probleme popups [Résolu]

bonjour tout le monde j ai un probleme avec des fenetre popups je navigue sur internet et vlan une fenetre qui souvre je ferme et une autre souvre
je c pas quoi faire mon os windows xp pro antivirus nod 32 toute les protection sont activer
donc comme g vu dans les poste je vous met les rapport de rsti


donc le log.txt

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrateur at 2010-10-19 09:15:55
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 211 GB (89%) free of 238 GB
Total RAM: 2047 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:15:59, on 19/10/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Marvell\raid\tray\MarvellTray.exe
C:\Program Files\MSI\MSI Q-Face\webtest.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Documents and Settings\Administrateur\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Marvell\raid\Apache2\bin\httpd.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Marvell\raid\Apache2\bin\httpd.exe
C:\Program Files\Marvell\raid\svc\mvraidsvc.exe
C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\freeTVRadio\spointer\freetvradio_air.exe
C:\Program Files\OfferBox\OfferBox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lo.st
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfi1.dll
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Interest recogniser for Freetvradio (powered by Spointer) - {4C4AD71D-52E1-4402-9E5B-CBFC295EC9BA} - C:\Program Files\freeTVRadio\spointer\extensions\freetvradio_air_ie.dll
O2 - BHO: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfi1.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.8.1\bh\facemoods.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfi1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [DelReg] C:\Program Files\MSI\DualCoreCenter\DelReg.exe
O4 - HKLM\..\Run: [MRUTray] C:\Program Files\Marvell\raid\tray\MarvellTray.exe
O4 - HKLM\..\Run: [Q-Face agent] C:\Program Files\MSI\MSI Q-Face\webtest.exe
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [MSI Live] C:\Program Files\MSI\MSI Live\SetWallpaper.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.8.1\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Administrateur\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Mega Manager] C:\Program Files\Megaupload\Mega Manager\MegaManager.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O15 - Trusted IP range: http://127.0.0.1
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files\Marvell\raid\svc\mvraidsvc.exe
O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files\Marvell\raid\Apache2\bin\httpd.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 9059 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C4AD71D-52E1-4402-9E5B-CBFC295EC9BA}]
Interest recogniser for Freetvradio (powered by Spointer) - C:\Program Files\freeTVRadio\spointer\extensions\freetvradio_air_ie.dll [2010-08-19 135840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
Softonic_France Toolbar - C:\Program Files\Softonic_France\tbSof1.dll [2010-09-25 2735200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
XfireXO Toolbar - C:\Program Files\XfireXO\tbXfi1.dll [2010-09-25 2735200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files\facemoods.com\facemoods\1.4.8.1\bh\facemoods.dll [2010-07-05 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2010-09-08 109568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
OfferBox - C:\Program Files\OfferBox\OfferBoxBHO.dll [2010-07-21 135000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - XfireXO Toolbar - C:\Program Files\XfireXO\tbXfi1.dll [2010-09-25 2735200]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{4daac69c-cba7-45e2-9bc8-1044483d3352} - Softonic_France Toolbar - C:\Program Files\Softonic_France\tbSof1.dll [2010-09-25 2735200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-12-25 18789408]
"DelReg"=C:\Program Files\MSI\DualCoreCenter\DelReg.exe [2008-05-13 196608]
"MRUTray"=C:\Program Files\Marvell\raid\tray\MarvellTray.exe [2009-10-09 741376]
"Q-Face agent"=C:\Program Files\MSI\MSI Q-Face\webtest.exe [2008-12-15 20792]
"BCU"=C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
"WinSys2"=C:\WINDOWS\system32\winsys2.exe [2009-10-12 208896]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install []
"MSI Live"=C:\Program Files\MSI\MSI Live\SetWallpaper.exe [2005-11-10 212992]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-02-20 1443072]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2010-05-05 111928]
"facemoods"=C:\Program Files\facemoods.com\facemoods\1.4.8.1\facemoodssrv.exe [2010-07-05 323584]
"eorezo"= []
"SoftwareHelper"=C:\Documents and Settings\Administrateur\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [2008-12-09 368224]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=~C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []
"Mega Manager"=C:\Program Files\Megaupload\Mega Manager\MegaManager.exe [2010-09-08 2107392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^Xfire.lnk]
C:\PROGRA~1\Xfire\Xfire.exe [2010-07-09 3493776]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.exe.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
DualCoreCenter.lnk - C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayL oad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lsass]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\lsass]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ClearDocsOnExit"=64
"NoSMHelp"=1
"MemCheckBoxInRunDlg"=1
"NoSMBalloonTip"=1
"NoDesktopCleanupWizard"=1
"NoWelcomeScreen"=1
"NoAutoUpdate"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\System32\08.scr"="C:\WINDOWS\System32\08.scr:*:Microsoft Enabled"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\PDFReader_Setup.exe"="C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\PDFReader_Setup.exe:*:Enabled:PDF Reader 9.1"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\AudioConverter_Setup.exe"="C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\AudioConverter_Setup.exe:*:Enabled:Audio Converter"
"C:\Documents and Settings\Administrateur\Local Settings\Temp\Reinstal\AudioConverter_Setup.exe"="C:\Documents and Settings\Administrateur\Local Settings\Temp\Reinstal\AudioConverter_Setup.exe:*:Enabled:Audio Converter"
"C:\Documents and Settings\Administrateur\Local Settings\Temp\is799009782\AInstaller.exe"="C:\Documents and Settings\Administrateur\Local Settings\Temp\is799009782\AInstaller.exe:*:Enabled:AD Installer"
"C:\Program Files\Wolfenstein - Enemy Territory server\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory server\ET.exe:*:Enabled:ET"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsl TV (EXE)"
"C:\Program Files\adslTV\VLC\vlc.exe"="C:\Program Files\adslTV\VLC\vlc.exe:*:Enabled:adsl TV (VLC)"
"C:\Program Files\Wolfenstein - Enemy Territory server\ETDED.exe"="C:\Program Files\Wolfenstein - Enemy Territory server\ETDED.exe:*:Enabled:ETDED"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2010-10-19 09:15:55 ----D---- C:\rsit
2010-10-19 09:15:55 ----D---- C:\Program Files\trend micro
2010-10-18 09:51:53 ----D---- C:\Program Files\MiCô-Soft
2010-10-18 09:36:25 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2010-10-18 09:36:14 ----D---- C:\WINDOWS\system32\fr-FR
2010-10-18 09:34:57 ----D---- C:\Program Files\MSBuild
2010-10-18 09:34:54 ----D---- C:\WINDOWS\system32\XPSViewer
2010-10-18 09:34:50 ----D---- C:\WINDOWS\system32\en-us
2010-10-18 09:34:50 ----D---- C:\Program Files\Reference Assemblies
2010-10-18 09:34:34 ----N---- C:\WINDOWS\system32\spmsg2.dll
2010-10-18 09:32:57 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-10-18 09:32:55 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-10-18 09:32:50 ----D---- C:\Program Files\MSXML 6.0
2010-10-17 19:22:42 ----D---- C:\DesignWorkshop Lite Installer
2010-10-17 19:15:37 ----D---- C:\Program Files\Apperson
2010-10-17 18:29:11 ----D---- C:\Documents and Settings\Administrateur\Application Data\Google
2010-10-17 18:25:18 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2010-10-17 18:24:38 ----D---- C:\Program Files\Google
2010-10-17 16:47:44 ----A---- C:\WINDOWS\system32\javaws.exe
2010-10-17 16:47:44 ----A---- C:\WINDOWS\system32\javaw.exe
2010-10-17 16:47:44 ----A---- C:\WINDOWS\system32\java.exe
2010-09-28 16:43:51 ----D---- C:\Program Files\Wolfenstein - Enemy Territory server
2010-09-28 14:15:00 ----D---- C:\Program Files\LeechFTP
2010-09-28 14:15:00 ----A---- C:\WINDOWS\eraser.exe
2010-09-28 11:04:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\FileZilla
2010-09-28 11:04:55 ----D---- C:\Program Files\FileZilla FTP Client
2010-09-25 21:23:24 ----D---- C:\Documents and Settings\Administrateur\Application Data\freeTVRadio
2010-09-25 21:23:02 ----D---- C:\Program Files\freeTVRadio
2010-09-25 21:22:54 ----D---- C:\Program Files\OfferBox
2010-09-25 21:22:54 ----D---- C:\Documents and Settings\Administrateur\Application Data\OfferBox
2010-09-25 21:21:05 ----RSD---- C:\WINDOWS\assembly
2010-09-25 21:20:45 ----D---- C:\WINDOWS\Microsoft.NET
2010-09-25 17:16:56 ----D---- C:\Documents and Settings\Administrateur\Application Data\Mozilla
2010-09-25 17:16:51 ----D---- C:\Program Files\Mozilla Firefox
2010-09-22 10:26:16 ----D---- C:\WINDOWS\Sun

======List of files/folders modified in the last 1 months======

2010-10-19 09:15:55 ----RD---- C:\Program Files
2010-10-19 09:04:03 ----A---- C:\WINDOWS\MegaManager.INI
2010-10-18 23:55:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-10-18 22:48:19 ----D---- C:\Documents and Settings\Administrateur\Application Data\Xfire
2010-10-18 21:16:22 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-10-18 09:51:53 ----SHD---- C:\WINDOWS\Installer
2010-10-18 09:51:53 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2010-10-18 09:49:58 ----D---- C:\WINDOWS
2010-10-18 09:36:27 ----HD---- C:\WINDOWS\inf
2010-10-18 09:36:26 ----D---- C:\WINDOWS\system32
2010-10-18 09:35:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-18 09:34:56 ----RSD---- C:\WINDOWS\Fonts
2010-10-18 09:34:35 ----D---- C:\WINDOWS\system32\DllCache
2010-10-18 09:34:00 ----D---- C:\WINDOWS\WinSxS
2010-10-18 09:33:42 ----D---- C:\Program Files\Internet Explorer
2010-10-18 09:33:01 ----A---- C:\WINDOWS\imsins.BAK
2010-10-18 09:32:57 ----D---- C:\WINDOWS\Temp
2010-10-18 09:32:54 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-17 16:47:42 ----D---- C:\Program Files\Java
2010-10-17 15:47:57 ----D---- C:\Program Files\Wolfenstein - Enemy Territory
2010-10-17 15:30:39 ----D---- C:\Documents and Settings\Administrateur\Application Data\HLSW
2010-10-17 10:00:11 ----D---- C:\Documents and Settings\Administrateur\Application Data\PriceGong
2010-10-13 20:46:10 ----D---- C:\Program Files\Xfire
2010-10-13 20:33:17 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-10-09 19:48:28 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-10-09 19:48:22 ----D---- C:\Program Files\Adobe
2010-10-09 19:48:10 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-10-04 15:06:11 ----D---- C:\Program Files\adslTV
2010-09-29 22:10:34 ----D---- C:\Documents and Settings\Administrateur\Application Data\Mumble
2010-09-28 11:46:26 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-28 11:46:25 ----D---- C:\WINDOWS\system32\drivers
2010-09-28 10:53:39 ----SHD---- C:\System Volume Information
2010-09-28 09:59:45 ----D---- C:\WINDOWS\repair
2010-09-28 09:59:42 ----D---- C:\WINDOWS\Registration
2010-09-25 17:13:10 ----D---- C:\Program Files\XfireXO
2010-09-25 17:13:09 ----D---- C:\Program Files\Softonic_France

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-02-20 29704]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 33800]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-02-20 39944]
R3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-24 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-12-25 6039584]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-24 12288]
R3 MSILiveVirtualCamera;MSI Live Virtual Camera; C:\WINDOWS\system32\DRIVERS\MSILiveVirtualCamera.sys [2007-01-29 449408]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-28 7655872]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-11-27 177152]
R3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files\MSI\DualCoreCenter\RushTop.sys []
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 sysdrv32;Play Port I/O Driver; \??\C:\WINDOWS\system32\drivers\sysdrv32.sys []
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BCUService;Browser Configuration Utility Service; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-02-20 472320]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
R2 Marvell RAID;Marvell RAID Event Agent; C:\Program Files\Marvell\raid\svc\mvraidsvc.exe [2009-10-14 151552]
R2 MRUWebService;MRU Web Service; C:\Program Files\Marvell\raid\Apache2\bin\httpd.exe [2008-06-12 24635]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-08-07 75064]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-08-24 3584]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-02-20 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------



et le fichier info.txt



info.txt logfile of random's system information tool 1.08 2010-10-19 09:16:00

======Uninstall list======

-->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Acrobat.com-->msiexec /qb /x {E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}
Acrobat.com-->MsiExec.exe /I{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}
Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin
Adobe Photoshop 5.5-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 5.5\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 5.5\Uninst.dll"
Adobe Reader 9.4.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
adsl TV-->"C:\Program Files\adslTV\Uninstall.exe" "C:\Program Files\adslTV\Uninstall.log" -u
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Browser Configuration Utility-->MsiExec.exe /X{8B079C58-860B-4715-BDEC-5FBAAB1719AF}
CadStd-->C:\Program Files\Apperson\CadStd\uninst.exe
Chicken Shake Game-->MsiExec.exe /I{558C02DD-1EC8-4835-889C-B13EE02FBE36}
DualCoreCenter-->"C:\Program Files\MSI\DualCoreCenter\unins000.exe"
Epson Easy Photo Print 2-->C:\Program Files\InstallShield Installation Information\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}\SETUP.EXE -runfromtemp -l0x040c UNINST -removeonly
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
Epson Stylus SX210_SX410_TX210_TX410 Manuel-->C:\Program Files\EPSON\TPMANUAL\ESSX210_410_TX210_410\FRA\USE_G\DOCUNINS.EXE
EPSON SX410 Series Printer Uninstall-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FINSFCE.EXE /R /APD /P:"EPSON SX410 Series"
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\engine\6\Intel 32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
ESET NOD32 Antivirus-->MsiExec.exe /I{7D974ACA-4EE5-412C-8E6A-A5B57B305727}
eSobi v2-->C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x040c
facemoods-->"C:\Program Files\facemoods.com\facemoods\1.4.8.1\uninstall.exe"
FileZilla Client 3.3.4.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Free TV Radio-->MsiExec.exe /X{38470B46-9BF1-40AE-A588-F6AD6D1C2D42}
Google SketchUp 8-->MsiExec.exe /X{06BF1B44-DF6B-4EC8-BE2B-825CB989DDCC}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HLSW v1.3.3.7b-->"C:\Program Files\HLSW\unins000.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{133742BA-6F46-4D3E-85AF-78631D9AD8B8}
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF}
LeechFTP -->C:\WINDOWS\eraser.exe KILL "C:\Program Files\LeechFTP\uninstall.uif"
Liveupdate4-->"C:\Program Files\MSI\Live Update 4\unins000.exe"
Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Marvell MRU V4-->C:\Program Files\Marvell\raid\uninstmru.exe
Mega Manager-->"C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe" -runfromtemp -l0x0409 -removeonly
MiCôSystème2-->MsiExec.exe /I{C5B5B0C3-CC4D-4279-B85C-F90AD2A7ED94}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Module linguistique Microsoft .NET Framework 3.5 - fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
Mozilla Firefox (3.6.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSI Live-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MSI\MSI Live\Uninst.isu"
MSI Q-Face-->MsiExec.exe /X{E30037F1-29B8-4A98-B673-C47C27641793}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe
NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up -->"C:\Program Files\ESET\ESET NOD32 Antivirus\unins000.exe"
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
OfferBox-->MsiExec.exe /X{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PDF-Viewer-->"C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x40c -removeonly
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Softonic_France Toolbar-->C:\PROGRA~1\Softonic_France\UNWISE.EXE /U C:\PROGRA~1\Softonic_France\INSTALL.LOG
SoftwareUpdate 1.0-->"C:\Documents and Settings\Administrateur\Application Data\EoRezo\SoftwareUpdate\unins000.exe"
Star Mission Game-->MsiExec.exe /I{75B2E11A-BAB8-4AC3-8CE3-56C0C2027DCA}
SweetIM for Messenger 3.1-->MsiExec.exe /X{DA95E878-B181-4366-A433-6145592707A8}
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
TeamSpeak 3 Pack Français-->"C:\Program Files\TeamSpeak 3 Client\uninst\unins000.exe"
VLC media player 1.1.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{B3B487E7-6171-4376-9074-B28082CEB504}
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Messenger-->MsiExec.exe /X{445B183D-F4F1-45C8-B9DB-F11355CA657B}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinZip 14.5-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}
Wolfenstein - Enemy Territory-->C:\PROGRA~1\Wolfenstein - Enemy Territory server\Uninstall\Unwise.exe /u C:\PROGRA~1\Wolfenstein - Enemy Territory server\Uninstall\Install.log
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
XfireXO Toolbar-->C:\PROGRA~1\XfireXO\UNWISE.EXE /U C:\PROGRA~1\XfireXO\INSTALL.LOG
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Security center information======

AV: ESET NOD32 Antivirus 3.0

======System event log======

Computer Name: ORDI-XPSP2
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 4414
Source Name: EventLog
Time Written: 20100919150906.000000+120
Event Type: Informations
User:

Computer Name: ORDI-XPSP2
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.

Record Number: 4413
Source Name: EventLog
Time Written: 20100919114345.000000+120
Event Type: Informations
User:

Computer Name: ORDI-XPSP2
Event Code: 7035
Message: Un contrôle Arrêter a correctement été envoyé au service PnkBstrB.

Record Number: 4412
Source Name: Service Control Manager
Time Written: 20100919113745.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ORDI-XPSP2
Event Code: 7036
Message: Le service PnkBstrB est entré dans l'état : arrêté.

Record Number: 4411
Source Name: Service Control Manager
Time Written: 20100919113745.000000+120
Event Type: Informations
User:

Computer Name: ORDI-XPSP2
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service PnkBstrK.

Record Number: 4410
Source Name: Service Control Manager
Time Written: 20100919105718.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

=====Application event log=====

Computer Name: ORDI-XPSP2
Event Code: 1047
Message: Windows ne peut pas lire l'historique des objets de paramètre de groupe à partir du Registre. Le traitement de la stratégie de groupe continue.

Record Number: 2484
Source Name: Userenv
Time Written: 20101015224604.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: ORDI-XPSP2
Event Code: 1047
Message: Windows ne peut pas lire l'historique des objets de paramètre de groupe à partir du Registre. Le traitement de la stratégie de groupe continue.

Record Number: 2483
Source Name: Userenv
Time Written: 20101015224604.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: ORDI-XPSP2
Event Code: 1047
Message: Windows ne peut pas lire l'historique des objets de paramètre de groupe à partir du Registre. Le traitement de la stratégie de groupe continue.

Record Number: 2482
Source Name: Userenv
Time Written: 20101015211504.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: ORDI-XPSP2
Event Code: 1047
Message: Windows ne peut pas lire l'historique des objets de paramètre de groupe à partir du Registre. Le traitement de la stratégie de groupe continue.

Record Number: 2481
Source Name: Userenv
Time Written: 20101015211504.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: ORDI-XPSP2
Event Code: 101
Message: wuauclt (3484) Le moteur de base de données est arrêté.

Record Number: 2480
Source Name: ESENT
Time Written: 20101015193750.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=4
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------



merci par avance pour toute les reponses qui pouron m aider a resoudre mais problemes bonne journée a vous tous

merci pour tout c bon g regler le probleme il y avait 8 dossier infecter lolllllll tien le rapport de malwarbyt



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4897

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

21/10/2010 10:27:29
mbam-log-2010-10-21 (10-27-29).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 139119
Temps écoulé: 7 minute(s), 1 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
C:\Documents and Settings\Administrateur\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sysdrv32 (Backdoor.Bot) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eorezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHel p (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\Administrateur\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\sysdrv32.sys (Backdoor.Bot) -> Quarantined and deleted successfully.

re, parfait




-Fais ceci,

* Désactive ton Antivirus pour le moment.
* Télécharge Ad-Remover (de C_XX) sur le bureau.

* /!\ Déconnecte-toi et ferme toutes les applications en cours /!\
* Double clic sur le programme pour le lancer...
* Au menu principal choisis l'option "Scanner"

* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.
* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)