Plantages fréquents, pertes de connexion, [résolu]

Bonjour,
Depuis peu, mon pc est devenu plutot lent, il est fort sujets à des plantages, c'est-à-dire que je lance IE, Word ou autre et après quelques minutes d'attente, il me dit que le programme ne répond plus (le traditionnel message de windows). De plus je perds souvent ma connexion internet, plus qu'avant, en gros l'utilisation de mon pc devient assez énervante. Pouvez-vous m'aider? Je ne sais pas si c'est du à un virus ou autre mais en tout cas je possède les versions gratuites d'Avast et Sunbelt Personal Firewall, j'ai lancé une recherche Malwarebytes qui n'a rien donné.
Merci d'avance!

Salut valenti


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

Merci pour la réponse
Voici l'info.txt :
info.txt logfile of random's system information tool 1.05 2009-02-15 00:42:31

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{AFBA0609-EB70-43CB-B11C-294EDADFA101}\setup.exe -runfromtemp -l0x040c -removeonly
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
-->MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
-->MsiExec.exe /I{C4CBAD7E-DF4A-4FEC-AC17-8BC709AFB844}
-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 2.1-->MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71}
Adobe Photoshop Elements 5.0-->msiexec /I {A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
AGEIA PhysX v7.11.13-->MsiExec.exe /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
albumfactory Designer-->"C:\Program Files\albumfactory Designer\unins000.exe"
Alps Pointing-device for VAIO-->C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Applian FLV Player-->"C:\Windows\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Magic-i Visual Effects Installer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}\Setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Atlantis - Sky Patrol -->C:\Big Fish Games\Atlantis - Sky Patrol\Uninstall.exe
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Big Fish Games Sudoku-->C:\Big Fish Games\sudoku\Uninstall.exe
Browser Address Error Redirector-->regsvr32 /u /s "C:\PROGRA~1\GOOGLE~1\BAE.dll"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Centre de Big Fish Games-->C:\Big Fish Games\Uninstall.exe
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Click to DVD 2.0.05 Menu Data-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E407618-D9CD-4F39-9490-9ED45294073D}\setup.exe" -l0x40c -removeonly
Click to DVD 2.6.00-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E809063C-51A3-4269-8984-D1EB742F2151}\setup.exe" -l0x40c -removeonly
CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DSD Direct Player-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}\setup.exe" -l0x40c -removeonly
DSD Direct-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}\setup.exe" -l0x40c -removeonly
DSD Playback Plug-in-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{009E7FB7-1775-4D89-8956-F5C9A1C019FC}\setup.exe" -l0x40c -removeonly
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Football Manager 2009-->"C:\Program Files\Sports Interactive\Football Manager 2009\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C}
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
GIMP 2.4.5-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\UIU32m.exe -U -ISnSZIRXz.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java Adapter for Mobile 1.0.0.7-->"C:\Program Files\MyPhone\Java_Adapter_for_Mobile\unins000.exe"
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
K-Lite Codec Pack 4.1.7 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LG PC Suite-->C:\Program Files\InstallShield Installation Information\{993960EE-CA4D-443F-8F88-E24260DD5FD2}\setup.exe -runfromtemp -l0x040c -removeonly
LG USB Modem driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly
Lost Via Domus-->"C:\Program Files\InstallShield Installation Information\{2702B8FC-6003-4AC6-ADBC-EC65746D800A}\setup.exe" -runfromtemp -l0x040c -removeonly
Mahjong Towers Eternity -->C:\Big Fish Games\Mahjong Towers Eternity\Uninstall.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MaxDrive PS2-->C:\Windows\IsUninst.exe -f"C:\Program Files\Datel\MaxDrive PS2\Uninst.isu"
Mediacenter-->"C:\Program Files\MegaPack CoolStreaming\unins000.exe"
Megaupload Toolbar-->C:\Program Files\MegauploadToolbar\uninstall.exe
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91E3040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{299CF645-48C7-4FA1-8BCD-5CE200CF180D}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Move Networks Media Player for Internet Explorer-->C:\Users\valenti\AppData\Roaming\Move Networks\ie_bin\Uninst.exe
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Connection Center-->C:\Program Files\MSN\MSNIA\CC\MSNCC\ccrestore.exe /Uninstall
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Multitax 2008-->C:\Program Files\InstallShield Installation Information\{05BBB8BE-5F74-49C4-A0A3-81EBC90A8848}\setup.exe -runfromtemp -l0x040c -removeonly
Mystery Case Files - Prime Suspects -->C:\Big Fish Games\Mystery Case Files - Prime Suspects\Uninstall.exe
Nero 8-->MsiExec.exe /X{B4649EFB-54CB-42AB-8536-8FED519E1033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OGA Notifier 1.7.0105.35.0-->MsiExec.exe /I{25E98ECB-5727-408E-B30A-2CAF86F5B310}
OpenCASE Media Agent-->MsiExec.exe /I{1771FDC8-D846-4B77-996A-C80DAD42C03F}
OpenMG Limited Patch 4.7-07-15-19-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-15-19-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
Outil de restauration de données VAIO-->C:\Program Files\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x040c -removeonly
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Outil VAIO Media Registration 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}\setup.exe" -l0x40c UNINSTALL -removeonly
Panneau de configuration MobileMe-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PixiePack Codec Pack-->MsiExec.exe /I{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}
Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}
Qloud Plug-in for iTunes-->C:\Program Files\iTunes\Plug-Ins\Qloud\iTunesQLoudSetup.exe /uninstall
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Roxio Easy Media Creator Home-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
RUNAWAY 2 - The dream of the turtle-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DE0CE4-F38A-4DA7-81DF-949E615EA0AB}\setup.exe"
Safari-->MsiExec.exe /I{582D2A53-F426-4C5E-A2E6-43C1AB36B907}
SecondLife (remove only)-->"C:\Program Files\SecondLife\uninst.exe" /P="SecondLife"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Setting Utility Series-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -l0x40c -removeonly
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x40c -remove -removeonly
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SonicStage Mastering Studio Audio Filter Custom Preset-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC37A846-53AC-4DA7-98FA-76A4E74AA900}\setup.exe" -l0x40c -removeonly
SonicStage Mastering Studio Audio Filter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}\setup.exe" -l0x40c -removeonly
SonicStage Mastering Studio Plugins-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}\setup.exe" -l0x40c -removeonly
SonicStage Mastering Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6332AFF1-9D9A-429C-AA03-F82749FA4F49}\setup.exe" -l0x40c -removeonly
Sony Video Shared Library-->C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe -runfromtemp -l0x040c -removeonly
SopCast 1.1.2-->C:\Program Files\SopCast\uninst.exe
StreamerOne Beta 0.4-->C:\Program Files\StreamerOne\uninst.exe
SubSync-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\SubSync\ST6UNST.LOG"
Subtitle Workshop 2.51-->"C:\Program Files\URUSoft\Subtitle Workshop\uninstall.exe"
Sunbelt Personal Firewall-->MsiExec.exe /X{82B1150E-9B37-49FC-83EB-D52197D900D0}
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
TomTom HOME 2.5.2.60-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
Tunebite-->MsiExec.exe /I{038B6EA2-D182-4982-82E8-4E5A571818E7}
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
TVUPlayer 2.3.7.1-->C:\Program Files\TVUPlayer\uninst.exe
UUSee ÍøÂçµçÊÓ [4.4.801.53]-->C:\Program Files\uusee\uninst.exe
VAIO Aqua Breeze Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97BCD719-6ECB-458F-97D6-F38D2E07375E}\setup.exe" -l0x9 -removeonly
VAIO Camera Capture Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}\setup.exe" -l0x40c -removeonly
VAIO Content Folder Setting-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23825B69-36DF-4DAD-9CFD-118D11D80F16}\setup.exe" -l0x40c -removeonly
VAIO Content Importer / VAIO Content Exporter-->C:\Program Files\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Content Metadata Intelligent Analyzing Manager-->C:\Program Files\InstallShield Installation Information\{FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Content Metadata Manager Setting-->C:\Program Files\InstallShield Installation Information\{69351E9E-23ED-41D5-B146-EDBF83C63B66}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Content Metadata XML Interface Library-->C:\Program Files\InstallShield Installation Information\{5F5DE5D5-D130-4110-A3A4-69FFB0B14BD9}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -l0x40c -removeonly
VAIO Cozy Orange Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}\setup.exe" -l0x9 -removeonly
VAIO Entertainment Platform-->C:\Program Files\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Event Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}\setup.exe" -l0x40c -removeonly
VAIO Launcher-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}\setup.exe" -l0x40c -removeonly
VAIO Media 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Media AC3 Decoder 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}\Setup.exe" -l0x40c UNINSTALL
VAIO Media Content Collection 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{500162A0-4DD5-460A-BAFD-895AAE48C532}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Media Integrated Server 6.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{785EB1D4-ECEC-4195-99B4-73C47E187721}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Media Redistribution 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Movie Story Template Data-->C:\Program Files\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Movie Story-->C:\Program Files\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO MusicBox Sample Music-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}\setup.exe" -l0x40c -removeonly
VAIO MusicBox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}\setup.exe" -l0x40c -removeonly
VAIO Original Function Setting-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A63E7492-A0BC-4BB9-89A7-352965222380}\setup.exe" -l0x40c -removeonly
VAIO Original Screen Saver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}\Setup.exe" -l0x40c
VAIO Power Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{802889F8-6AF5-45A5-9764-CA5B999E50FC}\setup.exe" -l0x40c -removeonly
VAIO Tender Green Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934A3213-1CB6-4264-84A2-EE080C017BCA}\setup.exe" -l0x9 -removeonly
VAIO Update 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\setup.exe" -l0x40c -removeonly
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Veetle TV Player 0.9.6-->C:\Program Files\Veetle\VLC\uninstall.exe
Veetle TV Player 0.9.6-->C:\Windows\UninstVeetleTVPlayer.exe
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
Virtua Tennis 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9B63540D-D942-4C38-B42E-A48AE0145970}\setup.exe" -l0x40c -removeonly
Virtual Villagers -->C:\Big Fish Games\Virtual Villagers\Uninstall.exe
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VMware Player-->MsiExec.exe /I{A53A11EA-0095-493F-86FA-A15E8A86A405}
VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"
WIDCOMM Bluetooth Software 6.1.0.1203-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}
Windows Live Toolbar-->MsiExec.exe /X{915809D6-1F93-45F2-9699-5F1DA64DC24B}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinDVD BD for VAIO-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x040c
WinHTTrack Website Copier 3.42-->"C:\Program Files\WinHTTrack\unins000.exe"
WinUAE 1.4.4-->C:\Users\valenti\Documents\FABIO\Amiga\uninstall_winuae.exe
Wireless Switch Setting Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\setup.exe" -l0x40c -removeonly

======Security center information======

FW: Sunbelt Personal Firewall
AS: AVG Anti-Spyware (disabled) (outdated)
AS: Windows Defender

System event log

Computer Name: PC-de-valenti
Event Code: 4372
Message: Windows Servicing définit l’état du package KB960544(Update) à Génération(Staging)
Record Number: 151596
Source Name: Microsoft-Windows-Servicing
Time Written: 20090214233217.000000-000
Event Type: Information
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-valenti
Event Code: 4372
Message: Windows Servicing définit l’état du package KB960544(Update) à Génération(Staging)
Record Number: 151597
Source Name: Microsoft-Windows-Servicing
Time Written: 20090214233217.000000-000
Event Type: Information
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-valenti
Event Code: 7040
Message: Le type de démarrage du service Programme d’installation de modules Windows est passé de Démarrage automatique à Démarrage à la demande.
Record Number: 151598
Source Name: Service Control Manager
Time Written: 20090214233217.000000-000
Event Type: Information
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-valenti
Event Code: 18
Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le ?dimanche ?15 ?février ?2009 à 3:00 :
- Mise à jour cumulative pour Media Center pour Windows Vista (KB960544)
Record Number: 151599
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20090214233438.409892-000
Event Type: Information
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-valenti
Event Code: 7036
Message: Le service Programme d’installation de modules Windows est entré dans l'état : arrêté.
Record Number: 151600
Source Name: Service Control Manager
Time Written: 20090214234110.000000-000
Event Type: Information
User:

Application event log

Computer Name: PC-de-valenti
Event Code: 1003
Message: Le service Windows Search a été démarré.

Record Number: 42079
Source Name: Microsoft-Windows-Search
Time Written: 20090214113544.000000-000
Event Type: Information
User:

Computer Name: PC-de-valenti
Event Code: 0
Message:
Record Number: 42080
Source Name: iPod Service
Time Written: 20090214113600.000000-000
Event Type: Information
User:

Computer Name: PC-de-valenti
Event Code: 1
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 42081
Source Name: SecurityCenter
Time Written: 20090214113615.000000-000
Event Type: Information
User:

Computer Name: PC-de-valenti
Event Code: 1001
Message: Récipient d’erreurs 314617460, type 5
Événement : AppHangXProcB1
Réponse : Aucun
ID de CAB : 0

Signature du problème :
P1 : iexplore.exe
P2 : 8.0.6001.18241
P3 : 48ae8fee
P4 : 1e5e
P5 : 32
P6 : iexplore.exe
P7 : 8.0.6001.18241
P8 :
P9 :
P10 :

Fichiers joints :
C:\Users\valenti\AppData\Local\Temp\WERE8CE.tmp.version.txt

Ces fichiers sont peut-être disponibles ici :
C:\Users\valenti\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0c5f037f
Record Number: 42082
Source Name: Windows Error Reporting
Time Written: 20090214171608.000000-000
Event Type: Information
User:

Computer Name: PC-de-valenti
Event Code: 1002
Message: Le programme iexplore.exe version 8.0.6001.18241 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 105c Heure de début : 01c98ec4e9047adf Heure de fin : 35
Record Number: 42083
Source Name: Application Hang
Time Written: 20090214171609.000000-000
Event Type: Erreur
User:

Security event log

Computer Name: PC-de-valenti
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-VALENTI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Boot\nl-NL\bootmgr.exe.mui
ID du handle : 0xe4

Informations sur le processus :
ID du processus : 0x7c8
Nom du processus : C:\Windows\bfsvc.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 57509
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080916165712.615131-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-valenti
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-VALENTI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Boot\pl-PL\bootmgr.exe.mui
ID du handle : 0xfc

Informations sur le processus :
ID du processus : 0x7c8
Nom du processus : C:\Windows\bfsvc.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 57510
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080916165712.630131-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-valenti
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-VALENTI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Boot\pt-BR\bootmgr.exe.mui
ID du handle : 0xdc

Informations sur le processus :
ID du processus : 0x7c8
Nom du processus : C:\Windows\bfsvc.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 57511
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080916165712.640131-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-valenti
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-VALENTI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Boot\pt-PT\bootmgr.exe.mui
ID du handle : 0x100

Informations sur le processus :
ID du processus : 0x7c8
Nom du processus : C:\Windows\bfsvc.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 57512
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080916165712.650131-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-valenti
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-VALENTI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Boot\ru-RU\bootmgr.exe.mui
ID du handle : 0xe8

Informations sur le processus :
ID du processus : 0x7c8
Nom du processus : C:\Windows\bfsvc.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 57513
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080916165712.655131-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\iTunes\Plug-InsC:\Program Files\iTunes\Plug-Ins\Qloud;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Et le log.txt :
Logfile of random's system information tool 1.05 (written by random/random)
Run by valenti at 2009-02-15 10:25:03
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 39 GB (22%) free of 180 GB
Total RAM: 2046 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:25:38, on 15/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\VMware\VMware Player\hqtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\valenti\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\msfeedssync.exe
C:\Users\valenti\Desktop\RSIT.exe
C:\Program Files\trend micro\valenti.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\valenti\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Policies\Explorer\Run: [Windows Security Tool] WinSecure.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: moka5 USB Clean-486.lnk = C:\Users\valenti\AppData\Local\Temp\m5usb-486\m5usb.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Download all by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.(...)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.c(...)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} (DLoader Class) - http://dl.uc.sina.com/cab/downloader.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://bialobbes.dyndns.org/activex/AxisCamControl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: OpenCASE Media Agent - ExtendMedia Inc. - C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 16313 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2507170492-2813535551-3449865190-1000.job
C:\Windows\tasks\User_Feed_Synchronization-{4AA6A211-5C1E-48E8-BC75-DAC35A762B74}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-18 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-01-03 370296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]
Megaupload Toolbar - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA102584-3B97-47e7-B9BC-75D54C110A7D}]
Tunebite_WebRipPlugin Class - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll [2008-10-29 144688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2007-11-13 352256]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2007-06-10 118784]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-06-11 317560]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-11-15 29744]
"VMware hqtray"=C:\Program Files\VMware\VMware Player\hqtray.exe [2007-05-01 56112]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-01-03 185896]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-06-28 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-06-28 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-06-28 81920]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
"Google Update"=C:\Users\valenti\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 133104]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"DMSN"= []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-18 21633320]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-12-09 234856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Windows Security Tool"=WinSecure.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\valenti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
moka5 USB Clean-486.lnk - C:\Users\valenti\AppData\Local\Temp\m5usb-486\m5usb.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2007-07-12 98304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db08c16b-99e6-11dc-bec7-806e6f6e6963}]
shell\AutoRun\command - F:\autorun.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-02-15 00:34:27 ----A---- C:\Windows\system32\EncDec.dll
2009-02-15 00:34:25 ----A---- C:\Windows\system32\psisdecd.dll
2009-02-15 00:31:47 ----D---- C:\Program Files\trend micro
2009-02-15 00:31:39 ----D---- C:\rsit
2009-02-12 09:16:49 ----A---- C:\Windows\system32\mshtml.dll
2009-02-10 20:51:26 ----D---- C:\Users\valenti\AppData\Roaming\TomTom
2009-02-10 20:42:35 ----D---- C:\Program Files\TomTom HOME 2
2009-02-10 20:19:22 ----D---- C:\Program Files\TomTom HOME
2009-02-01 11:11:25 ----D---- C:\ProgramData\KONAMI
2009-01-31 11:00:14 ----A---- C:\Windows\system32\infocardapi.dll
2009-01-31 11:00:13 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-01-31 11:00:11 ----A---- C:\Windows\system32\icardagt.exe
2009-01-31 11:00:10 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-01-31 11:00:10 ----A---- C:\Windows\system32\icardres.dll
2009-01-31 11:00:07 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-01-31 11:00:02 ----A---- C:\Windows\system32\PresentationHost.exe
2009-01-31 10:47:15 ----A---- C:\Windows\system32\dfshim.dll
2009-01-31 10:47:05 ----A---- C:\Windows\system32\mscoree.dll
2009-01-31 10:47:01 ----A---- C:\Windows\system32\netfxperf.dll
2009-01-31 10:46:21 ----A---- C:\Windows\system32\mscorier.dll
2009-01-31 10:46:11 ----A---- C:\Windows\system32\mscories.dll
2009-01-24 21:31:13 ----A---- C:\Windows\system32\javaws.exe
2009-01-24 21:31:13 ----A---- C:\Windows\system32\javaw.exe
2009-01-24 21:31:13 ----A---- C:\Windows\system32\java.exe
2009-01-23 19:50:07 ----A---- C:\Windows\system32\pngfilt.dll
2009-01-23 19:50:07 ----A---- C:\Windows\system32\mshtmler.dll
2009-01-23 19:50:07 ----A---- C:\Windows\system32\mshtmled.dll
2009-01-23 19:50:07 ----A---- C:\Windows\system32\ieui.dll
2009-01-23 19:50:07 ----A---- C:\Windows\system32\admparse.dll
2009-01-23 19:50:06 ----A---- C:\Windows\system32\msls31.dll
2009-01-23 19:50:06 ----A---- C:\Windows\system32\jsproxy.dll
2009-01-23 19:50:06 ----A---- C:\Windows\system32\corpol.dll
2009-01-23 19:50:04 ----A---- C:\Windows\system32\PrivacIE.dll
2009-01-23 19:50:04 ----A---- C:\Windows\system32\iernonce.dll
2009-01-23 19:50:04 ----A---- C:\Windows\system32\advpack.dll
2009-01-23 19:50:03 ----A---- C:\Windows\system32\imgutil.dll
2009-01-23 19:50:03 ----A---- C:\Windows\system32\ieapfltr.dll
2009-01-23 19:50:02 ----A---- C:\Windows\system32\msrating.dll
2009-01-23 19:50:02 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-01-23 19:50:02 ----A---- C:\Windows\system32\msfeeds.dll
2009-01-23 19:50:02 ----A---- C:\Windows\system32\licmgr10.dll
2009-01-23 19:50:02 ----A---- C:\Windows\system32\inseng.dll
2009-01-23 19:50:02 ----A---- C:\Windows\system32\iesetup.dll
2009-01-23 19:50:01 ----A---- C:\Windows\system32\mstime.dll
2009-01-23 19:50:01 ----A---- C:\Windows\system32\dxtrans.dll
2009-01-23 19:50:01 ----A---- C:\Windows\system32\dxtmsft.dll
2009-01-23 19:50:00 ----A---- C:\Windows\system32\webcheck.dll
2009-01-23 19:50:00 ----A---- C:\Windows\system32\occache.dll
2009-01-23 19:50:00 ----A---- C:\Windows\system32\ieaksie.dll
2009-01-23 19:50:00 ----A---- C:\Windows\system32\ieakeng.dll
2009-01-23 19:49:58 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\wextract.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\SetDepNx.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\PDMSetup.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\msfeedssync.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\ieUnatt.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\ieakui.dll
2009-01-23 19:49:57 ----A---- C:\Windows\system32\url.dll
2009-01-23 19:49:57 ----A---- C:\Windows\system32\iedkcs32.dll
2009-01-23 19:49:56 ----A---- C:\Windows\system32\jscript.dll
2009-01-23 19:49:55 ----A---- C:\Windows\system32\iertutil.dll
2009-01-23 19:49:55 ----A---- C:\Windows\system32\ie4uinit.exe
2009-01-23 19:49:53 ----A---- C:\Windows\system32\mshta.exe
2009-01-23 19:49:52 ----A---- C:\Windows\system32\iexpress.exe
2009-01-23 19:49:52 ----A---- C:\Windows\system32\iepeers.dll
2009-01-23 19:49:52 ----A---- C:\Windows\system32\icardie.dll
2009-01-23 19:49:51 ----A---- C:\Windows\system32\wininet.dll
2009-01-23 19:49:50 ----A---- C:\Windows\system32\urlmon.dll
2009-01-23 19:49:48 ----A---- C:\Windows\system32\ieframe.dll

======List of files/folders modified in the last 1 months======

2009-02-15 10:25:14 ----D---- C:\Windows\Prefetch
2009-02-15 10:25:10 ----D---- C:\Windows\Temp
2009-02-15 10:24:04 ----D---- C:\Users\valenti\AppData\Roaming\Skype
2009-02-15 10:09:23 ----D---- C:\Users\valenti\AppData\Roaming\skypePM
2009-02-15 03:15:45 ----D---- C:\Windows\Microsoft.NET
2009-02-15 03:15:09 ----RSD---- C:\Windows\assembly
2009-02-15 03:10:32 ----D---- C:\ProgramData\VMware
2009-02-15 03:07:27 ----D---- C:\Windows\System32
2009-02-15 03:07:27 ----D---- C:\Windows\ehome
2009-02-15 03:01:24 ----D---- C:\Windows\winsxs
2009-02-15 03:00:49 ----SHD---- C:\System Volume Information
2009-02-15 00:32:16 ----D---- C:\Windows\system32\catroot
2009-02-15 00:32:11 ----D---- C:\Windows\system32\catroot2
2009-02-15 00:31:47 ----RD---- C:\Program Files
2009-02-14 12:03:10 ----D---- C:\Windows\Minidump
2009-02-14 12:03:10 ----AD---- C:\Windows
2009-02-12 19:51:32 ----D---- C:\Windows\inf
2009-02-12 19:51:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-12 09:17:49 ----D---- C:\Windows\Debug
2009-02-12 09:16:48 ----SHD---- C:\Windows\Installer
2009-02-12 09:15:35 ----D---- C:\Program Files\Windows Mail
2009-02-12 00:03:24 ----D---- C:\Windows\Tasks
2009-02-10 23:04:43 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-10 20:32:41 ----D---- C:\ProgramData
2009-02-08 15:56:23 ----D---- C:\Program Files\Messenger Plus! Live
2009-02-07 13:06:51 ----D---- C:\Windows\system32\drivers
2009-02-07 10:55:08 ----D---- C:\Program Files\Mozilla Firefox
2009-02-05 22:11:35 ----A---- C:\Windows\system32\aswBoot.exe
2009-02-04 00:21:12 ----A---- C:\Windows\system32\mrt.exe
2009-01-31 15:02:43 ----D---- C:\Windows\rescache
2009-01-31 14:42:21 ----D---- C:\Windows\system32\fr-FR
2009-01-31 14:42:09 ----D---- C:\Windows\system32\XPSViewer
2009-01-31 14:42:09 ----D---- C:\Windows\system32\wbem
2009-01-31 14:42:09 ----D---- C:\Windows\system32\en-US
2009-01-31 11:14:37 ----D---- C:\Windows\system32\Tasks
2009-01-26 18:33:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-24 21:35:50 ----SD---- C:\Users\valenti\AppData\Roaming\Microsoft
2009-01-24 21:31:09 ----D---- C:\Program Files\Java
2009-01-23 20:03:31 ----D---- C:\Windows\system32\WDI
2009-01-23 20:03:31 ----D---- C:\Windows\system32\migration
2009-01-23 20:03:31 ----D---- C:\Windows\PolicyDefinitions
2009-01-23 20:03:31 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2007-06-27 10216]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System3

Salut valenti


Mettre MalwareByte's Anti-Malware à jour

---

- Redémarre en mode sans échec :

Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur

---

- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php


@++

Voilà la suite:

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1763
Windows 6.0.6001 Service Pack 1

15/02/2009 14:53:12
mbam-log-2009-02-15 (14-53-12).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 263049
Temps écoulé: 1 hour(s), 12 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\windows security tool (Trojan.Dropper) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\valenti\Documents\FABIO\u\U89.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\rar.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.

Salut valenti


Télécharge combofix.exe (de sUBs) sur le bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm


==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

Double clique sur combofix.exe, clique sur OUI et valide par Entrée

Il te sera demandé d’installer la console si elle n’est pas installer, clique sur NON

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\ Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


@++

Voilà la suite :
ComboFix 09-02-14.01 - valenti 2009-02-15 18:17:46.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2046.1074 [GMT 1:00]
Lancé depuis: c:\users\valenti\Desktop\ComboFix.exe
FW: Sunbelt Personal Firewall *disabled*
.
ADS - Windows: deleted 48 bytes in 1 streams.

((((((((((((((((((((((((((((( Fichiers créés du 2009-01-15 au 2009-02-15 ))))))))))))))))))))))))))))))))))))
.

2009-02-15 00:34 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-15 00:34 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-15 00:34 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-15 00:34 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-15 00:34 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-15 00:31 . 2009-02-15 00:42 <REP> d-------- C:\rsit
2009-02-15 00:31 . 2009-02-15 10:25 <REP> d-------- c:\program files\trend micro
2009-02-12 09:16 . 2009-01-06 02:09 1,659,392 --a------ c:\windows\System32\mshtml.tlb
2009-02-10 20:51 . 2009-02-10 20:51 <REP> d-------- c:\users\valenti\AppData\Roaming\TomTom
2009-02-10 20:42 . 2009-02-10 20:42 <REP> d-------- c:\program files\TomTom HOME 2
2009-02-10 20:19 . 2009-02-10 20:33 <REP> d-------- c:\program files\TomTom HOME
2009-02-01 11:11 . 2009-02-01 11:11 <REP> d-------- c:\users\All Users\KONAMI
2009-02-01 11:11 . 2009-02-01 11:11 <REP> d-------- c:\programdata\KONAMI
2009-01-31 11:00 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2009-01-31 11:00 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe
2009-01-31 11:00 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2009-01-31 11:00 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2009-01-31 11:00 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2009-01-31 11:00 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2009-01-31 11:00 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2009-01-31 11:00 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll
2009-01-31 10:47 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-01-31 10:47 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-01-31 10:47 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-01-31 10:46 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-01-31 10:46 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-15 17:25 --------- d-----w c:\users\valenti\AppData\Roaming\Skype
2009-02-15 15:01 --------- d-----w c:\users\valenti\AppData\Roaming\skypePM
2009-02-15 13:58 --------- d-----w c:\programdata\VMware
2009-02-15 12:35 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-14 11:23 260,545 ----a-w c:\users\valenti\AppData\Roaming\nvModes.dat
2009-02-12 08:15 --------- d-----w c:\program files\Windows Mail
2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-02-10 22:04 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-08 14:56 --------- d-----w c:\program files\Messenger Plus! Live
2009-02-05 21:06 51,792 ----a-w c:\windows\system32\drivers\aswMonFlt.sys
2009-01-24 20:31 --------- d-----w c:\program files\Java
2009-01-14 21:41 --------- d-----w c:\users\valenti\AppData\Roaming\MegauploadToolbar
2009-01-14 21:41 --------- d-----w c:\programdata\Megaupload
2009-01-14 21:41 --------- d-----w c:\programdata\EmailNotifier
2009-01-14 21:41 --------- d-----w c:\program files\MegauploadToolbar
2009-01-12 22:38 --------- d-----w c:\users\valenti\AppData\Roaming\dvdcss
2009-01-12 12:42 --------- d-----w c:\program files\KONAMI
2009-01-11 09:14 --------- d-----w c:\program files\Windows Live Toolbar
2009-01-11 09:14 --------- d-----w c:\program files\Windows Live
2009-01-11 09:13 --------- d-----w c:\program files\Microsoft Sync Framework
2009-01-11 09:06 --------- d-----w c:\program files\Windows Live SkyDrive
2009-01-11 09:06 --------- d-----w c:\program files\Microsoft
2009-01-08 16:45 --------- d-----w c:\program files\Passcape
2009-01-06 20:29 --------- d-----w c:\program files\Coolstreaming_Tool-Bar_v1.0
2009-01-06 20:29 --------- d-----w c:\program files\Conduit
2009-01-06 13:42 2,560 ----a-w c:\windows\_MSRSTRT.EXE
2009-01-06 09:57 --------- d-----w c:\program files\MegaPack CoolStreaming
2009-01-05 18:06 --------- d-----w c:\users\valenti\AppData\Roaming\Malwarebytes
2009-01-05 18:06 --------- d-----w c:\programdata\Malwarebytes
2008-12-31 16:04 691,560 ----a-w c:\windows\System32\OGACheckControl.dll
2008-12-31 16:04 528,744 ----a-w c:\windows\System32\OGAVerify.exe
2008-12-31 16:04 502,120 ----a-w c:\windows\System32\OGAAddin.dll
2008-12-26 14:06 --------- d-----w c:\program files\Skype
2008-12-26 14:05 --------- d-----w c:\programdata\Skype
2008-12-26 14:05 --------- d-----w c:\program files\Common Files\Skype
2008-12-26 09:20 --------- d-----w c:\users\valenti\AppData\Roaming\Sony Corporation
2008-12-24 16:05 --------- d-----w c:\users\valenti\AppData\Roaming\SecondLife
2008-12-23 15:10 --------- d-----w c:\program files\Common Files\Windows Live
2008-12-16 02:42 288,768 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-04 23:11 308,584 ----a-w c:\windows\WLXPGSS.SCR
2008-12-02 21:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-09-16 16:57 174 --sha-w c:\program files\desktop.ini
2008-08-17 12:40 56 ---ha-w c:\users\All Users\ezsidmv.dat
2008-08-17 12:40 56 ---ha-w c:\programdata\ezsidmv.dat
2008-03-03 15:18 0 ----a-w c:\users\valenti\AppData\Roaming\wklnhst.dat
2008-02-23 21:41 81,920 ----a-w c:\users\valenti\AppData\Roaming\ezpinst.exe
2008-02-23 21:41 47,360 ----a-w c:\users\valenti\AppData\Roaming\pcouffin.sys
2007-12-02 11:09 32 ----a-w c:\users\All Users\ezsid.dat
2007-12-02 11:09 32 ----a-w c:\programdata\ezsid.dat
2006-08-02 12:58 3,811,643 ----a-w c:\users\valenti\USB_driver.exe
2008-11-15 11:26 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]
2008-08-04 21:44 1947080 --a------ c:\progra~1\MEGAUP~1\MEGAUP~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-C39E-35F1D2A32EC8}"= "c:\progra~1\MEGAUP~1\MEGAUP~1.DLL" [2008-08-04 1947080]

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-c39e-35f1d2a32ec8}]
[HKEY_CLASSES_ROOT\megauploadtoolbar.MEGAUPLOADTOOLBAR]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A057A204-BACC-4D26-C39E-35F1D2A32EC8}"= "c:\progra~1\MEGAUP~1\MEGAUP~1.DLL" [2008-08-04 1947080]

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-c39e-35f1d2a32ec8}]
[HKEY_CLASSES_ROOT\megauploadtoolbar.MEGAUPLOADTOOLBAR]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]
"Google Update"="c:\users\valenti\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-09-03 133104]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2007-06-10 118784]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-06-11 317560]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-11-15 29744]
"VMware hqtray"="c:\program files\VMware\VMware Player\hqtray.exe" [2007-05-01 56112]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-01-03 185896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-06-28 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-06-22 739880]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-07-12 07:33 98304 c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{F3E1490F-3E3F-42F3-BA05-689CC966DB25}"= Disabled:UDP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{5A52D1FA-E40D-40D5-A15C-36686378A545}"= Disabled:TCP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{3DCFE128-80DB-4792-9A66-8FD6F626208E}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{7DC6ECAB-541A-4407-A91F-214A407C1BD4}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{6D642AAF-DD8C-4AFB-87B7-727EBE32C616}"= UDP:c:\program files\Orb Networks\Orb\bin\Orb.exe:Orb
"{EA5369A6-9556-4943-8B18-48E55708DF22}"= TCP:c:\program files\Orb Networks\Orb\bin\Orb.exe:Orb
"{4357078A-047C-401B-AA8D-AF3F68AD80D7}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbTray.exe:OrbTray
"{7B35ACCB-940F-4DE6-95E1-AC222FBCEBBC}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbTray.exe:OrbTray
"{DE7AA0AA-F335-4EAC-B271-67C36DEF0829}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbIR.exe:OrbIR
"{C45B32E5-044E-4FAE-9C36-BAD69794E5DC}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbIR.exe:OrbIR
"{6FBB166F-343F-4B78-BDAD-9B26C0CA04FE}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbStreamerClient.exe:Orb Stream Client
"{4ECA97F0-B4F2-453E-8B9C-6A2FC83C8EE6}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbStreamerClient.exe:Orb Stream Client
"{D903EAFD-5DFC-4753-9A83-8A77224210E1}"= UDP:c:\program files\Orb Networks\Orb\bin\xmltv.exe:OrbTVGuide
"{59B93030-A173-42A8-855A-4FCEE0583D3B}"= TCP:c:\program files\Orb Networks\Orb\bin\xmltv.exe:OrbTVGuide
"{E5B64ED5-E582-4486-B37A-E67698B5E82E}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbChannelScan.exe:OrbChannelScan
"{328936A5-BFB2-4176-A9FC-6AA300549DB6}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbChannelScan.exe:OrbChannelScan
"{489AF0BB-96F3-4C67-A65D-73EA40E34EDC}"= UDP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{99821332-F5A6-4A8D-B7A8-62C11818E8CE}"= TCP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"TCP Query User{1D6EE0B6-DA2B-4462-9139-96C64BA903D6}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{52EE94A4-3D67-4AA8-A7EF-B79A77555D0B}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{2D437E5A-60F0-4E60-8178-C012BD26BF3F}"= UDP:c:\program files\Ubisoft\Lost Via Domus\Yeti_Final_Win32.exe:Lost Via Domus Game
"{2D7B3D0F-705F-4449-9A5C-9A3A9A0C995E}"= TCP:c:\program files\Ubisoft\Lost Via Domus\Yeti_Final_Win32.exe:Lost Via Domus Game
"{43308B74-88AD-413A-8987-80F630AE84C9}"= UDP:c:\program files\Ubisoft\Lost Via Domus\gu.exe:Lost Via Domus Updater
"{35301589-9BD9-44A1-AED7-F8FD128BED55}"= TCP:c:\program files\Ubisoft\Lost Via Domus\gu.exe:Lost Via Domus Updater
"{2206938A-985A-47F0-BFEA-33970AE9CAB2}"= UDP:c:\program files\Ubisoft\Lost Via Domus\detection\Launcher.exe:Lost Via Domus Requirements Tool
"{98B47073-874A-41F9-B14B-CA0FB5675E5D}"= TCP:c:\program files\Ubisoft\Lost Via Domus\detection\Launcher.exe:Lost Via Domus Requirements Tool
"{40D35A7A-F6F3-458A-BB38-CE52224F4AB8}"= UDP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{1B1B440D-606A-4E49-8950-89C1513B7DA9}"= TCP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"TCP Query User{3E1FF45B-7E3C-4EF5-B97F-6CCDAF9D893C}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{2F94D89E-4B85-4086-8198-099AD85A8542}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{1DC1DD40-D49C-407D-A711-DE6DF2E13FC2}c:\\program files\\secondlife\\slvoice.exe"= UDP:c:\program files\secondlife\slvoice.exe:SLVoice
"UDP Query User{20308CFF-37BC-4A07-8237-67809DD829E7}c:\\program files\\secondlife\\slvoice.exe"= TCP:c:\program files\secondlife\slvoice.exe:SLVoice
"TCP Query User{499F0671-288D-4003-BA40-EAEA7BE13FE3}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{99B301B2-0387-4453-84F9-7B4177E68D85}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{9AAD8DE3-5746-4D4C-90E0-47033B1A6335}c:\\program files\\real\\realplayer\\recordingmanager.exe"= UDP:c:\program files\real\realplayer\recordingmanager.exe:RealNetworks Download and Record Manager
"UDP Query User{684F75AC-D124-4501-8AFF-EF0FF9E08A74}c:\\program files\\real\\realplayer\\recordingmanager.exe"= TCP:c:\program files\real\realplayer\recordingmanager.exe:RealNetworks Download and Record Manager
"TCP Query User{CD68F5E4-6360-43A3-875D-AFF7B0475CA4}c:\\program files\\konami\\pro evolution soccer 2009\\pes2009.exe"= UDP:c:\program files\konami\pro evolution soccer 2009\pes2009.exe:Pro Evolution Soccer 2009
"UDP Query User{E7AF851D-F681-4505-A510-E6881EFC7102}c:\\program files\\konami\\pro evolution soccer 2009\\pes2009.exe"= TCP:c:\program files\konami\pro evolution soccer 2009\pes2009.exe:Pro Evolution Soccer 2009
"TCP Query User{5D50E333-0C64-4614-B023-1EB4036A9CC0}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{751D7BD1-CABE-4BC1-993C-A1F37D881151}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet
"TCP Query User{C3FFA990-2503-48C0-B42C-EA60E2CBD795}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"UDP Query User{A5B63546-CBC1-44BE-8D7A-73DC9F613EEF}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"TCP Query User{6D952BFA-E71D-47FE-AA51-3C3D6E37EA43}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{0B9D7C96-4D2E-4E32-81D1-88EF62E303B8}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{210C6352-9A9F-4596-BDC4-A0E10257B1E4}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"UDP Query User{4FF75FF6-0486-4B30-BFCE-184DC436AE73}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"{7133A0BD-09D9-475C-8E5A-C58713BC3BFD}"= UDP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009
"{646288D0-4734-4D2C-A10F-3BB909A18383}"= TCP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009
"{4A3E96FD-E56C-4E8A-90BA-00FB8E43CC00}"= Disabled:UDP:c:\program files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{0037DC4A-50A9-42EA-9019-8DE7951784E5}"= Disabled:TCP:c:\program files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"TCP Query User{9E6C6D81-F289-40B9-9070-BB7649F1D99A}c:\\program files\\real\\realplayer\\realplay.exe"= UDP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{166385D6-6A07-4835-973D-956A11CC851D}c:\\program files\\real\\realplayer\\realplay.exe"= TCP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"{0F9434B3-0625-4058-9954-33623B138CFD}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{7FDF8FEC-B39A-49EF-BF47-BD7A253D3FFB}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{32002154-E8A8-4961-AF9C-788261877607}c:\\program files\\sunbelt software\\personal firewall\\sbpfcl.exe"= UDP:c:\program files\sunbelt software\personal firewall\sbpfcl.exe:Sunbelt Firewall GUI
"UDP Query User{0C3365E5-7E3A-4CAE-9BFA-3E807FD9B8C2}c:\\program files\\sunbelt software\\personal firewall\\sbpfcl.exe"= TCP:c:\program files\sunbelt software\personal firewall\sbpfcl.exe:Sunbelt Firewall GUI
"{DD396A40-2450-4F68-B8DB-BA89AE4EF270}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{BBDFE4B6-91B6-4589-8618-BFE48370BF43}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2008-12-10 114768]
R1 SbFw;SbFw;c:\windows\System32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\System32\drivers\sbhips.sys [2008-06-21 66600]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2008-12-10 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2008-12-10 51792]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [2007-04-17 11032]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [2007-07-20 28464]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [2007-07-21 75008]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [2007-07-21 43904]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\System32\drivers\SbFwIm.sys [2008-12-10 65576]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [2007-07-21 812544]
S2 OpenCASE Media Agent;OpenCASE Media Agent;c:\program files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe [2008-01-16 814728]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2007-07-23 29744]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-11-23 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-11-23 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-11-23 1089536]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-11-23 292152]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2007-11-23 79736]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\shell\AutoRun\command - h:\autorun\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db08c16b-99e6-11dc-bec7-806e6f6e6963}]
\shell\AutoRun\command - F:\autorun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contenu du dossier 'Tâches planifiées'

2009-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2507170492-2813535551-3449865190-1000.job
- c:\users\valenti\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 19:37]

2009-02-15 c:\windows\Tasks\User_Feed_Synchronization-{4AA6A211-5C1E-48E8-BC75-DAC35A762B74}.job
- c:\windows\system32\msfeedssync.exe [2008-08-22 11:05]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-DMSN - (no file)


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.be/
uInternet Settings,ProxyOverride = local
IE: Download all by Net Transport - c:\program files\Xi\NetTransport 2\NTAddList.html
IE: Download by Net Transport - c:\program files\Xi\NetTransport 2\NTAddLink.html
DPF: {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} - hxxp://dl.uc.sina.com/cab/downloader.cab
FF - ProfilePath - c:\users\valenti\AppData\Roaming\Mozilla\Firefox\Profiles\4pxz6471.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
1 fichier(s) déplacé(s).
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\components\TB_WebRipFFPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPnsv_vp3_mp3.dll
FF - plugin: c:\program files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\plugins\np_TB_OgloPlugin.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLC\npvlc.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\valenti\AppData\Roaming\Mozilla\Firefox\Profiles\4pxz6471.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\valenti\AppData\Roaming\Mozilla\Firefox\Profiles\4pxz6471.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07074039.dll

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFE0BD779-44EE-4A4B-AA2E-743C63F2E5E6", "AllAccess");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-15 18:25:05
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(452)
c:\windows\system32\btmmhook.dll
.
Heure de fin: 2009-02-15 18:30:55
ComboFix-quarantined-files.txt 2009-02-15 17:30:48

Avant-CF: 40.841.336.320 octets libres
Après-CF: 40,646,775,296 octets libres

296 --- E O F --- 2009-02-15 02:01:28

Salut valenti


On va vérifier si rien de caché :

Fais un scan en ligne ici :
http://webscanner.kaspersky.fr/ (A faire avec Internet Explorer)

Désactive ton Antivirus avant le scan en ligne
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm

Sur la page du scan en bas à droite clique sur Démarrer Online-scanner et dans la nouvelle fenêtre qui s'affiche clique sur J'accepte

Accepte les Contrôle ActivX

Choisis Poste de travail pour le scan. Celui-ci terminé clique sur Enregistrer rapport sous (Choisis fichier texte)

Poste le contenue du rapport

Aide pour l'utilisation du scan en ligne :
http://forum.pcastuces.com/kaspersky_online_scanner___tutoriel-f31s10.htm

P.S. : Si tu as un problème pour l'installation du Contrôle ActivX lis ceci :
http://www.inoculer.com/activex.php3

NOTE : Si tu reçoit le message "La licence de Kaspersky On-line Scanner est périmée"
Via Ajout/Suppression de programmes supprime Kaspersky Online Scanner et refaire l’installation.


@++

Je pense que ça ne fonctionne pas avec Vista, c'est possible?

Salut valenti


Oui compatible :
Désactive le contrôle des comptes utilisateurs UAC (tu le réactiveras après le scan):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

Retente le scan en ligne


@++

Je n'arrive pas à envoyer le rapport, il est trop gros. Je peux vous l'envoyer par mail? Merci!

Salut valenti


Pour le rapport, utilise cjoint.com pour poster en lien ton rapport :
http://cjoint.com/

- Clique sur Parcourir pour aller chercher le rapport
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

Si ton rapport plus grand que 500Ko ici : http://www.sendspace.com/


@++

Voilà, merci :
http://www.sendspace.com/file/pag9er

Salut valenti


Télécharge OTMoveIt3 (de Old_Timer) sur le bureau :

http://oldtimer.geekstogo.com/OTMoveIt3.exe

Double-clique sur OTMoveIt3.exe sur le bureau

- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved



- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTMoveIt3

Ton PC va redémarrer pour finir la suppression

Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.


@++

voilà la suite :
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\Documents and Settings\valenti\Documents\FABIO\u\u.exe not found.
File/Folder C:\Documents and Settings\valenti\Documents\FABIO\u.zip not found.
File/Folder C:\Documents and Settings\valenti\Documents\LimeWire\Saved\office 2007 keygen bittorrent downloader.zip not found.
File/Folder C:\Documents and Settings\valenti\Mes documents\FABIO\u\u.exe not found.
File/Folder C:\Documents and Settings\valenti\Mes documents\FABIO\u.zip not found.
File/Folder C:\Documents and Settings\valenti\Mes documents\LimeWire\Saved\office 2007 keygen bittorrent downloader.zip not found.
File/Folder C:\Users\valenti\Documents\FABIO\u\u.exe not found.
File/Folder C:\Users\valenti\Documents\FABIO\u.zip not found.
File/Folder C:\Users\valenti\Documents\LimeWire\Saved\office 2007 keygen bittorrent downloader.zip not found.
File/Folder C:\Users\valenti\Mes documents\FABIO\u\u.exe not found.
File/Folder C:\Users\valenti\Mes documents\FABIO\u.zip not found.
File/Folder C:\Users\valenti\Mes documents\LimeWire\Saved\office 2007 keygen bittorrent downloader.zip not found.
========== COMMANDS ==========
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF103D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF1050.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF1303.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF1316.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF1579.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF158C.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF1A6.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF1B9.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF1BCD.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF1C3B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF1CD4.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF1CED.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF1D57.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF1D6A.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF21F1.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF223A.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF22AE.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF22C1.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF22FD.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF2335.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF2947.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF295A.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF2CA1.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF2CB6.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF2CF4.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF2D07.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF3F64.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF3F9B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF64F1.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF6508.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF65E8.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF65FE.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF6AD7.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF6AEA.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF6D15.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF6D47.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF6F1F.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF6F32.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF714E.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF7166.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF74E6.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF74F9.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF78B8.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF78CB.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF7D6C.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF7D7F.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF80B8.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF80CB.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF827B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF828E.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF85A0.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF85F3.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF8610.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF87.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF8854.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF8867.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF891E.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF8A61.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF8A90.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF8CD8.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF8CEC.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF937.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF9461.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF9482.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF968.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF9845.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF9858.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF9D6.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF9E.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF9E9.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF9F74.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF9F83.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF9FBF.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DF9FFA.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFA036.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFA049.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFA4B8.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFA4D5.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFA893.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFA8A6.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFAB08.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFAB1B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFAD13.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFAD27.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFB23F.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFB252.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFB487.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFB49A.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFB692.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFB6B0.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFB8DD.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFB8F0.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFBA53.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFBA66.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFBD88.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFBD9B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFBF00.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFBF14.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFC76E.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFC7B1.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFC905.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFC919.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFCAAC.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFCB6C.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFD17.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFD2A.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFD71A.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFD72F.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFD907.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFD91D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFDC33.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFDC46.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFE13D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFE155.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFE701.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFE714.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFECDB.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFECEE.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFEE0D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFEE26.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFEF24.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFEF37.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFFB0F.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFFB27.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFFF57.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\valenti\AppData\Local\Temp\~DFFF6A.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\vmware-vmount.log scheduled to be deleted on reboot.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02212009_124616

Files moved on Reboot...
File C:\Users\valenti\AppData\Local\Temp\~DF103D.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF1050.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF1303.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF1316.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF1579.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF158C.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF1A6.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF1B9.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF1BCD.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF1C3B.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF1CD4.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF1CED.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF1D57.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF1D6A.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF21F1.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF223A.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF22AE.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF22C1.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF22FD.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF2335.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF2947.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF295A.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF2CA1.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF2CB6.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF2CF4.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF2D07.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF3F64.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF3F9B.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF64F1.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF6508.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF65E8.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF65FE.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF6AD7.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF6AEA.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF6D15.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF6D47.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF6F1F.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF6F32.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF714E.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF7166.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF74E6.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF74F9.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF78B8.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF78CB.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF7D6C.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF7D7F.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF80B8.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF80CB.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF827B.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF828E.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF85A0.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF85F3.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF8610.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF87.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF8854.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF8867.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF891E.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF8A61.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF8A90.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF8CD8.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF8CEC.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF937.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF9461.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF9482.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF968.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF9845.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF9858.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF9D6.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF9E.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF9E9.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF9F74.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF9F83.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF9FBF.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DF9FFA.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFA036.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFA049.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFA4B8.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFA4D5.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFA893.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFA8A6.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFAB08.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFAB1B.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFAD13.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFAD27.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFB23F.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFB252.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFB487.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFB49A.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFB692.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFB6B0.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFB8DD.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFB8F0.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFBA53.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFBA66.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFBD88.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFBD9B.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFBF00.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFBF14.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFC76E.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFC7B1.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFC905.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFC919.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFCAAC.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFCB6C.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFD17.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFD2A.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFD71A.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFD72F.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFD907.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFD91D.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFDC33.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFDC46.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFE13D.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFE155.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFE701.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFE714.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFECDB.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFECEE.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFEE0D.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFEE26.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFEF24.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFEF37.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFFB0F.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFFB27.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFFF57.tmp not found!
File C:\Users\valenti\AppData\Local\Temp\~DFFF6A.tmp not found!
C:\Windows\temp\vmware-vmount.log moved successfully.

Salut valenti


Bizarre les fichiers infectés sont plus là, c'est toi qui les as supprimés avant?


- Supprime C:\_OTMoveIt <== ce dossier
- Vide la corbeille


Refais un scan en ligne avec Kaspersky pour vérification


@++

Ca s'est planté la première fois que je l'ai lancé. Donc je pense qu'il avait déjà un peu travaillé, j'imagine que c'est ça, je n'ai rien supprimé de moi-même.

Salut valenti


OK fais la suite


@++

Le voici :
http://www.sendspace.com/file/h75kzz

Salut valenti


Tous est OK dans le rapport, tu n'as pas supprimé le dossier comme demandé dans le dernier poste.

- Supprime C:\_OTMoveIt <== ce dossier
- Vide la corbeille


As-tu d'autre souci?

@++

Ah oui désolé, j'avais zappé ce passage
Pour l'instant tout semble bien fonctionner, en tout cas je n'ai plus eu de gros plantages récemment.
Je vous tiendrai au courant si jamais.
Un très grand merci pour le temps passé sur mon cas!
a bientot

Salut valenti


Pas encore fini


Supprime ce dossier C:\rsit

Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

Ah d'accord lol
Alors voilà la suite
L'info.txt:
info.txt logfile of random's system information tool 1.05 2009-02-22 03:38:19

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{AFBA0609-EB70-43CB-B11C-294EDADFA101}\setup.exe -runfromtemp -l0x040c -removeonly
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
-->MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
-->MsiExec.exe /I{C4CBAD7E-DF4A-4FEC-AC17-8BC709AFB844}
-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 2.1-->MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71}
Adobe Photoshop Elements 5.0-->msiexec /I {A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
AGEIA PhysX v7.11.13-->MsiExec.exe /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
albumfactory Designer-->"C:\Program Files\albumfactory Designer\unins000.exe"
Alps Pointing-device for VAIO-->C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Applian FLV Player-->"C:\Windows\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Magic-i Visual Effects Installer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}\Setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Atlantis - Sky Patrol -->C:\Big Fish Games\Atlantis - Sky Patrol\Uninstall.exe
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Big Fish Games Sudoku-->C:\Big Fish Games\sudoku\Uninstall.exe
Browser Address Error Redirector-->regsvr32 /u /s "C:\PROGRA~1\GOOGLE~1\BAE.dll"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Centre de Big Fish Games-->C:\Big Fish Games\Uninstall.exe
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Click to DVD 2.0.05 Menu Data-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E407618-D9CD-4F39-9490-9ED45294073D}\setup.exe" -l0x40c -removeonly
Click to DVD 2.6.00-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E809063C-51A3-4269-8984-D1EB742F2151}\setup.exe" -l0x40c -removeonly
CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DSD Direct Player-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}\setup.exe" -l0x40c -removeonly
DSD Direct-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}\setup.exe" -l0x40c -removeonly
DSD Playback Plug-in-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{009E7FB7-1775-4D89-8956-F5C9A1C019FC}\setup.exe" -l0x40c -removeonly
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Football Manager 2009-->"C:\Program Files\Sports Interactive\Football Manager 2009\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
GIMP 2.4.5-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\UIU32m.exe -U -ISnSZIRXz.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java Adapter for Mobile 1.0.0.7-->"C:\Program Files\MyPhone\Java_Adapter_for_Mobile\unins000.exe"
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Kaspersky Online Scanner-->C:\Windows\system32\KASPER~1\KASPER~1\kavuninstall.exe
K-Lite Codec Pack 4.1.7 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LG PC Suite-->C:\Program Files\InstallShield Installation Information\{993960EE-CA4D-443F-8F88-E24260DD5FD2}\setup.exe -runfromtemp -l0x040c -removeonly
LG USB Modem driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly
Lost Via Domus-->"C:\Program Files\InstallShield Installation Information\{2702B8FC-6003-4AC6-ADBC-EC65746D800A}\setup.exe" -runfromtemp -l0x040c -removeonly
Mahjong Towers Eternity -->C:\Big Fish Games\Mahjong Towers Eternity\Uninstall.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MaxDrive PS2-->C:\Windows\IsUninst.exe -f"C:\Program Files\Datel\MaxDrive PS2\Uninst.isu"
Mediacenter-->"C:\Program Files\MegaPack CoolStreaming\unins000.exe"
Megaupload Toolbar-->C:\Program Files\MegauploadToolbar\uninstall.exe
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91E3040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Move Networks Media Player for Internet Explorer-->C:\Users\valenti\AppData\Roaming\Move Networks\ie_bin\Uninst.exe
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Connection Center-->C:\Program Files\MSN\MSNIA\CC\MSNCC\ccrestore.exe /Uninstall
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Multitax 2008-->C:\Program Files\InstallShield Installation Information\{05BBB8BE-5F74-49C4-A0A3-81EBC90A8848}\setup.exe -runfromtemp -l0x040c -removeonly
Mystery Case Files - Prime Suspects -->C:\Big Fish Games\Mystery Case Files - Prime Suspects\Uninstall.exe
Nero 8-->MsiExec.exe /X{B4649EFB-54CB-42AB-8536-8FED519E1033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OGA Notifier 1.7.0105.35.0-->MsiExec.exe /I{25E98ECB-5727-408E-B30A-2CAF86F5B310}
OpenCASE Media Agent-->MsiExec.exe /I{1771FDC8-D846-4B77-996A-C80DAD42C03F}
OpenMG Limited Patch 4.7-07-15-19-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-15-19-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
Outil de restauration de données VAIO-->C:\Program Files\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x040c -removeonly
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Outil VAIO Media Registration 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}\setup.exe" -l0x40c UNINSTALL -removeonly
Panneau de configuration MobileMe-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PixiePack Codec Pack-->MsiExec.exe /I{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}
Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}
Qloud Plug-in for iTunes-->C:\Program Files\iTunes\Plug-Ins\Qloud\iTunesQLoudSetup.exe /uninstall
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Roxio Easy Media Creator Home-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
RUNAWAY 2 - The dream of the turtle-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DE0CE4-F38A-4DA7-81DF-949E615EA0AB}\setup.exe"
Safari-->MsiExec.exe /I{582D2A53-F426-4C5E-A2E6-43C1AB36B907}
SecondLife (remove only)-->"C:\Program Files\SecondLife\uninst.exe" /P="SecondLife"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Setting Utility Series-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -l0x40c -removeonly
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x40c -remove -removeonly
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SonicStage Mastering Studio Audio Filter Custom Preset-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC37A846-53AC-4DA7-98FA-76A4E74AA900}\setup.exe" -l0x40c -removeonly
SonicStage Mastering Studio Audio Filter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}\setup.exe" -l0x40c -removeonly
SonicStage Mastering Studio Plugins-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}\setup.exe" -l0x40c -removeonly
SonicStage Mastering Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6332AFF1-9D9A-429C-AA03-F82749FA4F49}\setup.exe" -l0x40c -removeonly
Sony Video Shared Library-->C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe -runfromtemp -l0x040c -removeonly
SopCast 1.1.2-->C:\Program Files\SopCast\uninst.exe
StreamerOne Beta 0.4-->C:\Program Files\StreamerOne\uninst.exe
SubSync-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\SubSync\ST6UNST.LOG"
Subtitle Workshop 2.51-->"C:\Program Files\URUSoft\Subtitle Workshop\uninstall.exe"
Sunbelt Personal Firewall-->MsiExec.exe /X{82B1150E-9B37-49FC-83EB-D52197D900D0}
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
TomTom HOME 2.5.2.60-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
Tunebite-->MsiExec.exe /I{038B6EA2-D182-4982-82E8-4E5A571818E7}
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
TVUPlayer 2.3.7.1-->C:\Program Files\TVUPlayer\uninst.exe
UUSee ÍøÂçµçÊÓ [4.4.801.53]-->C:\Program Files\uusee\uninst.exe
VAIO Aqua Breeze Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97BCD719-6ECB-458F-97D6-F38D2E07375E}\setup.exe" -l0x9 -removeonly
VAIO Camera Capture Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}\setup.exe" -l0x40c -removeonly
VAIO Content Folder Setting-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23825B69-36DF-4DAD-9CFD-118D11D80F16}\setup.exe" -l0x40c -removeonly
VAIO Content Importer / VAIO Content Exporter-->C:\Program Files\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Content Metadata Intelligent Analyzing Manager-->C:\Program Files\InstallShield Installation Information\{FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Content Metadata Manager Setting-->C:\Program Files\InstallShield Installation Information\{69351E9E-23ED-41D5-B146-EDBF83C63B66}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Content Metadata XML Interface Library-->C:\Program Files\InstallShield Installation Information\{5F5DE5D5-D130-4110-A3A4-69FFB0B14BD9}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -l0x40c -removeonly
VAIO Cozy Orange Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}\setup.exe" -l0x9 -removeonly
VAIO Entertainment Platform-->C:\Program Files\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Event Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}\setup.exe" -l0x40c -removeonly
VAIO Launcher-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}\setup.exe" -l0x40c -removeonly
VAIO Media 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Media AC3 Decoder 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}\Setup.exe" -l0x40c UNINSTALL
VAIO Media Content Collection 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{500162A0-4DD5-460A-BAFD-895AAE48C532}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Media Integrated Server 6.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{785EB1D4-ECEC-4195-99B4-73C47E187721}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Media Redistribution 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}\setup.exe" -l0x40c UNINSTALL -removeonly
VAIO Movie Story Template Data-->C:\Program Files\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO Movie Story-->C:\Program Files\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe -runfromtemp -l0x040c -removeonly
VAIO MusicBox Sample Music-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}\setup.exe" -l0x40c -removeonly
VAIO MusicBox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}\setup.exe" -l0x40c -removeonly
VAIO Original Function Setting-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A63E7492-A0BC-4BB9-89A7-352965222380}\setup.exe" -l0x40c -removeonly
VAIO Original Screen Saver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}\Setup.exe" -l0x40c
VAIO Power Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{802889F8-6AF5-45A5-9764-CA5B999E50FC}\setup.exe" -l0x40c -removeonly
VAIO Tender Green Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934A3213-1CB6-4264-84A2-EE080C017BCA}\setup.exe" -l0x9 -removeonly
VAIO Update 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\setup.exe" -l0x40c -removeonly
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Veetle TV Player 0.9.6-->C:\Program Files\Veetle\VLC\uninstall.exe
Veetle TV Player 0.9.6-->C:\Windows\UninstVeetleTVPlayer.exe
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
Virtua Tennis 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9B63540D-D942-4C38-B42E-A48AE0145970}\setup.exe" -l0x40c -removeonly
Virtual Villagers -->C:\Big Fish Games\Virtual Villagers\Uninstall.exe
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VMware Player-->MsiExec.exe /I{A53A11EA-0095-493F-86FA-A15E8A86A405}
VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"
WIDCOMM Bluetooth Software 6.1.0.1203-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinDVD BD for VAIO-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x040c
WinHTTrack Website Copier 3.42-->"C:\Program Files\WinHTTrack\unins000.exe"
WinUAE 1.4.4-->C:\Users\valenti\Documents\FABIO\Amiga\uninstall_winuae.exe
Wireless Switch Setting Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\setup.exe" -l0x40c -removeonly

======Security center information======

FW: Sunbelt Personal Firewall
AS: AVG Anti-Spyware (disabled) (outdated)
AS: Windows Defender

System event log

Computer Name: PC-de-valenti
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : en cours d'exécution.
Record Number: 153416
Source Name: Service Control Manager
Time Written: 20090222020637.000000-000
Event Type: Information
User:

Computer Name: PC-de-valenti
Event Code: 10029
Message: DCOM a démarré le service TrustedInstaller avec les arguments «  » de façon à exécuter le serveur :
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Record Number: 153417
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090222020657.000000-000
Event Type: Information
User:

Computer Name: PC-de-valenti
Event Code: 7036
Message: Le service Programme d’installation de modules Windows est entré dans l'état : en cours d'exécution.
Record Number: 153418
Source Name: Service Control Manager
Time Written: 20090222020658.000000-000
Event Type: Information
User:

Computer Name: PC-de-valenti
Event Code: 7036
Message: Le service Programme d’installation de modules Windows est entré dans l'état : arrêté.
Record Number: 153419
Source Name: Service Control Manager
Time Written: 20090222021658.000000-000
Event Type: Information
User:

Computer Name: PC-de-valenti
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté.
Record Number: 153420
Source Name: Service Control Manager
Time Written: 20090222022308.000000-000
Event Type: Information
User:

Application event log

Computer Name: PC-de-valenti
Event Code: 3013
Message: Impossible de mettre à jour l'entrée <C:\USERS\VALENTI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\4PXZ6471.DEFAULT\CACHE.TRASH\TRASH\CACHE> dans la configuration de hachage.

Contexte : Application , Catalogue SystemIndex

Détails :
Un périphérique attaché au système ne fonctionne pas correctement. (0x8007001f)

Record Number: 42718
Source Name: Microsoft-Windows-Search
Time Written: 20090221215029.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-valenti
Event Code: 0
Message: Le service a démarré avec succès.
Record Number: 42719
Source Name: idsvc
Time Written: 20090221223015.000000-000
Event Type: Information
User:

Computer Name: PC-de-valenti
Event Code: 518
Message: Le service Windows CardSpace est inactif depuis un certain temps. Il a été fermé pour que les ressources soient disponibles pour d’autres programmes.
Record Number: 42720
Source Name: CardSpace 3.0.0.0
Time Written: 20090221233012.000000-000
Event Type: Information
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-valenti
Event Code: 0
Message: Le service s'est arrêté avec succès.
Record Number: 42721
Source Name: idsvc
Time Written: 20090221233012.000000-000
Event Type: Information
User:

Computer Name: PC-de-valenti
Event Code: 1000
Message: Application défaillante Skype.exe, version 3.8.0.188, horodatage 0x2a425e19, module défaillant Skype.exe, version 3.8.0.188, horodatage 0x2a425e19, code d’exception 0xc0000005, décalage d’erreur 0x00876562, ID du processus 0x1090, heure de début de l’application 0x01c9941afa747f2a.
Record Number: 42722
Source Name: Application Error
Time Written: 20090222015434.000000-000
Event Type: Erreur
User:

Security event log

Computer Name: PC-de-valenti
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 57992
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080918082103.348077-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-valenti
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-VALENTI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost

Informations sur le processus :
ID du processus : 0x2a0
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Adresse du réseau : -
Port : -

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 57993
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080918082103.824077-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-valenti
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-VALENTI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x2a0
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 57994
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080918082103.824077-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-valenti
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 57995
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080918082103.824077-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-valenti
Event Code: 4907
Message: Les paramètres d’audit sur l’objet ont changé.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-VALENTI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Objet :
Serveur de l’objet : Security
Type d’objet : File
Nom de l’objet : C:\Windows\System32\cscript.exe
ID du handle : 0x14

Informations sur le processus :
ID du processus : 0x63c
Nom du processus : C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe

Paramètres d’audit :
Descripteur de sécurité d’origine :
Nouveau descripteur de sécurité : S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 57996
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080918153453.145077-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared;C:\Program Files\iTunes\Plug-InsC:\Program Files\iTunes\Plug-Ins\Qloud;C:\Program Files\QuickTime\QTSystem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------


Et le log.txt:
Logfile of random's system information tool 1.05 (written by random/random)
Run by valenti at 2009-02-22 03:36:50
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 37 GB (20%) free of 180 GB
Total RAM: 2046 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:37:50, on 22/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\VMware\VMware Player\hqtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\valenti\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Users\valenti\Desktop\RSIT.exe
C:\Program Files\trend micro\valenti.exe
C:\Windows\system32\msfeedssync.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\valenti\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: moka5 USB Clean-486.lnk = C:\Users\valenti\AppData\Local\Temp\m5usb-486\m5usb.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Download all by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.(...)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.c(...)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} (DLoader Class) - http://dl.uc.sina.com/cab/downloader.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://bialobbes.dyndns.org/activex/AxisCamControl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: OpenCASE Media Agent - ExtendMedia Inc. - C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 15577 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2507170492-2813535551-3449865190-1000.job
C:\Windows\tasks\User_Feed_Synchronization-{4AA6A211-5C1E-48E8-BC75-DAC35A762B74}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-18 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-01-03 370296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]
Megaupload Toolbar - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA102584-3B97-47e7-B9BC-75D54C110A7D}]
Tunebite_WebRipPlugin Class - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll [2008-10-29 144688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2007-11-13 352256]
{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL [2008-08-04 1947080]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2007-06-10 118784]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-06-11 317560]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-11-15 29744]
"VMware hqtray"=C:\Program Files\VMware\VMware Player\hqtray.exe [2007-05-01 56112]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-01-03 185896]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-06-28 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-06-28 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-06-28 81920]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"Google Update"=C:\Users\valenti\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 133104]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-18 21633320]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-12-09 234856]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\valenti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
moka5 USB Clean-486.lnk - C:\Users\valenti\AppData\Local\Temp\m5usb-486\m5usb.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2007-07-12 98304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db08c16b-99e6-11dc-bec7-806e6f6e6963}]
shell\AutoRun\command - F:\autorun.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-02-22 03:36:50 ----D---- C:\rsit
2009-02-15 19:47:21 ----D---- C:\Windows\system32\Kaspersky Lab
2009-02-15 18:30:59 ----A---- C:\ComboFix.txt
2009-02-15 18:25:03 ----A---- C:\Windows\PSEXESVC.EXE
2009-02-15 18:12:59 ----A---- C:\Windows\zip.exe
2009-02-15 18:12:59 ----A---- C:\Windows\VFIND.exe
2009-02-15 18:12:59 ----A---- C:\Windows\SWXCACLS.exe
2009-02-15 18:12:59 ----A---- C:\Windows\SWSC.exe
2009-02-15 18:12:59 ----A---- C:\Windows\SWREG.exe
2009-02-15 18:12:59 ----A---- C:\Windows\sed.exe
2009-02-15 18:12:59 ----A---- C:\Windows\NIRCMD.exe
2009-02-15 18:12:59 ----A---- C:\Windows\grep.exe
2009-02-15 18:12:59 ----A---- C:\Windows\fdsv.exe
2009-02-15 18:12:45 ----D---- C:\Windows\ERDNT
2009-02-15 18:12:45 ----D---- C:\Qoobox
2009-02-15 18:12:44 ----D---- C:\ComboFix
2009-02-15 00:34:27 ----A---- C:\Windows\system32\EncDec.dll
2009-02-15 00:34:25 ----A---- C:\Windows\system32\psisdecd.dll
2009-02-15 00:31:47 ----D---- C:\Program Files\trend micro
2009-02-12 09:16:49 ----A---- C:\Windows\system32\mshtml.dll
2009-02-10 20:51:26 ----D---- C:\Users\valenti\AppData\Roaming\TomTom
2009-02-10 20:42:35 ----D---- C:\Program Files\TomTom HOME 2
2009-02-10 20:19:22 ----D---- C:\Program Files\TomTom HOME
2009-02-06 18:52:40 ----A---- C:\Windows\system32\sirenacm.dll
2009-02-01 11:11:25 ----D---- C:\ProgramData\KONAMI
2009-01-31 11:00:14 ----A---- C:\Windows\system32\infocardapi.dll
2009-01-31 11:00:13 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-01-31 11:00:11 ----A---- C:\Windows\system32\icardagt.exe
2009-01-31 11:00:10 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-01-31 11:00:10 ----A---- C:\Windows\system32\icardres.dll
2009-01-31 11:00:07 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-01-31 11:00:02 ----A---- C:\Windows\system32\PresentationHost.exe
2009-01-31 10:47:15 ----A---- C:\Windows\system32\dfshim.dll
2009-01-31 10:47:05 ----A---- C:\Windows\system32\mscoree.dll
2009-01-31 10:47:01 ----A---- C:\Windows\system32\netfxperf.dll
2009-01-31 10:46:21 ----A---- C:\Windows\system32\mscorier.dll
2009-01-31 10:46:11 ----A---- C:\Windows\system32\mscories.dll
2009-01-24 21:31:13 ----A---- C:\Windows\system32\javaws.exe
2009-01-24 21:31:13 ----A---- C:\Windows\system32\javaw.exe
2009-01-24 21:31:13 ----A---- C:\Windows\system32\java.exe
2009-01-23 19:50:07 ----A---- C:\Windows\system32\pngfilt.dll
2009-01-23 19:50:07 ----A---- C:\Windows\system32\mshtmler.dll
2009-01-23 19:50:07 ----A---- C:\Windows\system32\mshtmled.dll
2009-01-23 19:50:07 ----A---- C:\Windows\system32\ieui.dll
2009-01-23 19:50:07 ----A---- C:\Windows\system32\admparse.dll
2009-01-23 19:50:06 ----A---- C:\Windows\system32\msls31.dll
2009-01-23 19:50:06 ----A---- C:\Windows\system32\jsproxy.dll
2009-01-23 19:50:06 ----A---- C:\Windows\system32\corpol.dll
2009-01-23 19:50:04 ----A---- C:\Windows\system32\PrivacIE.dll
2009-01-23 19:50:04 ----A---- C:\Windows\system32\iernonce.dll
2009-01-23 19:50:04 ----A---- C:\Windows\system32\advpack.dll
2009-01-23 19:50:03 ----A---- C:\Windows\system32\imgutil.dll
2009-01-23 19:50:03 ----A---- C:\Windows\system32\ieapfltr.dll
2009-01-23 19:50:02 ----A---- C:\Windows\system32\msrating.dll
2009-01-23 19:50:02 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-01-23 19:50:02 ----A---- C:\Windows\system32\msfeeds.dll
2009-01-23 19:50:02 ----A---- C:\Windows\system32\licmgr10.dll
2009-01-23 19:50:02 ----A---- C:\Windows\system32\inseng.dll
2009-01-23 19:50:02 ----A---- C:\Windows\system32\iesetup.dll
2009-01-23 19:50:01 ----A---- C:\Windows\system32\mstime.dll
2009-01-23 19:50:01 ----A---- C:\Windows\system32\dxtrans.dll
2009-01-23 19:50:01 ----A---- C:\Windows\system32\dxtmsft.dll
2009-01-23 19:50:00 ----A---- C:\Windows\system32\webcheck.dll
2009-01-23 19:50:00 ----A---- C:\Windows\system32\occache.dll
2009-01-23 19:50:00 ----A---- C:\Windows\system32\ieaksie.dll
2009-01-23 19:50:00 ----A---- C:\Windows\system32\ieakeng.dll
2009-01-23 19:49:58 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\wextract.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\SetDepNx.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\PDMSetup.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\msfeedssync.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\ieUnatt.exe
2009-01-23 19:49:58 ----A---- C:\Windows\system32\ieakui.dll
2009-01-23 19:49:57 ----A---- C:\Windows\system32\url.dll
2009-01-23 19:49:57 ----A---- C:\Windows\system32\iedkcs32.dll
2009-01-23 19:49:56 ----A---- C:\Windows\system32\jscript.dll
2009-01-23 19:49:55 ----A---- C:\Windows\system32\iertutil.dll
2009-01-23 19:49:55 ----A---- C:\Windows\system32\ie4uinit.exe
2009-01-23 19:49:53 ----A---- C:\Windows\system32\mshta.exe
2009-01-23 19:49:52 ----A---- C:\Windows\system32\iexpress.exe
2009-01-23 19:49:52 ----A---- C:\Windows\system32\iepeers.dll
2009-01-23 19:49:52 ----A---- C:\Windows\system32\icardie.dll
2009-01-23 19:49:51 ----A---- C:\Windows\system32\wininet.dll
2009-01-23 19:49:50 ----A---- C:\Windows\system32\urlmon.dll
2009-01-23 19:49:48 ----A---- C:\Windows\system32\ieframe.dll

======List of files/folders modified in the last 1 months======

2009-02-22 03:37:02 ----D---- C:\Windows\Prefetch
2009-02-22 03:29:17 ----D---- C:\Users\valenti\AppData\Roaming\Skype
2009-02-22 03:17:12 ----D---- C:\Program Files\Mozilla Firefox
2009-02-22 02:59:11 ----D---- C:\Windows\Temp
2009-02-22 00:04:44 ----D---- C:\Users\valenti\AppData\Roaming\skypePM
2009-02-21 18:17:01 ----A---- C:\Windows\NeroDigital.ini
2009-02-21 12:51:32 ----D---- C:\ProgramData\VMware
2009-02-21 12:11:47 ----D---- C:\Windows\System32
2009-02-21 12:11:47 ----D---- C:\Windows\inf
2009-02-21 12:11:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-21 11:42:20 ----SHD---- C:\System Volume Information
2009-02-17 23:58:15 ----SHD---- C:\Windows\Installer
2009

Salut valenti


Faut maintenant procédé au ménage et mise à jour :

On va faire un ménage des outils téléchargés pour la désinfection, télécharge Tools Cleaner sur le bureau :

http://pc-system.fr/TC/ToolsCleaner2.exe


- Faire un clique droit sur ToolsCleaner2.exe sur le bureau, et choisi exécuter en tant qu'administrateur
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options facultatives.
- Clique sur Quitter pour obtenir le rapport.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
- Si des outils restes après le passage de Tools Cleaner, tu pourras les supprimer manuellement ainsi que tous les rapports qui on été généré lors de la désinfection.


-----


Important de mettre à jour Windows et tes logiciels :
Mettre Windows(catégories critique, Services Pack et Services Release) à jour :
http://www.windowsupdate.com/


Désinstalle via Ajout/Suppression de programmes ces programmes :

Adobe Reader 8.1.2
J2SE Runtime Environment 5.0 Update 9
Java Adapter for Mobile 1.0.0.7
Java(TM) 6 Update 11
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) SE Runtime Environment 6 Update 1

Si tu rencontres un problème pour la désinstallation :

- Utilise Ccleaner >> Outils >> Programmes de désinstallations


Pour la réinstallation :

- Adobe Reader 9
http://get.adobe.com/fr/reader/
- Java Update 12
http://java.com/fr/


Faire un ménage des fichiers inutiles et de la base de registre :
http://www.malekal.com/tutorial_CCleaner.html

Donne des nouvelles si tu as des soucis et on passe à la résolution du sujet par la suite.


@++

J'ai un petit soucis avec tools cleaner, à peine je clique sur recherche qu'il se plante. J'ai le pointeur qui devient un cercle et ça semble tourner dans le vide.

Salut valenti


Double-clique sur OTMoveIt3.exe sur le bureau

Clique sur CleanUp!

Un message apparaît pour confirmer le nettoyage. Confirme.

Tu pourras aussi supprimer tous les rapports qui on été généré lors de la désinfection, ainsi que les outils restants.


@++

Salut dédétraqué,
Voilà j'ai tout fait sauf tools cleaner évidemment.

Salut valenti


Je te donne quelques consignes de sécurité :

- Windows Update parfaitement à jour http://www.windowsupdate.com/ (catégories critique, Services Pack et Services Release)
- pare-feu bien paramétré
- antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
- une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
- pas de téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..) Le danger des cracks !
- une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
- nettoyage hebdomadaire du système (suppression des fichiers inutiles, nettoyage de la base de registre, scandisk, defrag)
- scan hebdomadaire antispyware ( je conseil MalwareByte's Anti-Malware)
- un contrôle régulier de la console JAVA pour s'assurer qu'elle est à jour http://www.java.com/en/download/help/testvm.xml
- un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :
http://www.malekal.com/scan_vulnerabilite.php


------ Ton infection, tu la dénonces ? :

Tu n'es pas obligé mais ce serait bien que tu prennes 5 minutes et que tu rapportes ton infection sur Malware Complaints pour condamner les auteurs.

Si tu ne la trouves pas dans la liste, poste dans Autres infections.

Aide : Comment dénoncer mon infection sur Malware Complaints.


De bonne lecture :
http://www.malekal.com/menu_windows_general.php
http://www.malekal.com/menu_windows_securite.php


Si tu considère ton problème comme résolu, édite avec le crochet ton premier poste et ajoute [résolu] dans le titre.


Bonne journée et bon surf


@++

Merci beaucoup pour l'aide et le temps passé!
A bientot!