02-26 12:20:06 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-26 12:19:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-02-26 12:19:55 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-26 12:19:50 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-26 12:19:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-02-26 12:19:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-26 12:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-26 12:19:09 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2010-02-26 12:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-26 12:18:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-26 12:18:49 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-26 12:18:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-26 12:18:33 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-26 12:18:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-26 12:18:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-26 12:18:12 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-02-26 12:18:05 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-26 12:18:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954156_WM9L$
2010-02-26 12:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-26 12:17:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-02-26 12:17:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-26 12:17:28 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-02-26 12:17:23 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-02-26 12:17:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-02-26 12:17:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-26 12:17:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-26 12:17:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-26 12:16:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-02-26 12:16:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-02-26 12:16:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-26 12:16:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-26 12:16:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-26 12:16:08 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-02-26 12:15:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-26 12:15:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-26 12:15:39 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-02-26 12:15:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-26 12:15:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-26 12:15:19 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-02-26 12:15:11 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-02-26 12:15:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-26 12:15:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-26 12:14:15 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-26 12:14:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-02-26 12:13:55 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-26 12:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-02-26 12:13:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-26 12:13:33 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-26 12:13:26 ----D---- C:\WINDOWS\ServicePackFiles
2010-02-26 12:13:25 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-02-26 12:13:18 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2010-02-26 12:13:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-02-26 12:13:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-26 12:12:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-02-26 12:12:53 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-02-26 12:12:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-02-26 12:12:38 ----D---- C:\Program Files\MSXML 4.0
2010-02-26 12:12:26 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-26 12:12:22 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-02-26 12:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-26 12:12:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-26 12:12:03 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-26 12:11:49 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-25 13:08:20 ----D---- D:\Documents and Settings\Packo\Application Data\Google
2010-02-25 13:06:13 ----D---- C:\Program Files\Google
2010-02-25 09:27:41 ----D---- C:\Program Files\ma-config.com
2010-02-25 09:22:41 ----D---- C:\Program Files\AIDA32 - Personal System Information
2010-02-25 09:16:34 ----D---- C:\Program Files\Driver-Soft
2010-02-25 09:03:43 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-02-25 08:51:28 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-02-24 21:55:33 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-02-24 21:55:23 ----D---- C:\WINDOWS\system32\PreInstall
2010-02-24 21:55:23 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-02-24 21:55:21 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-02-24 20:59:26 ----D---- D:\Documents and Settings\Packo\Application Data\Adobe
2010-02-24 18:45:19 ----D---- D:\Documents and Settings\Packo\Application Data\VadeRetro
2010-02-24 18:14:39 ----A---- C:\WINDOWS\system32\wpa.bak
2010-02-24 18:08:29 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-02-24 18:06:57 ----D---- D:\Documents and Settings\Packo\Application Data\Macromedia
2010-02-24 18:06:57 ----D---- D:\Documents and Settings\Packo\Application Data\Identities
2010-02-24 18:06:57 ----ASH---- D:\Documents and Settings\Packo\Application Data\desktop.ini
2010-02-24 18:06:56 ----SD---- D:\Documents and Settings\Packo\Application Data\Microsoft
2010-02-24 18:06:56 ----D---- D:\Documents and Settings\Packo\Application Data\You've Got Pictures Screensaver
2010-02-24 18:06:56 ----D---- D:\Documents and Settings\Packo\Application Data\Real
2010-02-24 16:56:21 ----SHD---- C:\RECYCLER
2010-02-24 16:56:16 ----A---- C:\WINDOWS\smscfg.ini
2010-02-24 15:53:00 ----HD---- C:\WINDOWS\I386
2010-02-24 15:52:32 ----A---- C:\MCDLOG.TXT
2010-02-24 15:52:32 ----A---- C:\DWNLOG.TXT
2010-02-24 15:37:56 ----SHD---- C:\DRIVERS
2010-02-24 15:37:48 ----D---- C:\APPS
2010-02-24 15:37:34 ----HD---- C:\DIVTOOLS
2010-02-24 15:37:24 ----HD---- C:\PNP
2010-02-24 15:27:19 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
2010-02-24 15:26:24 ----A---- C:\WINDOWS\system32\_psisdecd.dll
2010-02-24 15:26:23 ----A---- C:\WINDOWS\system32\msxml4r.dll
2010-02-24 15:26:23 ----A---- C:\WINDOWS\system32\msxml4a.dll
2010-02-24 15:26:23 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-02-24 15:26:10 ----D---- C:\Program Files\CyberLink
2010-02-24 15:24:54 ----D---- C:\WINDOWS\system32\windows media
2010-02-24 15:24:47 ----HD---- C:\WINDOWS\msdownld.tmp
2010-02-24 15:24:19 ----D---- C:\Program Files\Windows Media Components
2010-02-24 15:23:23 ----D---- C:\Program Files\Ulead Systems
2010-02-24 15:22:51 ----D---- C:\Program Files\Fichiers communs\Ulead Systems
2010-02-24 15:22:27 ----A---- C:\WINDOWS\system32\SETUPPC.INI
2010-02-24 15:21:53 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
2010-02-24 15:21:52 ----D---- C:\Program Files\Sonic
2010-02-24 15:21:19 ----D---- C:\Program Files\Fichiers communs\xing shared
2010-02-24 15:20:33 ----D---- C:\Program Files\ShowTime
2010-02-24 15:20:26 ----D---- C:\Program Files\GMixon
2010-02-24 15:16:55 ----A---- C:\WINDOWS\system32\capicom.dll
2010-02-24 15:15:28 ----D---- C:\Program Files\Goto Software
2010-02-24 15:15:23 ----D---- C:\Program Files\Norman
2010-02-24 15:14:39 ----A---- C:\WINDOWS\HDReg.ini
2010-02-24 15:14:30 ----A---- C:\WINDOWS\IsUninst.exe
2010-02-24 15:14:14 ----D---- C:\Program Files\AOL Compagnon
2010-02-24 15:14:13 ----D---- C:\WINDOWS\occache
2010-02-24 15:14:13 ----D---- C:\Program Files\Learn2.com
2010-02-24 15:14:12 ----D---- C:\Program Files\Viewpoint
2010-02-24 15:14:11 ----A---- C:\WINDOWS\system32\shdocvw.bak
2010-02-24 15:14:10 ----A---- C:\WINDOWS\unvise32qt.exe
2010-02-24 15:14:06 ----D---- C:\WINDOWS\system32\QuickTime
2010-02-24 15:14:06 ----D---- C:\Program Files\QuickTime
2010-02-24 15:14:03 ----D---- C:\Program Files\Fichiers communs\Nullsoft
2010-02-24 15:14:01 ----D---- C:\My Music
2010-02-24 15:13:59 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2010-02-24 15:13:58 ----D---- C:\Program Files\Real
2010-02-24 15:13:58 ----D---- C:\Program Files\Fichiers communs\Real
2010-02-24 15:13:58 ----A---- C:\WINDOWS\system32\pndx5032.dll
2010-02-24 15:13:58 ----A---- C:\WINDOWS\system32\pndx5016.dll
2010-02-24 15:13:58 ----A---- C:\WINDOWS\system32\pncrt.dll
2010-02-24 15:13:44 ----A---- C:\WINDOWS\system32\jgdwmie.dll
2010-02-24 15:13:42 ----A---- C:\WINDOWS\system32\roboex32.dll
2010-02-24 15:13:42 ----A---- C:\WINDOWS\system32\mfc71.dll
2010-02-24 15:13:42 ----A---- C:\WINDOWS\system32\Inetwh32.dll
2010-02-24 15:13:29 ----A---- C:\WINDOWS\system32\AOLDial.dll
2010-02-24 15:13:27 ----D---- C:\Program Files\Fichiers communs\aolshare
2010-02-24 15:13:26 ----D---- C:\Program Files\AOL 9.0
2010-02-24 15:13:18 ----D---- C:\Program Files\Fichiers communs\AOL
2010-02-24 15:13:01 ----RA---- C:\WINDOWS\system32\unzip32.dll
2010-02-24 15:12:43 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-02-24 15:12:33 ----D---- C:\Program Files\Adobe
2010-02-24 15:12:16 ----RASH---- C:\BOOT.BAK
2010-02-24 15:12:14 ----RSHD---- C:\cmdcons
2010-02-24 15:12:14 ----A---- C:\WINDOWS\UPGRADE.TXT
2010-02-24 15:09:00 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-02-24 15:08:40 ----D---- C:\WINDOWS\RegisteredPackages
2010-02-24 15:08:23 ----A---- C:\WINDOWS\system32\javaws.exe
2010-02-24 15:08:23 ----A---- C:\WINDOWS\system32\javaw.exe
2010-02-24 15:08:23 ----A---- C:\WINDOWS\system32\java.exe
2010-02-24 15:08:01 ----D---- C:\Program Files\Java
2010-02-24 15:08:01 ----D---- C:\Program Files\Fichiers communs\Java
2010-02-24 15:07:45 ----HD---- C:\WINDOWS\$MSI31Uninstall_KB893803$
2010-02-24 15:07:40 ----HD---- C:\WINDOWS\$NtUninstallKB887472$
2010-02-24 15:07:34 ----HD---- C:\WINDOWS\$NtUninstallKB890923$
2010-02-24 15:07:27 ----HD---- C:\WINDOWS\$NtUninstallKB893086$
2010-02-24 15:07:21 ----HD---- C:\WINDOWS\$NtUninstallKB893066$
2010-02-24 15:07:13 ----HD---- C:\WINDOWS\$NtUninstallKB890859$
2010-02-24 15:07:06 ----HD---- C:\WINDOWS\$NtUninstallKB891781$
2010-02-24 15:07:02 ----HD---- C:\WINDOWS\$NtUninstallKB890175$
2010-02-24 15:06:57 ----HD---- C:\WINDOWS\$NtUninstallKB890047$
2010-02-24 15:06:51 ----HD---- C:\WINDOWS\$NtUninstallKB888302$
2010-02-24 15:06:47 ----HD---- C:\WINDOWS\$NtUninstallKB888113$
2010-02-24 15:06:44 ----HD---- C:\WINDOWS\$NtUninstallKB886185$
2010-02-24 15:06:40 ----HD---- C:\WINDOWS\$NtUninstallKB885836$
2010-02-24 15:06:36 ----HD---- C:\WINDOWS\$NtUninstallKB885835$
2010-02-24 15:06:31 ----HD---- C:\WINDOWS\$NtUninstallKB885250$
2010-02-24 15:06:27 ----HD---- C:\WINDOWS\$NtUninstallKB873339$
2010-02-24 15:06:21 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-02-24 15:06:21 ----HD---- C:\WINDOWS\$NtUninstallKB873333$
2010-02-24 15:06:21 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-24 15:04:52 ----A---- C:\WINDOWS\system32\ChCfg.exe
2010-02-24 15:04:30 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-02-24 15:04:26 ----D---- C:\Program Files\Realtek Sound Manager
2010-02-24 15:04:26 ----D---- C:\Program Files\AvRack
2010-02-24 15:04:26 ----A---- C:\WINDOWS\avrack.ini
2010-02-24 15:04:24 ----D---- C:\Program Files\Realtek AC97
2010-02-24 15:04:23 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2010-02-24 15:04:23 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2010-02-24 15:04:23 ----A---- C:\WINDOWS\soundman.exe
2010-02-24 15:04:22 ----A---- C:\WINDOWS\alcupd.exe
2010-02-24 15:04:22 ----A---- C:\WINDOWS\alcrmv.exe
2010-02-24 15:03:58 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-24 15:03:58 ----D---- C:\Program Files\AMD
2010-02-24 15:03:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-24 15:03:55 ----D---- C:\Program Files\Fichiers communs\InstallShield
2010-02-24 15:01:52 ----RSD---- C:\WINDOWS\assembly
2010-02-24 15:01:52 ----D---- C:\WINDOWS\Microsoft.NET
2010-02-24 15:01:51 ----D---- C:\WINDOWS\system32\URTTemp
2010-02-24 14:58:53 ----A---- C:\WINDOWS\system32\hccoin.dll

======List of files/folders modified in the last 1 months======

2010-03-10 03:21:01 ----RASH---- C:\BOOT.INI
2010-03-10 03:21:01 ----A---- C:\WINDOWS\win.ini
2010-03-10 03:21:01 ----A---- C:\WINDOWS\system.ini
2010-03-10 03:17:56 ----D---- C:\WINDOWS\PREFETCH
2010-03-10 03:17:46 ----D---- C:\WINDOWS
2010-03-10 00:30:25 ----D---- C:\WINDOWS\Temp
2010-03-10 00:05:11 ----SD---- C:\WINDOWS\Tasks
2010-03-10 00:05:11 ----A---- C:\WINDOWS\setuplog.txt
2010-03-09 20:30:38 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-09 20:25:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-09 20:17:41 ----RD---- C:\Program Files
2010-03-09 19:36:11 ----D---- C:\WINDOWS\system32\drivers
2010-03-09 19:36:04 ----SHD---- C:\WINDOWS\Installer
2010-03-09 19:36:03 ----D---- C:\WINDOWS\WinSxS
2010-03-09 19:36:02 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2010-03-09 19:35:55 ----AD---- C:\WINDOWS\system32
2010-03-06 12:57:01 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-03-05 20:07:27 ----D---- C:\WINDOWS\Help
2010-03-04 03:19:34 ----HD---- C:\WINDOWS\inf
2010-03-04 03:03:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-04 03:01:27 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-04 03:00:34 ----A---- C:\WINDOWS\imsins.BAK
2010-03-02 07:31:10 ----RSD---- C:\WINDOWS\Fonts
2010-03-02 07:30:54 ----D---- C:\WINDOWS\system32\spool
2010-02-28 09:51:16 ----D---- C:\WINDOWS\pchealth
2010-02-27 19:02:13 ----D---- D:\Documents and Settings\All Users\Application Data\AOL
2010-02-26 13:06:31 ----D---- C:\WINDOWS\system32\wbem
2010-02-26 13:06:31 ----D---- C:\WINDOWS\AppPatch
2010-02-26 12:20:08 ----D---- C:\Program Files\Messenger
2010-02-26 12:19:42 ----D---- C:\Program Files\Internet Explorer
2010-02-26 12:15:33 ----D---- C:\Program Files\Outlook Express
2010-02-26 12:09:24 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-02-25 13:06:20 ----D---- D:\Documents and Settings\All Users\Application Data\Google
2010-02-25 09:08:53 ----D---- C:\Program Files\Fichiers communs
2010-02-25 09:03:43 ----D---- C:\WINDOWS\Debug
2010-02-24 21:55:51 ----D---- C:\WINDOWS\security
2010-02-24 18:08:42 ----D---- C:\WINDOWS\SoftwareDistribution
2010-02-24 18:07:09 ----D---- C:\WINDOWS\system32\Restore
2010-02-24 18:07:09 ----A---- C:\WINDOWS\OEWABLog.txt
2010-02-24 18:06:40 ----SHD---- C:\System Volume Information
2010-02-24 18:06:39 ----D---- C:\WINDOWS\system32\config
2010-02-24 17:02:04 ----D---- C:\WINDOWS\Registration
2010-02-24 16:55:49 ----D---- C:\WINDOWS\system
2010-02-24 15:55:28 ----A---- C:\WINDOWS\orun32.ini
2010-02-24 15:21:30 ----D---- C:\WINDOWS\system32\Macromed
2010-02-24 15:15:28 ----D---- D:\Documents and Settings\All Users\Application Data\VadeRetro
2010-02-16 21:15:38 ----D---- D:\Documents and Settings\All Users\Application Data\ma-config.com

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-03-09 28880]
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-03-09 162640]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-03-09 46672]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-03-09 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-03-09 100432]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-10-26 3786944]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-03-09 23376]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 AIDA32Driver;AIDA32Driver; \??\C:\Program Files\AIDA32 - Personal System Information\aida32.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-25 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2010-01-26 243056]
S3 MysqlInventime;MysqlInventime; C:\Apps\INVENT~1\mysql\bin\mysqld-nt --defaults-file=C:\Apps\Inventime\mysql\my.ini MysqlInventime []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Bonjour,

1/

• Télécharge gmer sur le bureau et dézippe-le (clic droit et extraire ici).
• Double-clique sur gmer.exe sur le bureau. Si ton antivirus réagit, ne t'inquiète et ignore l'alerte.
• Clique sur l'onglet "rootkit", puis clique sur scan.
• A la fin du scan, clique sur le bouton copy.
• Dans démarrer>programmes>accessoires : ouvre le bloc-note et clique sur CTRL+V afin de copier le rapport dans ce même bloc-note.
• Edite ce rapport dans ta prochaine réponse.

2/

• Télécharge SREng (de Smallfrogs).
• Dézippe tout son contenu sur ton bureau (clic droit >Extraire ici).
• Ouvre le dossier SReng2 et double-clique sur SREngPS.exe.
• Clique sur "smart scan".
• Clique sur le bouton "scan".
• Quand l'analyse est terminée, clique sur le bouton "save reports".
• Sauvegarde alors le rapport sur ton bureau.
• Copie/colle le contenu du rapport SREnglLOG.log dans ta prochaine réponse.

Fill

Bonjour

tout d'abord je tiens à te remercier

et comme tu me la demandé je t'envoie le rapport

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-03-10 11:26:10
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: D:\DOCUME~1\Packo\LOCALS~1\Temp\ufliyuoc.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xF69D1C56]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xF69D1B12]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteKey [0xF69D20C6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xF69D1FF0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xF69D16E8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xF69D1BEC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xF69D1628]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xF69D168C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xF69D1D0C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRenameKey [0xF69D2194]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xF69D1CCC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xF69D1E4C]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xF69DE4FE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xF69DE322]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xF69DE45C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2444 80501334 4 Bytes CALL 5946B04F

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[2832] ntdll.dll!LdrLoadDll 7C925CBB 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[684] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002
IAT C:\WINDOWS\system32\services.exe[684] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----
[CODE]

2010-03-10,11:45:48

System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
Windows Security Update Check
API HOOK
Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Windows Component Publisher]
<swg><"C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"> [(Verified)Google Inc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Publisher]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher]
<SoundMan><SOUNDMAN.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SunJavaUpdateSched><C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe> [Sun Microsystems, Inc.]
<Vade Retro Outlook Express><"C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"> []
<Ulead AutoDetector v2><C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe> [Ulead Systems, Inc.]
<PCMService><"c:\Apps\Powercinema\PCMService.exe"> [CyberLink Corp.]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"> [(Verified)Microsoft Windows Publisher]
<ACTIVBOARD><c:\apps\ABoard\ABoard.exe> [NEC Computers International]
<QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.]
<avast5><C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui> [(Verified)ALWIL Software]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<Personnalisation du navigateur><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Mise à jour du Bureau Windows><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\system32\logon.scr> [(Verified)Microsoft Windows Publisher]

==================================
Startup Folders
N/A

==================================
Services
[AOL Connectivity Service / AOL ACS][Running/Auto Start]
<C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe><America Online, Inc.>
[Gestion d'applications / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"><ALWIL Software>
[CyberLink Background Capture Service (CBCS) / CLCapSvc][Running/Auto Start]
<"c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe"><>
[CyberLink Task Scheduler (CTS) / CLSched][Running/Auto Start]
<"c:\APPS\Powercinema\Kernel\TV\CLSched.exe"><>
[CyberLink Media Library Service / CyberLink Media Library Service][Running/Auto Start]
<"C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe"><Cyberlink>
[Generic Service for HID Keyboard Input Collections / GenericHidService][Running/Auto Start]
<c:\APPS\HIDSERVICE\HIDSERVICE.exe><N/A>
[Service Google Update (gupdate) / gupdate][Stopped/Auto Start]
<"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc><Google Inc.>
[Google Software Updater / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Ma-Config Service / maconfservice][Stopped/Manual Start]
<"C:\Program Files\ma-config.com\maconfservice.exe"><CybelSoft>
[MysqlInventime / MysqlInventime][Stopped/Manual Start]
<C:\Apps\INVENT~1\mysql\bin\mysqld-nt --defaults-file=C:\Apps\Inventime\mysql\my.ini MysqlInventime><(File is missing)>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
<C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>

==================================
Drivers
[AIDA32Driver / AIDA32Driver][Stopped/Manual Start]
<\??\C:\Program Files\AIDA32 - Personal System Information\aida32.sys><N/A>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[Pilote de filtre du bus AMD AGP / amdagp][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[Pilote de processeur AMD / AmdK8][Running/System Start]
<system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[asc / asc][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[CmdIde / CmdIde][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[driverhardwarev2 / driverhardwarev2][Stopped/Manual Start]
<\??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys><CybelSoft>
[Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet / FETNDIS][Running/Manual Start]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[mraid35x / mraid35x][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[ql1080 / ql1080][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[ql12160 / ql12160][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[ATI-436E Serial ATA Controller / SI3112r][Stopped/Boot Start]
<\SystemRoot\system32\DRIVERS\SI3112r.sys><Silicon Image, Inc.>
[Sparrow / Sparrow][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[SAMSUNG Mobile USB Device 1.0 driver (WDM) / ss_bus][Stopped/Manual Start]
<system32\DRIVERS\ss_bus.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Filter / ss_mdfl][Stopped/Manual Start]
<system32\DRIVERS\ss_mdfl.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Drivers / ss_mdm][Stopped/Manual Start]
<system32\DRIVERS\ss_mdm.sys><MCCI>
[symc810 / symc810][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[ultra / ultra][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[WAN Miniport (ATW) / wanatw][Running/Manual Start]
<system32\DRIVERS\wanatw4.sys><America Online, Inc.>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll, (Signed) Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll, (Signed) Google Inc.>
[Java Plug-in 1.5.0_02]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll, Sun Microsystems, Inc.>
[Real.com]
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} <C:\WINDOWS\system32\Shdocvw.dll, (Signed) Microsoft Corporation>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Google Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll, (Signed) Google Inc.>
[Ma-Config control]
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF} <C:\PROGRA~1\MA-CON~1.COM\HARDWA~1.OCX, (Signed) CybelSoft>
[Java Plug-in 1.5.0_02]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_02]
{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll, Sun Microsystems, Inc.>
[]
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} <, >
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll, (Signed) Google Inc.>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[]
{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} <, >
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\macromed\Director\SwDir.dll, (Signed) Macromedia, Inc.>
[Google Toolbar]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll, (Signed) Google Inc.>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Fichiers communs\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <, >
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[ClickMeX Control]
{4C98C782-8CC0-47DB-BD00-212A335982BB} <c:\APPS\DESKTOP\ClickMe.ocx, NEC CI>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[Ma-Config control]
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF} <C:\PROGRA~1\MA-CON~1.COM\HARDWA~1.OCX, (Signed) CybelSoft>
[Navigateur Web Microsoft]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[]
{9ECB9560-04F9-4BBC-943D-298DDF1699E1} <, >
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll, (Signed) Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll, (Signed) Google Inc.>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Fichiers communs\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[]
{BDF3E430-B101-42AD-A544-FADC6B084872} <, >
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[]
{CD67F990-D8E9-11D2-98FE-00C0F0318AFE} <, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx, (Signed) Adobe Systems, Inc.>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[Google Sidewiki...]
<res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html, N/A>

==================================
Running Processes
[PID: 556 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 616 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 640 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 684 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233)]
[PID: 696 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 848 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 908 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1024 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1088 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1240 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1376 / SYSTEM][C:\Program Files\Alwil Software\Avast5\AvastSvc.exe] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\ashServ.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\aswAux.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\ashBase.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\ashTask.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\aswLog.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\aswSqLt.dll] [ALWIL Software, 5, 0, 0, 0]
[C:\Program Files\Alwil Software\Avast5\aswProperty.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\Aavm4h.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\AavmRpch.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\aswIdle.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\1036\Base.dll] [ALWIL Software, 5, 0, 418, 0]
[C:\Program Files\Alwil Software\Avast5\defs\10030901\aswEngin.dll] [ALWIL Software, 5, 0, 418, 0]
[C:\Program Files\Alwil Software\Avast5\defs\10030901\aswCmnOS.dll] [ALWIL Software, 5, 0, 418, 0]
[C:\Program Files\Alwil Software\Avast5\defs\10030901\aswCmnIS.dll] [ALWIL Software, 5, 0, 418, 0]
[C:\Program Files\Alwil Software\Avast5\defs\10030901\aswCmnBS.dll] [ALWIL Software, 5, 0, 418, 0]
[C:\Program Files\Alwil Software\Avast5\defs\10030901\aswScan.dll] [ALWIL Software, 5, 0, 418, 0]
[C:\Program Files\Alwil Software\Avast5\defs\10030901\algo.dll] [N/A, ]
[C:\Program Files\Alwil Software\Avast5\AhResBhv.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\AhResMai.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\ahResMes.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\AhResNS.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\ahResP2P.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\AhResStd.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\AhResWS.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\defs\10030901\arPot.dll] [ALWIL Software, 1, 0, 0, 1]
[C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\ashWebSv.dll] [ALWIL Software, 5, 0, 462, 0]
[C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll] [ALWIL Software, 5, 0, 462, 0]
[PID: 1528 / Packo][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.0.2004121400]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[PID: 1648 / Packo][D:\Documents and Settings\Packo\Local Settings\Application Data\av.exe] [N/A, ]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[PID: 1780 / Packo][C:\Program Files\QuickTime\qttask.exe] [Apple Computer, Inc., 6.5]
[PID: 1784 / Packo][C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe] [Ulead Systems, Inc., 2.0.0.0]
[C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\u32Comm.dll] [Ulead Systems, Inc., 8.0.0.0]
[C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\DetMethod.dll] [, 1, 0, 0, 1]
[C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\Monitor_Res.dll] [Ulead Systems, Inc., 2.0.0.0]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[PID: 1796 / Packo][C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe] [Sun Microsystems, Inc., 5.0.20.9]
[PID: 1804 / Packo][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 4, 1, 509, 1944]
[C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\gtn.dll] [Google Inc., 5, 5, 4723, 1820]
[C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll] [Google Inc., 5, 5, 4723, 1820]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[PID: 1808 / Packo][C:\apps\ABoard\ABoard.exe] [NEC Computers International, 1, 2, 0, 0]
[C:\apps\ABoard\AHook.dll] [NEC Computers International, 1, 1, 3, 0]
[PID: 1816 / Packo][C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe] [, 1.2.0.1]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[PID: 1852 / Packo][C:\Apps\Powercinema\PCMService.exe] [CyberLink Corp., 4.0.0.0000]
[C:\Apps\Powercinema\helper.dll] [CyberLink Corp., 3.00.4021 ]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[c:\Apps\Powercinema\Kernel\common\CLRCEngine3.dll] [CyberLink Corp., 4.0.0.1421]
[c:\Apps\Powercinema\Kernel\TV\CLCapX.dll] [Cyberlink, 4.00.1710]
[PID: 1848 / Packo][C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation, 4.7.3001]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[PID: 2012 / Packo][C:\apps\ABoard\AOSD.exe] [NEC Computers International, 1, 2, 0, 0]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[PID: 2032 / Packo][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5, 1, 0, 46]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[PID: 124 / Packo][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_78F32466E61F1EEC.dll] [Google Inc., 6, 4, 1321, 1732 ]
[C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll] [Google Inc., 6, 4, 1321, 1732 ]
[C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll] [Google Inc., 5, 5, 4723, 1820]
[PID: 1192 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1716 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1820 / SYSTEM][C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe] [America Online, Inc., 2.0.20.1.FR.213 ]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[PID: 1844 / SYSTEM][c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe] [, 4.00.1710]
[c:\Apps\Powercinema\Kernel\TV\CLCapEngine.dll] [, 4.00.1710]
[c:\Apps\Powercinema\Kernel\TV\PCMRRec4.dll] [CyberLink Corp., 4.01.1702]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[c:\Apps\Powercinema\Kernel\TV\CLCapSvcps.dll] [N/A, ]
[PID: 1884 / SYSTEM][C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe] [Cyberlink, 1, 1, 0, 1619]
[PID: 1972 / SYSTEM][c:\APPS\HIDSERVICE\HIDSERVICE.exe] [N/A, ]
[PID: 2052 / SYSTEM][C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe] [Cyberlink, 1, 1, 0, 1619]
[c:\Apps\Powercinema\Kernel\HomeNetWorking\CLNetMedia.dll] [, 1, 0, 0, 1012]
[PID: 2156 / SYSTEM][C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe] [Ulead Systems, Inc., 1, 0, 0, 3]
[PID: 2204 / SERVICE LOCAL][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 2440 / SYSTEM][c:\APPS\Powercinema\Kernel\TV\CLSched.exe] [, 4.00.1710]
[c:\Apps\Powercinema\Kernel\TV\CLCapSvcps.dll] [N/A, ]
[c:\Apps\Powercinema\Kernel\TV\CLSchMgr.dll] [, 4.00.1710]
[PID: 3392 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 224 / Packo][C:\WINDOWS\system32\wuauclt.exe] [(Verified) Microsoft Corporation, 7.4.7600.226 (winmain_wtr_wsus3sp2(wmbla).090806-1834)]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[PID: 1196 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2832 / Packo][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.9.2]
[C:\Program Files\Mozilla Firefox\xul.dll] [Mozilla Foundation, 1.9.2]
[C:\Program Files\Mozilla Firefox\sqlite3.dll] [sqlite.org, 3.6.16.1]
[C:\Program Files\Mozilla Firefox\MOZCRT19.dll] [Mozilla Foundation, 8.00.0000]
[C:\Program Files\Mozilla Firefox\js3250.dll] [N/A, ]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Mozilla Foundation, 4.8.3]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.12.4.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.12.4.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssutil3.dll] [Mozilla Foundation, 3.12.4.5]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Mozilla Foundation, 4.8.3]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Mozilla Foundation, 4.8.3]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.12.4.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.9.2]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll] [Mozilla Foundation, 1.9.2]
[C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll] [Mozilla Foundation, 1.9.2]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.12.4.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssdbm3.dll] [Mozilla Foundation, 3.12.4.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.12.4.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.77]
[C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll] [, ]
[PID: 4456 / Packo][C:\WINDOWS\system32\notepad.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]
[PID: 5448 / Packo][D:\Documents and Settings\Packo\Bureau\SREngLdr.EXE] [Smallfrogs Studio, 2.8.2.1321]
[PID: 5476 / Packo][D:\Documents and Settings\Packo\Bureau\SRE3e115c14.EXE] [Smallfrogs Studio, 2.8.2.1321]
[C:\PROGRA~1\GOTOSO~1\VADERE~1\VrOe_hook.dll] [, 1.0.0.1]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE Error. [secfile]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
[E:\]
[autorun]
OPEN=setupSNK.exe
ICON=\SMRTNTKY\fcw.ico
ACTION=Assistant Réseau sans fil

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1648, D:\DOCUMENTS AND SETTINGS\PACKO\LOCAL SETTINGS\APPLICATION DATA\AV.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1780, C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1784, C:\PROGRAM FILES\FICHIERS COMMUNS\ULEAD SYSTEMS\AUTODETECTOR\MONITOR.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1796, C:\PROGRAM FILES\JAVA\JRE1.5.0_02\BIN\JUSCHED.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1808, C:\APPS\ABOARD\ABOARD.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1816, C:\PROGRA~1\GOTOSO~1\VADERE~1\VADERETRO_OE.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1852, C:\APPS\POWERCINEMA\PCMSERVICE.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2012, C:\APPS\ABOARD\AOSD.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1844, C:\APPS\POWERCINEMA\KERNEL\TV\CLCAPSVC.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1972, C:\APPS\HIDSERVICE\HIDSERVICE.EXE]

==================================
Scheduled Tasks
[Enabled] HDReg.job
c:\Apps\HDReg\HDRegRem.exe
[Enabled] GoogleUpdateTaskMachineUA.job
C:\Program Files\Google\Update\GoogleUpdate.exe
[Enabled] GoogleUpdateTaskMachineCore.job
C:\Program Files\Google\Update\GoogleUpdate.exe

==================================
Windows Security Update Check
KB891122, Mise à jour pour les lecteurs multimédias WMDRM (KB891122)
KB829019, Module de prise en charge linguistique Microsoft .NET Framework 2.0 : x86 (KB829019)
KB892130, Windows Genuine Advantage Validation Tool (KB892130)
KB925850, Lecteur Windows Media 11
KB940157, Windows Search 4.0 pour Windows XP (KB940157)
KB928416, Microsoft .NET Framework 3.0 : Module linguistique x86 (KB928416)
KB909520, Package de fournisseur de services cryptographiques pour cartes à puce de base Microsoft : x86 (KB909520)
KB936929, Windows XP Service Pack 3 (KB936929)
KB951847, Module linguistique x86 Microsoft .NET Framework 3.5 Service Pack 1 (KB951847)
KB944036, Internet Explorer 8 pour Windows XP :
KB931125, Mise à jour des certificats racine [novembre 2009] (KB931125)
KB976569, Mise à jour pour Microsoft .NET Framework version 2.0 Service Pack 2 pour Windows Server 2003 et Windows XP x86 (KB976569)
KB976570, Mise à jour pour Microsoft .NET Framework version 3.0 Service Pack 2 pour Windows Server 2003 et Windows XP x86 (KB976570)
KB890830, Outil de suppression de logiciels malveillants Windows - mars 2010 (KB890830)
KB975561, Mise à jour de sécurité pour Windows XP (KB975561) MS10-016

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================


[/CODE]

Re,

Tu es très en retard dans les mises à jour. Il faudra impérativement passer au sp3 et faire toutes lesm ises à jour et installer Internet explorer au lieu de IE6 !!

1/ Ouvre SREnG>System repair :

Coche la case .exe et clique sur repair comme indiqué sur la capture d'écran :

2/ Redémarre le pc.

3/

• Télécharge OTM (de Old_Timer) sur ton bureau,
• Double-clique sur OTM.exe pour lancer le programme,
• Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste Instructions for Items to be Moved" :

Begin copying here:

:Files
D:\Documents and Settings\Packo\Local Settings\Application Data\av.exe


:Commands
[EmptyTemp]
[Start Explorer]

• Clique sur MoveIt! pour lancer la suppression,
• Le résultat appraraîtra dans le cadre Results.
• Clique sur Exit pour fermer le programme.
• Poste le rapport qui est situé ici : C:\\\_OTM\MovedFiles
• Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.

4/

Télécharge SystemLook de jpshortstuff sur ton Bureau à partir d'un des liens ci-dessous.
Miroir de téléchargement #1
Miroir de téléchargement #2

• Double-clique sur SystemLook.exe pour le lancer.
• Clic droit|Copier le contenu du cadre ci-dessous et clic droit|Coller dans la zone texte de SystemLook :
  
  Code
  SCRIPT

Begin copying here:
:dir
D:\Documents and Settings\Packo\Application Data\OD2 /s
D:\Documents and Settings\Packo\Application Data\TransRender /s
D:\Documents and Settings\Packo\Application Data\Temporary /s
D:\Documents and Settings\Packo\Application Data\ConvertTemp /s

• Clique sur le bouton Look pour démarrer l'examen.
• A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.

Nota Bene : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt

5/

• Télécharge UsbFix de Chiquitine29 sur ton Bureau,
• L'outil peut faire réagir l'antivirus. Dans ce cas, tu ignores les alertes ou tu désactives temporairement ton antivirus.
• Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
• Double-clique sur UsbFix sur ton Bureau (Pour Vista, le programme doit être lancé via un clic droit, et il faut choisir d'exécuter en tant qu'administrateur). Choisis la langue (Français) puis l'option 2.
• Cela va lancer la procédure de nettoyage des lecteurs amovibles branchés.
• Le PC va redémarrer.
• Poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)

6/ Utilise malwarebyte's en suivant ce tuto et édite le rapport.

Fill

Bonjour,

Où en es-tu ?

Fill

Affaire classée.

Bonjour Fill

Excuse moi de ne pas t'avoir répondu plus tôt j'étais en déplacement.

pour ce qui est de mon affaire je ne suis pas arrivé à utiliser l'OTM.exe donc du coup j'ai formater mon pc et maintenant tout va bien enfin jusqu'à présent

Merci quand même pour tout

Bonjour mahitos01

Pour indiquer que le sujet est résolu, cliquer sur Marquer comme résolu dans le bandeau au-dessus du premier message ou en bas de page dans Options.