Votre question

[Résolu]Trojan:win32/vundo.gen!AS

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Mai 2009 16:12:53

Bonjour, depuis Hier mon pc est infecté par un cheval de troie du nom de trojan:win32/vundo.gen!AS
la le niveau décrit par par windows defender est critique /élevé

Que dois-je faire ?

Aidez moi svp :'( 

Autres pages sur : resolu trojan win32 vundo gen

a c 296 8 Sécurité
26 Mai 2009 17:10:11

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    26 Mai 2009 18:49:33

    voilà j'ai fais ce que tu m'a dit

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Laurza at 2009-05-26 18:46:48
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 6 GB (5%) free of 119 GB
    Total RAM: 1919 MB (47% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:46:51, on 26/05/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18226)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\ASUS\ATK Media\DMedia.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\ASUSTPE.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\SpeedFan\speedfan.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
    C:\Users\Laurza\Desktop\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Laurza.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: ImprovedAdsHelper - {2CE0A18D-6081-D104-96F7-F765C20B22F1} - C:\Program Files\ImprovedAdsHelper\ImprovedAdsHelper-1.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
    O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\CoGen Media\Rfw\rfwmain.exe" -Startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
    O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Windows Logon Applicationedc] C:\Users\Laurza\winlogon.exe
    O4 - HKCU\..\Run: [A00F38C5A1.exe] C:\Users\Laurza\AppData\Local\Temp\_A00F38C5A1.exe
    O4 - HKCU\..\Run: [A00F2A5EA.exe] C:\Users\Laurza\AppData\Local\Temp\_A00F2A5EA.exe
    O4 - HKCU\..\Run: [A00F29522.exe] C:\Users\Laurza\AppData\Local\Temp\_A00F29522.exe
    O4 - HKCU\..\Run: [A00F1FF2B.exe] C:\Users\Laurza\AppData\Local\Temp\_A00F1FF2B.exe
    O4 - HKCU\..\Run: [A00F1A4B7.exe] C:\Users\Laurza\AppData\Local\Temp\_A00F1A4B7.exe
    O4 - HKCU\..\Run: [A00F1D7FC.exe] C:\Users\Laurza\AppData\Local\Temp\_A00F1D7FC.exe
    O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /S
    O4 - HKCU\..\Run: [A00F1F279.exe] C:\Users\Laurza\AppData\Local\Temp\_A00F1F279.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [A00F2288D.exe] C:\Users\Laurza\AppData\Local\Temp\_A00F2288D.exe
    O4 - HKCU\..\Run: [A00F20F19.exe] C:\Users\Laurza\AppData\Local\Temp\_A00F20F19.exe
    O4 - HKCU\..\Run: [A00F2766E.exe] C:\Users\Laurza\AppData\Local\Temp\_A00F2766E.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_a...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpld...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
    O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - (no file)
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
    O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\CoGen Media\Rfw\rfwsrv.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
    O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

    --
    End of file - 9020 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Maintenance en 1 clic.job
    C:\Windows\tasks\User_Feed_Synchronization-{B9051ECF-40C9-47DD-BD07-6F1A9E7B4C3C}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2CE0A18D-6081-D104-96F7-F765C20B22F1}]
    ImprovedAdsHelper - C:\Program Files\ImprovedAdsHelper\ImprovedAdsHelper-1.dll [2009-02-26 618496]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-12 35840]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
    "ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-08-24 51048]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
    "ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-23 815104]
    "ASUSTPE"=C:\Windows\system32\ASUSTPE.exe [2006-12-13 106496]
    "RfwMain"=C:\Program Files\CoGen Media\Rfw\rfwmain.exe [2009-05-03 592496]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-12 148888]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
    "ClamWin"=C:\Program Files\ClamWin\bin\ClamTray.exe [2009-04-14 86016]
    "NotebookHardwareControl"=C:\Program Files\Notebook Hardware Control\nhc.exe [2007-05-04 2629632]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
    "Windows Logon Applicationedc"=C:\Users\Laurza\winlogon.exe [2009-05-26 36868]
    "A00F38C5A1.exe"=C:\Users\Laurza\AppData\Local\Temp\_A00F38C5A1.exe [2009-05-26 39940]
    "A00F2A5EA.exe"=C:\Users\Laurza\AppData\Local\Temp\_A00F2A5EA.exe [2009-05-26 39940]
    "A00F29522.exe"=C:\Users\Laurza\AppData\Local\Temp\_A00F29522.exe [2009-05-26 39940]
    "A00F1FF2B.exe"=C:\Users\Laurza\AppData\Local\Temp\_A00F1FF2B.exe [2009-05-26 39940]
    "A00F1A4B7.exe"=C:\Users\Laurza\AppData\Local\Temp\_A00F1A4B7.exe [2009-05-26 39940]
    "A00F1D7FC.exe"=C:\Users\Laurza\AppData\Local\Temp\_A00F1D7FC.exe [2009-05-26 39940]
    "RegistryMechanic"=C:\Program Files\Registry Mechanic\RMTray.exe [2008-07-03 812952]
    "A00F1F279.exe"=C:\Users\Laurza\AppData\Local\Temp\_A00F1F279.exe [2009-05-26 39940]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
    "A00F2288D.exe"=C:\Users\Laurza\AppData\Local\Temp\_A00F2288D.exe [2009-05-26 39940]
    "A00F20F19.exe"=C:\Users\Laurza\AppData\Local\Temp\_A00F20F19.exe [2009-05-26 39940]
    "A00F2766E.exe"=C:\Users\Laurza\AppData\Local\Temp\_A00F2766E.exe [2009-05-26 39940]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
    Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB}

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=00000000
    "NoDriveTypeAutoRun"=149

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a7f8c0b-5581-11dd-80b5-806e6f6e6963}]
    shell\AutoRun\command - F:\Installer.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e21547b7-ee2c-11dd-bf67-0022152b07ed}]
    shell\AutoRun\command - H:\Autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e21547b9-ee2c-11dd-bf67-0022152b07ed}]
    shell\AutoRun\command - I:\autorun.exe
    shell\setup\command - I:\setup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ece2c536-9ab1-11dd-b57e-0022152b07ed}]
    shell\AutoRun\command - G:\Autorun.exe


    ======List of files/folders created in the last 1 months======

    2009-05-26 18:40:23 ----D---- C:\rsit
    2009-05-26 18:00:31 ----D---- C:\Program Files\World of Warcraft
    2009-05-26 17:22:06 ----D---- C:\Program Files\Notebook Hardware Control
    2009-05-26 17:08:17 ----D---- C:\Program Files\SpeedFan
    2009-05-26 16:31:58 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2009-05-26 16:31:58 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-05-26 16:27:53 ----D---- C:\Users\Laurza\AppData\Roaming\.clamwin
    2009-05-26 16:27:45 ----D---- C:\ProgramData\.clamwin
    2009-05-26 16:27:45 ----D---- C:\Program Files\ClamWin
    2009-05-26 16:20:43 ----A---- C:\Windows\system32\aswBoot.exe
    2009-05-26 16:20:41 ----D---- C:\Program Files\Alwil Software
    2009-05-26 16:01:58 ----D---- C:\Program Files\Trend Micro
    2009-05-26 15:45:24 ----A---- C:\Windows\system32\STKIT432.DLL
    2009-05-26 15:45:24 ----A---- C:\Windows\system32\msxml.dll
    2009-05-26 15:45:22 ----D---- C:\Program Files\Registry Mechanic
    2009-05-26 14:49:46 ----D---- C:\ProgramData\Pets Fun House
    2009-05-26 14:48:34 ----D---- C:\PetsFunHouse
    2009-05-26 14:37:35 ----D---- C:\Users\Laurza\AppData\Roaming\eGames
    2009-05-26 13:58:01 ----D---- C:\Program Files\GamesBar
    2009-05-26 13:57:58 ----D---- C:\Program Files\orange
    2009-05-25 17:16:53 ----D---- C:\AeriaGames
    2009-05-24 13:18:02 ----D---- C:\ProgramData\Office Genuine Advantage
    2009-05-21 00:47:28 ----D---- C:\Program Files\Microsoft WSE
    2009-05-21 00:31:15 ----D---- C:\Program Files\Electronic Arts
    2009-05-20 23:40:05 ----D---- C:\ProgramData\Legacy Interactive
    2009-05-20 22:50:35 ----D---- C:\ProgramData\NannyMania
    2009-05-20 22:18:53 ----D---- C:\Users\Laurza\AppData\Roaming\MysteryStudio
    2009-05-20 21:48:10 ----D---- C:\Users\Laurza\AppData\Roaming\Boolat Games
    2009-05-20 20:18:54 ----D---- C:\ProgramData\Valusoft
    2009-05-20 18:27:27 ----D---- C:\ProgramData\Arcade Lab
    2009-05-20 16:59:02 ----D---- C:\Users\Laurza\AppData\Roaming\Gamelab
    2009-05-20 16:57:22 ----D---- C:\Program Files\Oberon Media
    2009-05-20 16:57:22 ----D---- C:\Program Files\Common Files\Oberon Media
    2009-05-18 01:41:33 ----D---- C:\Users\Laurza\AppData\Roaming\vlc
    2009-05-18 01:04:19 ----D---- C:\Program Files\CodeGazer
    2009-05-18 00:51:52 ----A---- C:\Windows\iPlayer.INI
    2009-05-16 17:22:10 ----D---- C:\Users\Laurza\AppData\Roaming\Canneverbe_Limited
    2009-05-16 17:16:03 ----D---- C:\Users\Laurza\AppData\Roaming\Nero
    2009-05-16 17:01:23 ----D---- C:\ProgramData\Messenger Plus!
    2009-05-16 16:57:42 ----A---- C:\Windows\Irremote.ini
    2009-05-16 16:28:45 ----D---- C:\Program Files\Messenger Plus! Live
    2009-05-16 16:20:11 ----D---- C:\Program Files\Nero
    2009-05-16 16:19:31 ----D---- C:\ProgramData\Nero
    2009-05-16 16:19:30 ----D---- C:\Program Files\Common Files\Nero
    2009-05-13 14:56:04 ----D---- C:\Users\Laurza\AppData\Roaming\BitZipper
    2009-05-12 20:05:49 ----D---- C:\Users\Laurza\AppData\Roaming\Crayon Physics Deluxe
    2009-05-12 19:12:59 ----A---- C:\Windows\system32\javaws.exe
    2009-05-12 19:12:59 ----A---- C:\Windows\system32\javaw.exe
    2009-05-12 19:12:59 ----A---- C:\Windows\system32\java.exe
    2009-05-12 19:12:44 ----D---- C:\Program Files\Java
    2009-05-12 18:00:29 ----A---- C:\Windows\ntbtlog.txt
    2009-05-11 20:04:17 ----D---- C:\Program Files\Common Files\PocketSoft
    2009-05-11 20:04:17 ----A---- C:\Windows\patchw32.dll
    2009-05-11 19:22:21 ----D---- C:\Program Files\SystemRequirementsLab
    2009-05-11 19:22:11 ----D---- C:\Users\Laurza\AppData\Roaming\SystemRequirementsLab
    2009-05-11 15:06:49 ----D---- C:\Program Files\Infogrames
    2009-05-10 03:08:43 ----A---- C:\Windows\_MSRSTRT.EXE
    2009-05-10 02:22:07 ----D---- C:\Program Files\Crawler
    2009-05-10 02:21:59 ----D---- C:\ProgramData\Laconic Software
    2009-05-10 02:21:46 ----D---- C:\Users\Laurza\AppData\Roaming\GetRightToGo
    2009-05-10 02:21:46 ----D---- C:\Downloads
    2009-05-10 02:11:19 ----D---- C:\Users\Laurza\AppData\Roaming\elefundesktops
    2009-05-10 02:09:33 ----D---- C:\Users\Laurza\AppData\Roaming\Desktop3D
    2009-05-10 02:04:57 ----D---- C:\Users\Laurza\AppData\Roaming\StickIt
    2009-05-10 02:04:49 ----D---- C:\Program Files\StickIt
    2009-05-10 01:35:07 ----D---- C:\Program Files\Common Files\Program4Pc
    2009-05-10 01:31:14 ----D---- C:\Windows\system32\FlashPlayer
    2009-05-10 00:46:33 ----D---- C:\Users\Laurza\AppData\Roaming\Bump Technologies, Inc
    2009-05-10 00:40:42 ----D---- C:\Users\Laurza\AppData\Roaming\Q-Dir
    2009-05-10 00:40:41 ----A---- C:\Windows\Q-Dir.ini
    2009-05-09 23:59:15 ----A---- C:\Windows\system32\TUProgSt.exe
    2009-05-09 23:59:11 ----A---- C:\Windows\system32\uxtuneup.dll
    2009-05-09 23:59:11 ----A---- C:\Windows\system32\authuitu.dll
    2009-05-09 23:59:07 ----A---- C:\Windows\system32\TuneUpDefragService.exe
    2009-05-09 23:59:03 ----D---- C:\Users\Laurza\AppData\Roaming\TuneUp Software
    2009-05-09 23:58:23 ----D---- C:\ProgramData\TuneUp Software
    2009-05-09 23:58:23 ----D---- C:\Program Files\TuneUp Utilities 2009
    2009-05-09 23:57:39 ----SHD---- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
    2009-05-09 23:23:25 ----A---- C:\Windows\system32\wbsys.dll
    2009-05-09 23:23:25 ----A---- C:\Windows\system32\wbload.dll
    2009-05-09 23:18:35 ----A---- C:\Windows\StyleBuilder.INI
    2009-05-09 23:01:01 ----A---- C:\Windows\system32\wbhelp2.dll
    2009-05-09 22:47:47 ----A---- C:\Windows\system32\themeui.dll.vgorg
    2009-05-09 22:47:47 ----A---- C:\Windows\system32\themeui.dll
    2009-05-09 16:19:05 ----D---- C:\Users\Laurza\AppData\Roaming\Leadertech
    2009-05-09 16:14:57 ----D---- C:\Program Files\Atari
    2009-05-07 01:02:25 ----D---- C:\Users\Laurza\AppData\Roaming\GameInvest
    2009-05-06 23:31:18 ----D---- C:\Users\Laurza\AppData\Roaming\ValuSoft
    2009-05-06 21:02:12 ----D---- C:\Users\Laurza\AppData\Roaming\Home Sweet Home
    2009-05-06 19:39:30 ----D---- C:\Users\Laurza\AppData\Roaming\Farm Mania
    2009-05-06 18:38:23 ----SHD---- C:\Windows\ftpcache
    2009-05-06 18:17:13 ----D---- C:\Users\Laurza\AppData\Roaming\Zylom
    2009-05-06 17:24:05 ----D---- C:\Program Files\HKO
    2009-05-05 21:59:11 ----A---- C:\NUMER.BAT
    2009-05-05 21:58:35 ----D---- C:\NUMER400
    2009-05-03 14:41:39 ----A---- C:\Windows\Rfw.ini
    2009-05-03 14:40:55 ----RSD---- C:\RavBin
    2009-05-03 14:40:48 ----D---- C:\Program Files\CoGen Media
    2009-05-03 14:40:04 ----D---- C:\ProgramData\Rising
    2009-04-30 00:23:34 ----A---- C:\Windows\MegaManager.INI
    2009-04-30 00:10:09 ----D---- C:\Users\Laurza\AppData\Roaming\Media Player Classic
    2009-04-29 12:46:33 ----D---- C:\ProgramData\2DBoy
    2009-04-27 12:43:11 ----A---- C:\Windows\system32\LTDIS13n.dll
    2009-04-27 12:43:11 ----A---- C:\Windows\system32\lftif13n.dll
    2009-04-27 12:43:11 ----A---- C:\Windows\system32\lftga13n.dll
    2009-04-27 12:43:11 ----A---- C:\Windows\system32\lfRaw13n.dll
    2009-04-27 12:43:11 ----A---- C:\Windows\system32\Lfpng13n.dll
    2009-04-27 12:43:11 ----A---- C:\Windows\system32\lfpcx13n.dll
    2009-04-27 12:43:11 ----A---- C:\Windows\system32\lfmsp13n.dll
    2009-04-27 12:43:11 ----A---- C:\Windows\system32\LFJ2K13n.dll
    2009-04-27 12:43:11 ----A---- C:\Windows\system32\lffax13n.dll
    2009-04-27 12:43:11 ----A---- C:\Windows\system32\LFCMP13n.DLL
    2009-04-27 12:43:11 ----A---- C:\Windows\system32\lfbmp13n.dll
    2009-04-27 12:43:10 ----A---- C:\Windows\system32\Ltwvc13n.dll
    2009-04-27 12:43:10 ----A---- C:\Windows\system32\ltkrn13n.dll
    2009-04-27 12:43:10 ----A---- C:\Windows\system32\ltimg13n.dll
    2009-04-27 12:43:10 ----A---- C:\Windows\system32\ltfil13n.DLL
    2009-04-27 12:43:10 ----A---- C:\Windows\system32\ltefx13n.dll

    ======List of files/folders modified in the last 1 months======

    2009-05-26 18:46:40 ----D---- C:\Windows\Temp
    2009-05-26 18:00:31 ----RD---- C:\Program Files
    2009-05-26 17:34:31 ----D---- C:\Windows\Microsoft.NET
    2009-05-26 17:34:30 ----RSD---- C:\Windows\assembly
    2009-05-26 17:22:53 ----D---- C:\Windows\system32\drivers
    2009-05-26 17:08:16 ----D---- C:\Windows\System32
    2009-05-26 17:08:10 ----D---- C:\Program Files\Mozilla Firefox
    2009-05-26 16:53:41 ----AD---- C:\ProgramData\TEMP
    2009-05-26 16:53:34 ----A---- C:\Windows\system32\acovcnt.exe
    2009-05-26 16:31:58 ----HD---- C:\ProgramData
    2009-05-26 16:04:49 ----SHD---- C:\Windows\Installer
    2009-05-26 16:04:48 ----HD---- C:\Config.Msi
    2009-05-26 16:04:39 ----D---- C:\Windows\winsxs
    2009-05-26 16:04:37 ----D---- C:\Program Files\Adobe
    2009-05-26 16:04:36 ----D---- C:\Program Files\Common Files\Adobe
    2009-05-26 16:04:35 ----D---- C:\ProgramData\Adobe
    2009-05-26 14:17:18 ----D---- C:\Windows\Minidump
    2009-05-26 14:17:12 ----D---- C:\Windows
    2009-05-26 13:33:13 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
    2009-05-26 12:42:13 ----D---- C:\Users\Laurza\AppData\Roaming\LimeWire
    2009-05-26 11:15:02 ----SHD---- C:\System Volume Information
    2009-05-26 01:21:47 ----D---- C:\Users\Laurza\AppData\Roaming\dvdcss
    2009-05-25 17:16:51 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-05-24 03:01:07 ----D---- C:\Windows\system32\Tasks
    2009-05-22 19:01:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-05-22 19:01:38 ----D---- C:\Windows\inf
    2009-05-21 00:47:33 ----SD---- C:\Users\Laurza\AppData\Roaming\Microsoft
    2009-05-20 22:18:43 ----D---- C:\Windows\Prefetch
    2009-05-20 18:49:56 ----D---- C:\Users\Laurza\AppData\Roaming\PlayFirst
    2009-05-20 18:49:56 ----D---- C:\ProgramData\PlayFirst
    2009-05-20 16:57:22 ----D---- C:\Program Files\Common Files
    2009-05-20 13:17:09 ----D---- C:\Program Files\Common Files\PX Storage Engine
    2009-05-20 13:05:55 ----D---- C:\Users\Laurza\AppData\Roaming\Download Manager
    2009-05-18 01:06:52 ----D---- C:\Windows\system32\catroot2
    2009-05-18 01:04:58 ----A---- C:\Windows\system32\uxtheme.dll
    2009-05-18 01:04:58 ----A---- C:\Windows\system32\shsvcs.dll
    2009-05-14 12:22:55 ----D---- C:\ProgramData\Microsoft Help
    2009-05-14 12:19:59 ----D---- C:\Windows\system32\catroot
    2009-05-14 12:19:52 ----D---- C:\Program Files\Windows Mail
    2009-05-14 12:14:57 ----D---- C:\Program Files\WinRAR
    2009-05-12 19:12:48 ----A---- C:\Windows\system32\deploytk.dll
    2009-05-12 17:27:43 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2009-05-12 17:26:42 ----D---- C:\Program Files\CyberLink
    2009-05-11 22:17:15 ----D---- C:\Program Files\AGEIA Technologies
    2009-05-10 04:39:46 ----ASH---- C:\Program Files\desktop.ini
    2009-05-10 04:16:47 ----SHD---- C:\Boot
    2009-05-10 04:16:46 ----D---- C:\Windows\system32\config
    2009-05-10 04:02:59 ----D---- C:\Program Files\Google
    2009-05-10 03:48:47 ----RSD---- C:\Windows\Fonts
    2009-05-10 03:46:53 ----D---- C:\Users\Laurza\AppData\Roaming\Microsoft Games
    2009-05-10 03:46:53 ----D---- C:\ProgramData\Microsoft Games
    2009-05-10 03:46:50 ----D---- C:\Program Files\Microsoft Games
    2009-05-10 03:42:04 ----D---- C:\Program Files\NDSROM Player
    2009-05-10 03:40:33 ----D---- C:\ProgramData\Google
    2009-05-10 00:06:46 ----D---- C:\Windows\system32\fr-FR
    2009-05-09 23:59:52 ----D---- C:\Windows\Tasks
    2009-05-09 23:32:00 ----A---- C:\Windows\win.ini
    2009-05-09 23:01:03 ----D---- C:\ProgramData\Stardock
    2009-05-09 16:46:37 ----D---- C:\Users\Laurza\AppData\Roaming\Atari
    2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
    2009-05-06 18:17:26 ----D---- C:\ProgramData\Zylom
    2009-05-06 18:17:19 ----D---- C:\Users\Laurza\AppData\Roaming\Identities
    2009-04-30 00:24:29 ----D---- C:\Program Files\A table
    2009-04-30 00:22:20 ----D---- C:\Users\Laurza\AppData\Roaming\Studio-Scrap2
    2009-04-30 00:19:41 ----D---- C:\Program Files\MSN Messenger
    2009-04-30 00:15:29 ----D---- C:\Program Files\There

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
    R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
    R1 RfwBase;Rising RfwBase Driver; C:\Windows\system32\DRIVERS\rfwbase.sys [2009-05-03 19568]
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
    R2 CdaC15BA;CdaC15BA; \??\C:\Windows\system32\drivers\CdaC15BA.SYS [2008-11-20 12464]
    R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
    R2 RMCAST;Pilote du protocole RMCAT PGMP; C:\Windows\system32\DRIVERS\RMCAST.sys [2008-05-10 113664]
    R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\Windows\system32\DRIVERS\l260x86.sys [2007-08-17 28672]
    R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-07-31 743424]
    R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
    R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
    R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
    R3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\Windows\system32\drivers\nhcDriver.sys [2009-05-26 22528]
    R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
    R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-11-10 57856]
    R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
    R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
    R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-02-07 124464]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-23 181304]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
    S1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2007-08-13 188464]
    S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
    S3 a7w4blxd;a7w4blxd; C:\Windows\system32\drivers\a7w4blxd.sys []
    S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
    S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt []
    S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
    S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
    S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
    S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 83496]
    S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016]
    S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s916mdm.sys [2007-11-02 109992]
    S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976]
    S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s916obex.sys [2007-11-02 100008]
    S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
    S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
    S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
    S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
    S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-02-02 565248]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-08-24 149864]
    R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-08-24 149864]
    R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\Windows\system32\drivers\CDAC11BA.EXE [2008-11-20 54784]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
    R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2006-11-02 174656]
    R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
    R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-05-09 604416]
    R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    S2 RfwService;Rising Personal Firewall Service; C:\Program Files\CoGen Media\Rfw\rfwsrv.exe [2009-05-03 215664]
    S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-11-19 69120]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-03 655624]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2007-08-23 3192184]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-05-09 361216]
    S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-08-23 243064]

    -----------------EOF-----------------

    info.txt logfile of random's system information tool 1.06 2009-05-26 18:40:41

    ======Uninstall list======

    -->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
    -->MsiExec /X{64F67489-76BB-4CDD-A236-F954BE774B35}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {888B9AC7-8F5C-456B-A27A-157A6C310E52}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {B9896689-DF51-4A16-AAD5-002622D86C72}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1120A001-69F4-43D2-83CE-716B2DC4366F}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
    Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
    Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
    Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
    Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
    Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
    Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
    Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
    Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
    Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
    Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
    Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{786547F9-59BB-4FA3-B2D8-327FF1F14870}
    Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
    Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
    Adobe Media Player-->MsiExec.exe /X{9455959E-D588-EFAE-329C-F66CC797F32A}
    Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
    Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
    Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
    Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
    Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
    Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
    Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
    Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
    Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
    Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
    Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
    AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
    AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
    AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
    Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    ASUS InstantFun-->MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757}
    ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
    ASUS Splendid Video Enhancement Technology-->C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    ASUS Touch Pad Extra-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB891739-2EB3-45A8-9CBD-941C255CECD4}\SETUP.EXE" -l0x9
    Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
    Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\SETUP.exe" -l0x9 -removeonly
    ATI Uninstaller-->C:\Program Files\ATI\CIM\Bin\Atisetup.exe -uninstall all
    ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
    ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Build In Time-->"C:\Program Files\orange\jeux\Build In Time\Uninstall.exe" "C:\Program Files\orange\jeux\Build In Time\install.log"
    CamfrogWEB Advanced ActiveX Plugin (remove only)-->"C:\Program Files\CFWebAdvancedU\Uninstall.exe"
    ccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    ClamWin Free Antivirus 0.95.1-->"C:\Program Files\ClamWin\unins000.exe"
    Component Framework-->MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}
    Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    ImprovedAdsHelper-->C:\Program Files\ImprovedAdsHelper\uninstall.exe uninstall=improvedadshelper
    Install(Fr)-->C:\Program Files\InstallShield Installation Information\{E32B0931-C97B-48E1-A466-27D4088060EF}\setup.exe -runfromtemp -l0x040c -removeonly
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
    Kitty ?????-->C:\Program Files\CoGen Media\Rfw\Update\setup.exe /UNINSTALL
    kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
    Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x040c -removeonly
    LightScribe System Software 1.12.37.1-->MsiExec.exe /X{004C5DA2-2051-4D25-94BA-51CF810C91EB}
    LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\ProgramData\LuUninstall.LiveUpdate"
    LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
    Ludi-->C:\Program Files\Ludi\uninstall.exe
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 3.5-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
    Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
    Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
    Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
    Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
    Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
    Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}
    Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
    Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
    Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {C76C02F1-B07F-4974-876A-A18DEC9887C8}
    Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
    Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
    Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
    Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
    Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office Word 2007 Help - Aggiornamento (KB963665)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}
    Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
    Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
    Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
    Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    NB Probe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\SETUP.EXE" -l0x9
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Norton Internet Security (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_0_0_60\Setup.exe" /X
    Norton Internet Security-->MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
    Notebook Hardware Control 2.0 Pre-Release-06 Bugfix-->C:\Program Files\Notebook Hardware Control\uninst.exe
    NVIDIA PhysX-->MsiExec.exe /X{64F67489-76BB-4CDD-A236-F954BE774B35}
    OGA Notifier 1.7.0105.35.0-->MsiExec.exe /I{25E98ECB-5727-408E-B30A-2CAF86F5B310}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
    PDF-XChange 3-->"C:\Program Files\Tracker Software\PDF-XChange 3\unins000.exe"
    Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
    Power4Gear eXtreme-->C:\Program Files\InstallShield Installation Information\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}\setup.exe -runfromtemp -l0x0009 -removeonly
    PowerForPhone-->C:\Program Files\InstallShield Installation Information\{FC3D290D-79BE-44B7-ABF9-FDD110925930}\setup.exe -runfromtemp -l0x0009 -removeonly
    RCT3 Soaked-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}\setup.exe" -l0x40c
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x9 -removeonly
    Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\SETUP.exe" -l0x9 -removeonly
    Registry Mechanic 8.0-->"C:\Program Files\Registry Mechanic\unins000.exe" /Log
    RollerCoaster Tycoon 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}\Setup.exe" -l0x40c
    RollerCoaster Tycoon® 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\setup.exe" -l0x9
    SafeCast Shared Components-->C:\Program Files\Common Files\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
    Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
    Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
    SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
    SymNet-->MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
    Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
    Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
    Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
    Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {40EDB4D3-A95E-413F-9578-F2E01A3D209B}
    Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
    Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118}
    Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {F9CE58F3-9B2B-4DE4-9506-BF82230EB84D}
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
    Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
    Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
    Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
    Update for Outlook 2007 Junk Email Filter (kb968503)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}
    Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
    Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
    Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
    Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}
    Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}
    Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}
    USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
    VistaGlazz 1.1-->"C:\Program Files\CodeGazer\VistaGlazz\unins000.exe"
    VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
    Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft (3)\Uninstall.exe

    ======Security center information======

    AV: Norton Internet Security (outdated)
    FW: Norton Internet Security (disabled)
    AS: Spybot - Search and Destroy (disabled)
    AS: Windows Defender
    AS: Norton Internet Security (outdated)

    ======System event log======

    Computer Name: Zaliah
    Event Code: 7000
    Message: Le service SYMTDI n'a pas pu démarrer en raison de l'erreur :
    Un périphérique attaché au système ne fonctionne pas correctement.
    Record Number: 1164693
    Source Name: Service Control Manager
    Time Written: 20090526164028.000000-000
    Event Type: Erreur
    User:

    Computer Name: Zaliah
    Event Code: 7000
    Message: Le service SYMTDI n'a pas pu démarrer en raison de l'erreur :
    Un périphérique attaché au système ne fonctionne pas correctement.
    Record Number: 1164694
    Source Name: Service Control Manager
    Time Written: 20090526164028.000000-000
    Event Type: Erreur
    User:

    Computer Name: Zaliah
    Event Code: 7000
    Message: Le service SYMTDI n'a pas pu démarrer en raison de l'erreur :
    Un périphérique attaché au système ne fonctionne pas correctement.
    Re
    Contenus similaires
    a c 296 8 Sécurité
    26 Mai 2009 19:10:52

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    26 Mai 2009 21:56:47

    excuse moi de ma question peut etre completement débile mais c'est quoi les navigateur ?
    a c 296 8 Sécurité
    26 Mai 2009 22:04:15

    Internet Explorer, Mozilla Firefox, etc.
    26 Mai 2009 22:04:20

    voilà , j'ai eu cela
    Malwarebytes' Anti-Malware 1.37
    Version de la base de données: 2182
    Windows 6.0.6001 Service Pack 1

    26/05/2009 21:57:38
    mbam-log-2009-05-26 (21-57-38).txt

    Type de recherche: Examen rapide
    Eléments examinés: 72258
    Temps écoulé: 4 minute(s), 14 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 19
    Valeur(s) du Registre infectée(s): 11
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 14

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\improvedadshelper.browserwatcher (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{a9fc1c11-b511-d9b9-0e29-01a8d05ae107} (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{2003e25f-91da-7ac2-239b-a263b7d2441b} (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{8dc03f36-efed-89c0-3c14-469b513e5651} (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b00f1048-6a9f-daa3-5103-5dcfa3e4719a} (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2ce0a18d-6081-d104-96f7-f765c20b22f1} (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2ce0a18d-6081-d104-96f7-f765c20b22f1} (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2ce0a18d-6081-d104-96f7-f765c20b22f1} (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{913e9215-eb81-7e43-76e6-fc26e50e264c} (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{af56fd81-28a2-0159-4922-1211155898a9} (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\improvedadshelper.browserwatcher.1 (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\improvedadshelper.pornpro_bho (Adware.ImprovedAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\improvedadshelper.pornpro_bho.1 (Adware.ImprovedAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\improvedadshelper.precachebrowserhost (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\improvedadshelper.precachebrowserhost.1 (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ImprovedAdsHelper (Adware.ImprovedAdsHelper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\ImprovedAdsHelper (Adware.ImprovedAdsHelper) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows logon applicationedc (Trojan.Dropper) -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f2a5ea.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f29522.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f1ff2b.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f1a4b7.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f1d7fc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f1f279.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f2288d.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f20f19.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f2766e.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f38c5a1.exe (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\ImprovedAdsHelper (Adware.ImprovedAdsHelper) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Users\Laurza\winlogon.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Program Files\ImprovedAdsHelper\ImprovedAdsHelper-1.dll (Adware.ShoppingAdsHelper) -> Quarantined and deleted successfully.
    c:\program files\improvedadshelper\uninstall.exe (Adware.ImprovedAdsHelper) -> Quarantined and deleted successfully.
    C:\Users\Laurza\AppData\Local\Temp\_A00F2A5EA.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Laurza\AppData\Local\Temp\_A00F29522.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Laurza\AppData\Local\Temp\_A00F1FF2B.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Laurza\AppData\Local\Temp\_A00F1A4B7.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Laurza\AppData\Local\Temp\_A00F1D7FC.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Laurza\AppData\Local\Temp\_A00F1F279.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Laurza\AppData\Local\Temp\_A00F2288D.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Laurza\AppData\Local\Temp\_A00F20F19.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Laurza\AppData\Local\Temp\_A00F2766E.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\Users\Laurza\AppData\Local\Temp\_A00F38C5A1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\Windows\System32\kungsfnoorecbm.dll (Trojan.Agent) -> Quarantined and deleted successfully.

    Puis on m'a dit de redemarer car tout n'a pas pu etre suprimer , donc j'ai redemarer
    a c 296 8 Sécurité
    26 Mai 2009 22:14:31

  • Relance MBAM, va dans Quarantaine et supprime tout.

    Tu as deux antivirus, Norton et Avast, il faut en retirer un.
    26 Mai 2009 22:18:15

    J'ai deja essayé de desinstaller norton car il est périmé mais je n'y arrive pas du tout
    26 Mai 2009 22:24:07

    voila j'ai refais l'annalyse
    Malwarebytes' Anti-Malware 1.37
    Version de la base de données: 2182
    Windows 6.0.6001 Service Pack 1

    26/05/2009 22:22:57
    mbam-log-2009-05-26 (22-22-57).txt

    Type de recherche: Examen rapide
    Eléments examinés: 72386
    Temps écoulé: 3 minute(s), 49 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    26 Mai 2009 22:25:39

    Mais après un certain temps j'ai une espèce de message bisard a chaque fois sa change , qui me dit " essaye de demarer" Puis je doit accepter ou refuser alors je refuse car c'est un "mauvais fichier " et alors la le "virus s'ouvre" et il y a une espèce de fausse analyse puis j'ai le message qui dit que j'ai le trojan
    Mais après un certain temps j'ai une espèce de message bisard a chaque fois sa change , qui me dit " essaye de demarer" Puis je doit accepter ou refuser alors je refuse car c'est un "mauvais fichier " et alors la le "virus s'ouvre" et il y a une espèce de fausse analyse puis j'ai le message qui dit que j'ai le trojan



    Alors pour norton j'ai essayé de le desinstaller et voici les 2 message que je reçoit :


    a c 296 8 Sécurité
    26 Mai 2009 22:38:00

    Ok.

  • Supprime les traces de Norton avec ceci.

  • Désinstalle Avast.

  • Installe Antivir et mets-le à jour.
  • Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.
  • Dans Antivir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.
  • Fais un scan complet et poste le rapport.

    Tutoriel : Scanner le(s) disque(s) dur(s)
    26 Mai 2009 22:49:42

    Il me dit que des fichier sont corrompu Je fais quoi ?
    a c 296 8 Sécurité
    26 Mai 2009 22:55:02

    Retélécharge le fichier ;) 
    26 Mai 2009 22:59:41

    Puis aussi tu saurais pas me faire une liste ou m'aider car j'ai plus de place du tout sur mon disc dur , et j'aimerais suprimer des chose mais je ne sais pas du tout ce que je peux et ce que je ne peux pas ...
    a c 296 8 Sécurité
    26 Mai 2009 23:06:28

    On fera ça après ;) 
    26 Mai 2009 23:15:20

    bon bah j'attend que le truc ce finisse hin ^^
    a c 296 8 Sécurité
    27 Mai 2009 00:35:25

    Mets Tout réparer.
    27 Mai 2009 00:36:14

    voila , après il a tout mis en quarantaine (ce qui restai) et j'ai suprimer je dois faire quoi mtn ?
    a c 296 8 Sécurité
    27 Mai 2009 00:37:36

    Tu n'as pas de rapport ?
    27 Mai 2009 00:38:39

    Non j'ai pas eu de rapport :/  enfin rien ne s'est ouvert du tout appart ce que je t'ai montrer
    a c 296 8 Sécurité
    27 Mai 2009 00:40:37

    Dommage.

  • Refais un scan RSIT et poste le rapport log.
    27 Mai 2009 00:42:23

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Laurza at 2009-05-27 00:41:46
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 5 GB (4%) free of 119 GB
    Total RAM: 1919 MB (54% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 0:41:55, on 27/05/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18226)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\ASUS\ATK Media\DMedia.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\ASUSTPE.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\ClamWin\bin\ClamTray.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\SpeedFan\speedfan.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\Laurza\Desktop\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Laurza.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
    O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\CoGen Media\Rfw\rfwmain.exe" -Startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
    O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_a...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpld...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
    O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - (no file)
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
    O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\CoGen Media\Rfw\rfwsrv.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
    O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

    --
    End of file - 7318 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Maintenance en 1 clic.job
    C:\Windows\tasks\User_Feed_Synchronization-{B9051ECF-40C9-47DD-BD07-6F1A9E7B4C3C}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-12 35840]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
    "ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-23 815104]
    "ASUSTPE"=C:\Windows\system32\ASUSTPE.exe [2006-12-13 106496]
    "RfwMain"=C:\Program Files\CoGen Media\Rfw\rfwmain.exe [2009-05-03 592496]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-12 148888]
    "ClamWin"=C:\Program Files\ClamWin\bin\ClamTray.exe [2009-04-14 86016]
    "NotebookHardwareControl"=C:\Program Files\Notebook Hardware Control\nhc.exe [2007-05-04 2629632]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
    Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB}

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=00000000
    "NoDriveTypeAutoRun"=149

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a7f8c0b-5581-11dd-80b5-806e6f6e6963}]
    shell\AutoRun\command - F:\Installer.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e21547b7-ee2c-11dd-bf67-0022152b07ed}]
    shell\AutoRun\command - H:\Autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e21547b9-ee2c-11dd-bf67-0022152b07ed}]
    shell\AutoRun\command - I:\autorun.exe
    shell\setup\command - I:\setup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ece2c536-9ab1-11dd-b57e-0022152b07ed}]
    shell\AutoRun\command - G:\Autorun.exe


    ======List of files/folders created in the last 1 months======

    2009-05-26 22:53:20 ----D---- C:\ProgramData\Avira
    2009-05-26 22:53:20 ----D---- C:\Program Files\Avira
    2009-05-26 21:51:43 ----D---- C:\Users\Laurza\AppData\Roaming\Malwarebytes
    2009-05-26 21:51:37 ----D---- C:\ProgramData\Malwarebytes
    2009-05-26 21:51:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-26 18:40:23 ----D---- C:\rsit
    2009-05-26 18:00:31 ----D---- C:\Program Files\World of Warcraft
    2009-05-26 17:22:06 ----D---- C:\Program Files\Notebook Hardware Control
    2009-05-26 17:08:17 ----D---- C:\Program Files\SpeedFan
    2009-05-26 16:31:58 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2009-05-26 16:31:58 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-05-26 16:27:53 ----D---- C:\Users\Laurza\AppData\Roaming\.clamwin
    2009-05-26 16:27:45 ----D---- C:\ProgramData\.clamwin
    2009-05-26 16:27:45 ----D---- C:\Program Files\ClamWin
    2009-05-26 16:20:41 ----D---- C:\Program Files\Alwil Software
    2009-05-26 16:01:58 ----D---- C:\Program Files\Trend Micro
    2009-05-26 15:45:24 ----A---- C:\Windows\system32\STKIT432.DLL
    2009-05-26 15:45:24 ----A---- C:\Windows\system32\msxml.dll
    2009-05-26 15:45:22 ----D---- C:\Program Files\Registry Mechanic
    2009-05-26 14:49:46 ----D---- C:\ProgramData\Pets Fun House
    2009-05-26 14:48:34 ----D---- C:\PetsFunHouse
    2009-05-26 14:37:35 ----D---- C:\Users\Laurza\AppData\Roaming\eGames
    2009-05-26 13:58:01 ----D---- C:\Program Files\GamesBar
    2009-05-25 17:16:53 ----D---- C:\AeriaGames
    2009-05-24 13:18:02 ----D---- C:\ProgramData\Office Genuine Advantage
    2009-05-21 00:47:28 ----D---- C:\Program Files\Microsoft WSE
    2009-05-21 00:31:15 ----D---- C:\Program Files\Electronic Arts
    2009-05-20 23:40:05 ----D---- C:\ProgramData\Legacy Interactive
    2009-05-20 22:50:35 ----D---- C:\ProgramData\NannyMania
    2009-05-20 22:18:53 ----D---- C:\Users\Laurza\AppData\Roaming\MysteryStudio
    2009-05-20 21:48:10 ----D---- C:\Users\Laurza\AppData\Roaming\Boolat Games
    2009-05-20 20:18:54 ----D---- C:\ProgramData\Valusoft
    2009-05-20 18:27:27 ----D---- C:\ProgramData\Arcade Lab
    2009-05-20 16:59:02 ----D---- C:\Users\Laurza\AppData\Roaming\Gamelab
    2009-05-20 16:57:22 ----D---- C:\Program Files\Oberon Media
    2009-05-20 16:57:22 ----D---- C:\Program Files\Common Files\Oberon Media
    2009-05-18 01:41:33 ----D---- C:\Users\Laurza\AppData\Roaming\vlc
    2009-05-18 01:04:19 ----D---- C:\Program Files\CodeGazer
    2009-05-18 00:51:52 ----A---- C:\Windows\iPlayer.INI
    2009-05-16 17:22:10 ----D---- C:\Users\Laurza\AppData\Roaming\Canneverbe_Limited
    2009-05-16 17:16:03 ----D---- C:\Users\Laurza\AppData\Roaming\Nero
    2009-05-16 17:01:23 ----D---- C:\ProgramData\Messenger Plus!
    2009-05-16 16:57:42 ----A---- C:\Windows\Irremote.ini
    2009-05-16 16:28:45 ----D---- C:\Program Files\Messenger Plus! Live
    2009-05-16 16:20:11 ----D---- C:\Program Files\Nero
    2009-05-16 16:19:31 ----D---- C:\ProgramData\Nero
    2009-05-16 16:19:30 ----D---- C:\Program Files\Common Files\Nero
    2009-05-13 14:56:04 ----D---- C:\Users\Laurza\AppData\Roaming\BitZipper
    2009-05-12 20:05:49 ----D---- C:\Users\Laurza\AppData\Roaming\Crayon Physics Deluxe
    2009-05-12 19:12:59 ----A---- C:\Windows\system32\javaws.exe
    2009-05-12 19:12:59 ----A---- C:\Windows\system32\javaw.exe
    2009-05-12 19:12:59 ----A---- C:\Windows\system32\java.exe
    2009-05-12 19:12:44 ----D---- C:\Program Files\Java
    2009-05-12 18:00:29 ----A---- C:\Windows\ntbtlog.txt
    2009-05-11 20:04:17 ----D---- C:\Program Files\Common Files\PocketSoft
    2009-05-11 20:04:17 ----A---- C:\Windows\patchw32.dll
    2009-05-11 19:22:21 ----D---- C:\Program Files\SystemRequirementsLab
    2009-05-11 19:22:11 ----D---- C:\Users\Laurza\AppData\Roaming\SystemRequirementsLab
    2009-05-11 15:06:49 ----D---- C:\Program Files\Infogrames
    2009-05-10 03:08:43 ----A---- C:\Windows\_MSRSTRT.EXE
    2009-05-10 02:22:07 ----D---- C:\Program Files\Crawler
    2009-05-10 02:21:59 ----D---- C:\ProgramData\Laconic Software
    2009-05-10 02:21:46 ----D---- C:\Users\Laurza\AppData\Roaming\GetRightToGo
    2009-05-10 02:21:46 ----D---- C:\Downloads
    2009-05-10 02:11:19 ----D---- C:\Users\Laurza\AppData\Roaming\elefundesktops
    2009-05-10 02:09:33 ----D---- C:\Users\Laurza\AppData\Roaming\Desktop3D
    2009-05-10 02:04:57 ----D---- C:\Users\Laurza\AppData\Roaming\StickIt
    2009-05-10 02:04:49 ----D---- C:\Program Files\StickIt
    2009-05-10 01:35:07 ----D---- C:\Program Files\Common Files\Program4Pc
    2009-05-10 01:31:14 ----D---- C:\Windows\system32\FlashPlayer
    2009-05-10 00:46:33 ----D---- C:\Users\Laurza\AppData\Roaming\Bump Technologies, Inc
    2009-05-10 00:40:42 ----D---- C:\Users\Laurza\AppData\Roaming\Q-Dir
    2009-05-10 00:40:41 ----A---- C:\Windows\Q-Dir.ini
    2009-05-09 23:59:15 ----A---- C:\Windows\system32\TUProgSt.exe
    2009-05-09 23:59:11 ----A---- C:\Windows\system32\uxtuneup.dll
    2009-05-09 23:59:11 ----A---- C:\Windows\system32\authuitu.dll
    2009-05-09 23:59:07 ----A---- C:\Windows\system32\TuneUpDefragService.exe
    2009-05-09 23:59:03 ----D---- C:\Users\Laurza\AppData\Roaming\TuneUp Software
    2009-05-09 23:58:23 ----D---- C:\ProgramData\TuneUp Software
    2009-05-09 23:58:23 ----D---- C:\Program Files\TuneUp Utilities 2009
    2009-05-09 23:57:39 ----SHD---- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
    2009-05-09 23:23:25 ----A---- C:\Windows\system32\wbsys.dll
    2009-05-09 23:23:25 ----A---- C:\Windows\system32\wbload.dll
    2009-05-09 23:18:35 ----A---- C:\Windows\StyleBuilder.INI
    2009-05-09 23:01:01 ----A---- C:\Windows\system32\wbhelp2.dll
    2009-05-09 22:47:47 ----A---- C:\Windows\system32\themeui.dll.vgorg
    2009-05-09 22:47:47 ----A---- C:\Windows\system32\themeui.dll
    2009-05-09 16:19:05 ----D---- C:\Users\Laurza\AppData\Roaming\Leadertech
    2009-05-09 16:14:57 ----D---- C:\Program Files\Atari
    2009-05-07 01:02:25 ----D---- C:\Users\Laurza\AppData\Roaming\GameInvest
    2009-05-06 23:31:18 ----D---- C:\Users\Laurza\AppData\Roaming\ValuSoft
    2009-05-06 21:02:12 ----D---- C:\Users\Laurza\AppData\Roaming\Home Sweet Home
    2009-05-06 19:39:30 ----D---- C:\Users\Laurza\AppData\Roaming\Farm Mania
    2009-05-06 18:38:23 ----SHD---- C:\Windows\ftpcache
    2009-05-06 18:17:13 ----D---- C:\Users\Laurza\AppData\Roaming\Zylom
    2009-05-06 17:24:05 ----D---- C:\Program Files\HKO
    2009-05-05 21:59:11 ----A---- C:\NUMER.BAT
    2009-05-05 21:58:35 ----D---- C:\NUMER400
    2009-05-03 14:41:39 ----A---- C:\Windows\Rfw.ini
    2009-05-03 14:40:55 ----RSD---- C:\RavBin
    2009-05-03 14:40:48 ----D---- C:\Program Files\CoGen Media
    2009-05-03 14:40:04 ----D---- C:\ProgramData\Rising
    2009-04-30 00:23:34 ----A---- C:\Windows\MegaManager.INI
    2009-04-30 00:10:09 ----D---- C:\Users\Laurza\AppData\Roaming\Media Player Classic
    2009-04-29 12:46:33 ----D---- C:\ProgramData\2DBoy

    ======List of files/folders modified in the last 1 months======

    2009-05-27 00:41:49 ----D---- C:\Windows\Temp
    2009-05-27 00:30:41 ----A---- C:\Windows\system32\acovcnt.exe
    2009-05-27 00:28:19 ----SD---- C:\Windows\Downloaded Program Files
    2009-05-26 22:53:28 ----D---- C:\Windows\system32\drivers
    2009-05-26 22:53:20 ----RD---- C:\Program Files
    2009-05-26 22:53:20 ----HD---- C:\ProgramData
    2009-05-26 22:52:08 ----SHD---- C:\System Volume Information
    2009-05-26 22:51:46 ----SHD---- C:\Windows\Installer
    2009-05-26 22:51:46 ----HD---- C:\Config.Msi
    2009-05-26 22:51:45 ----D---- C:\Windows\winsxs
    2009-05-26 22:48:26 ----D---- C:\Windows\System32
    2009-05-26 22:44:56 ----D---- C:\Program Files\Common Files\Symantec Shared
    2009-05-26 22:42:28 ----D---- C:\ProgramData\Symantec
    2009-05-26 22:41:08 ----D---- C:\Windows\system32\catroot
    2009-05-26 22:41:07 ----D---- C:\Windows\inf
    2009-05-26 22:40:48 ----D---- C:\ProgramData\NortonInstaller
    2009-05-26 22:33:08 ----D---- C:\Windows
    2009-05-26 22:00:46 ----AD---- C:\ProgramData\TEMP
    2009-05-26 21:58:41 ----D---- C:\Windows\system32\catroot2
    2009-05-26 17:34:31 ----D---- C:\Windows\Microsoft.NET
    2009-05-26 17:34:30 ----RSD---- C:\Windows\assembly
    2009-05-26 17:08:10 ----D---- C:\Program Files\Mozilla Firefox
    2009-05-26 16:04:37 ----D---- C:\Program Files\Adobe
    2009-05-26 16:04:36 ----D---- C:\Program Files\Common Files\Adobe
    2009-05-26 16:04:35 ----D---- C:\ProgramData\Adobe
    2009-05-26 14:17:18 ----D---- C:\Windows\Minidump
    2009-05-26 13:33:13 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
    2009-05-26 12:42:13 ----D---- C:\Users\Laurza\AppData\Roaming\LimeWire
    2009-05-26 01:21:47 ----D---- C:\Users\Laurza\AppData\Roaming\dvdcss
    2009-05-25 17:16:51 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-05-24 03:01:07 ----D---- C:\Windows\system32\Tasks
    2009-05-22 19:01:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-05-21 00:47:33 ----SD---- C:\Users\Laurza\AppData\Roaming\Microsoft
    2009-05-20 22:18:43 ----D---- C:\Windows\Prefetch
    2009-05-20 18:49:56 ----D---- C:\Users\Laurza\AppData\Roaming\PlayFirst
    2009-05-20 18:49:56 ----D---- C:\ProgramData\PlayFirst
    2009-05-20 16:57:22 ----D---- C:\Program Files\Common Files
    2009-05-20 13:17:09 ----D---- C:\Program Files\Common Files\PX Storage Engine
    2009-05-20 13:05:55 ----D---- C:\Users\Laurza\AppData\Roaming\Download Manager
    2009-05-18 01:04:58 ----A---- C:\Windows\system32\uxtheme.dll
    2009-05-18 01:04:58 ----A---- C:\Windows\system32\shsvcs.dll
    2009-05-14 12:22:55 ----D---- C:\ProgramData\Microsoft Help
    2009-05-14 12:19:52 ----D---- C:\Program Files\Windows Mail
    2009-05-14 12:14:57 ----D---- C:\Program Files\WinRAR
    2009-05-12 19:12:48 ----A---- C:\Windows\system32\deploytk.dll
    2009-05-12 17:27:43 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2009-05-12 17:26:42 ----D---- C:\Program Files\CyberLink
    2009-05-11 22:17:15 ----D---- C:\Program Files\AGEIA Technologies
    2009-05-10 04:39:46 ----ASH---- C:\Program Files\desktop.ini
    2009-05-10 04:16:47 ----SHD---- C:\Boot
    2009-05-10 04:16:46 ----D---- C:\Windows\system32\config
    2009-05-10 04:02:59 ----D---- C:\Program Files\Google
    2009-05-10 03:48:47 ----RSD---- C:\Windows\Fonts
    2009-05-10 03:46:53 ----D---- C:\Users\Laurza\AppData\Roaming\Microsoft Games
    2009-05-10 03:46:53 ----D---- C:\ProgramData\Microsoft Games
    2009-05-10 03:46:50 ----D---- C:\Program Files\Microsoft Games
    2009-05-10 03:42:04 ----D---- C:\Program Files\NDSROM Player
    2009-05-10 03:40:33 ----D---- C:\ProgramData\Google
    2009-05-10 00:06:46 ----D---- C:\Windows\system32\fr-FR
    2009-05-09 23:59:52 ----D---- C:\Windows\Tasks
    2009-05-09 23:32:00 ----A---- C:\Windows\win.ini
    2009-05-09 23:01:03 ----D---- C:\ProgramData\Stardock
    2009-05-09 16:46:37 ----D---- C:\Users\Laurza\AppData\Roaming\Atari
    2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
    2009-05-06 18:17:26 ----D---- C:\ProgramData\Zylom
    2009-05-06 18:17:19 ----D---- C:\Users\Laurza\AppData\Roaming\Identities
    2009-04-30 00:24:29 ----D---- C:\Program Files\A table
    2009-04-30 00:22:20 ----D---- C:\Users\Laurza\AppData\Roaming\Studio-Scrap2
    2009-04-30 00:19:41 ----D---- C:\Program Files\MSN Messenger
    2009-04-30 00:15:29 ----D---- C:\Program Files\There

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
    R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 RfwBase;Rising RfwBase Driver; C:\Windows\system32\DRIVERS\rfwbase.sys [2009-05-03 19568]
    R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
    R2 CdaC15BA;CdaC15BA; \??\C:\Windows\system32\drivers\CdaC15BA.SYS [2008-11-20 12464]
    R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
    R2 RMCAST;Pilote du protocole RMCAT PGMP; C:\Windows\system32\DRIVERS\RMCAST.sys [2008-05-10 113664]
    R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\Windows\system32\DRIVERS\l260x86.sys [2007-08-17 28672]
    R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-07-31 743424]
    R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
    R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
    R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
    R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
    R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-11-10 57856]
    R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
    R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-23 181304]
    S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
    S3 aa861a0w;aa861a0w; C:\Windows\system32\drivers\aa861a0w.sys []
    S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
    S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt []
    S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
    S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
    S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
    S3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\Windows\system32\drivers\nhcDriver.sys [2009-05-26 22528]
    S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 83496]
    S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016]
    S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s916mdm.sys [2007-11-02 109992]
    S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976]
    S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s916obex.sys [2007-11-02 100008]
    S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
    S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
    S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
    S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
    S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]
    R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
    R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-02-02 565248]
    R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\Windows\system32\drivers\CDAC11BA.EXE [2008-11-20 54784]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
    R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2006-11-02 174656]
    R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
    R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-05-09 604416]
    R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    S2 RfwService;Rising Personal Firewall Service; C:\Program Files\CoGen Media\Rfw\rfwsrv.exe [2009-05-03 215664]
    S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe []
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-03 655624]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-05-09 361216]
    S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504]

    -----------------EOF-----------------
    a c 296 8 Sécurité
    27 Mai 2009 00:47:00

    Ton PC va mieux ?
    27 Mai 2009 00:48:12

    Et bien il a l'air :)  Merci beaucoup Mais j'ai toujours pas d'espace sur mon disc dure masi sa on peux faire sa plus tard ^^ A oui et je voulais te demander , mon parefeu dit que mon pc est pas protégé je dois faire comment ? je suis sous vista
    a c 296 8 Sécurité
    27 Mai 2009 00:55:12

    Le pare-feu de Vista est activé ?
    a c 296 8 Sécurité
    27 Mai 2009 01:06:55

    D'après l'image, ça a l'air OK.


    1/

  • Désinstalle HijackThis.

  • Télécharge OTCleanIt sur ton Bureau :
  • Clique droit sur OTCleanIt et choisis Exécuter en tant qu'administrateur.
  • Clique sur CleanUp! puis clique sur Yes à la fenêtre Confirm.
  • Redémarre ton PC comme demandé.


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
  • Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Supprimer les popups d'AntiVir : Lien

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer.

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    Si tu estimes que ton problème est résolu :

    ---> Ajoute maintenant [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Rajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    a c 296 8 Sécurité
    27 Mai 2009 01:37:48

    Tu as gagné de l'espace sur ton disque dur ?
    27 Mai 2009 01:39:52

    très franchement 0,30 Giga :$ Mais la je suprime deja quelque jeu mais sa change rien car il sont vraiment pas tres lourd ... 200MO :/  mais comme je sais pas du tout quoi desinstaller je chipote pas trop au reste
    27 Mai 2009 01:41:29

    Et j'ai un truc aussi au demarage qui me demande ma permission pour demarer "Rising Personal Firewall MainProgram " Mais je refuse car je ne sais pas ce que c'est c'est aussi venu d'un coup et j'ai aussi un autre message qui me dit erreur d'incompatibilité Starforce Protecion mais j'ai jamais utiliser ce truc la
    27 Mai 2009 01:41:43

    Jdois etre vraiment lourde dsl
    27 Mai 2009 02:03:26

    Dis tu pense que je peux poster pour mon copain ? qui fait plein de bétise avec son pc ou tu crois que je peux te demander ? :$
    a c 296 8 Sécurité
    27 Mai 2009 02:12:16

    Oui bien sûr mais fais un nouveau sujet.
    27 Mai 2009 02:16:33

    ok par contre maintenant l'antivirus ne veux pas se mettre a jour il marque le planificateur n'a pas été démarer :/  je dois le demarer comment ?car le petit paraplui est fermer
    a c 296 8 Sécurité
    27 Mai 2009 02:18:51

    Je voudrais vérifier quelque chose.

  • Télécharge Catchme (Przemyslaw Gmerek) sur ton Bureau.
  • Clique droit sur catchme.exe (le .exe n'est pas forcément visible) et choisis Exécuter en tant qu'administrateur.
  • Lorsque la recherche sera terminée, poste le rapport catchme.log dans ta prochaine réponse. (Ce rapport est sur ton Bureau.)
    27 Mai 2009 02:28:15

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-27 02:25:07
    Windows 6.0.6001 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kungsfmhtibcpt]
    "start"=dword:00000001
    "type"=dword:00000001
    "group"="file system"
    "imagepath"=str(2):"\systemroot\system32\drivers\kungsfqfbtxnip.sys"
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:2df9c43f
    "s2"=dword:110480d0
    "h0"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="C:\Program Files\DAEMON Tools Lite\"
    "h0"=dword:00000000
    "khjeh"=hex:0d,64,ab,92,c7,39,d1,d6,ee,0f,b4,9a,ae,d8,a7,83,90,89,94,20,07,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,c6,95,99,76,4e,f9,a8,89,3a,1d,85,99,96,d4,ef,81,a8,..
    "khjeh"=hex:b5,11,fc,0c,aa,fc,6d,14,3d,7a,7f,be,9b,58,83,4a,99,b1,87,63,ba,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:a2,4a,5e,63,73,b0,8b,63,57,72,82,fa,37,de,d3,5a,1f,c3,a9,c8,f3,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
    "khjeh"=hex:a3,de,67,1e,98,a4,7e,99,83,67,00,14,ff,b9,bc,47,52,50,5c,ef,dc,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
    "khjeh"=hex:17,62,d5,23,fe,c8,e3,cb,8a,8c,11,09,fc,5b,fd,5d,20,01,9a,8a,43,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
    "khjeh"=hex:46,f3,81,aa,b2,bb,22,46,54,21,e6,44,1f,13,fc,4a,1d,28,ee,29,0f,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\kungsfmhtibcpt]
    "start"=dword:00000001
    "type"=dword:00000001
    "group"="file system"
    "imagepath"=str(2):"\systemroot\system32\drivers\kungsfqfbtxnip.sys"
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="C:\Program Files\DAEMON Tools Lite\"
    "h0"=dword:00000000
    "khjeh"=hex:0d,64,ab,92,c7,39,d1,d6,ee,0f,b4,9a,ae,d8,a7,83,90,89,94,20,07,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,c6,95,99,76,4e,f9,a8,89,3a,1d,85,99,96,d4,ef,81,a8,..
    "khjeh"=hex:b5,11,fc,0c,aa,fc,6d,14,3d,7a,7f,be,9b,58,83,4a,99,b1,87,63,ba,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:a2,4a,5e,63,73,b0,8b,63,57,72,82,fa,37,de,d3,5a,1f,c3,a9,c8,f3,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
    "khjeh"=hex:a3,de,67,1e,98,a4,7e,99,83,67,00,14,ff,b9,bc,47,52,50,5c,ef,dc,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
    "khjeh"=hex:17,62,d5,23,fe,c8,e3,cb,8a,8c,11,09,fc,5b,fd,5d,20,01,9a,8a,43,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
    "khjeh"=hex:46,f3,81,aa,b2,bb,22,46,54,21,e6,44,1f,13,fc,4a,1d,28,ee,29,0f,..

    scanning hidden registry entries ...

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B9168624-0869-81C6-F67A-645B461DE98B}]
    "iagpajebcccdpmigmd"=hex:6a,61,63,69,6b,67,63,63,6d,66,70,69,6f,67,69,69,6c,6e,64,65,00,..
    "haaokdepicdmnleh"=hex:6a,61,63,69,6b,67,63,63,6d,66,70,69,6f,67,69,69,6c,6e,64,65,00,..

    scanning hidden files ...


    Il me mettais cela puis n'avance plus
    a c 296 8 Sécurité
    27 Mai 2009 02:40:10

    Ton PC est encore infecté.

  • Désactive l'UAC le temps de la désinfection.

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Clique droit sur ComboFix.exe (le .exe n'est pas forcément visible) et choisis Exécuter en tant qu'administrateur.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    27 Mai 2009 03:13:06

    sa ne marche pas , j'ai desactiver tout ce qu'il me demandais , j'ai redemarer 3 fois , et sa marche pas le programme :( 
    a c 296 8 Sécurité
    27 Mai 2009 03:18:38

    Comment ça "il ne fonctionne pas" ?

    Renomme ComboFix en IDN et réessaie.

    Si ça ne fonctionne toujours pas, essaie de l'exécuter en mode sans échec.

    Pour redémarrer en mode sans échec :
  • Redémarre ton PC.
  • Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
  • Dans le menu d'options avancées, choisis Mode sans échec.
  • Choisis ta session.

    Je vais dormir, bonne nuit ;) 
    27 Mai 2009 03:44:48

    voilà enfin ^^ apres 30 minute :/ 

    ComboFix 09-05-26.02 - Laurza 27/05/2009 3:16:38.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.32.1036.18.1919.1218 [GMT 2:00]
    Lancé depuis: C:\Users\Laurza\Desktop\ComboFix.exe
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Users\Laurza\AppData\Local\Temp\sfamcc00001.dll
    C:\Users\Laurza\AppData\Local\Temp\sfareca00001.dll
    C:\Windows\system32\acovcnt.exe
    C:\Windows\system32\kungsfepwliexx.dat

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_KUNGSFMHTIBCPT
    -------\Service_Boonty Games
    -------\Service_kungsfmhtibcpt


    ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-27 au 2009-05-27 ))))))))))))))))))))))))))))))))))))
    .

    2009-05-27 01:30:27 . 2009-05-27 01:38:25 0 d-----w C:\Users\Laurza\AppData\Local\temp
    2009-05-26 23:16:15 . 2009-05-26 23:16:16 0 d-----w C:\Program Files\CCleaner
    2009-05-26 20:53:23 . 2009-03-30 08:32:47 96104 ----a-w C:\Windows\system32\drivers\avipbb.sys
    2009-05-26 20:53:23 . 2009-03-24 14:07:58 55640 ----a-w C:\Windows\system32\drivers\avgntflt.sys
    2009-05-26 20:53:20 . 2009-05-26 20:53:20 0 d-----w C:\ProgramData\Avira
    2009-05-26 20:53:20 . 2009-05-26 20:53:20 0 d-----w C:\Program Files\Avira
    2009-05-26 19:51:43 . 2009-05-26 19:51:43 0 d-----w C:\Users\Laurza\AppData\Roaming\Malwarebytes
    2009-05-26 19:51:38 . 2009-05-26 11:20:08 40160 ----a-w C:\Windows\system32\drivers\mbamswissarmy.sys
    2009-05-26 19:51:37 . 2009-05-26 19:51:42 0 d-----w C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-26 19:51:37 . 2009-05-26 19:51:37 0 d-----w C:\ProgramData\Malwarebytes
    2009-05-26 19:51:37 . 2009-05-26 11:19:56 19096 ----a-w C:\Windows\system32\drivers\mbam.sys
    2009-05-26 16:00:31 . 2009-05-26 16:33:53 0 d-----w C:\Program Files\World of Warcraft
    2009-05-26 15:22:53 . 2009-05-27 01:38:25 22528 ----a-w C:\Windows\system32\drivers\nhcDriver.sys
    2009-05-26 15:22:06 . 2009-05-26 15:22:17 0 d-----w C:\Program Files\Notebook Hardware Control
    2009-05-26 15:08:17 . 2009-05-27 01:13:07 0 d-----w C:\Program Files\SpeedFan
    2009-05-26 15:00:48 . 2009-05-26 15:58:07 0 d-----w C:\Users\Public\Games
    2009-05-26 14:31:58 . 2009-05-27 01:08:00 0 d-----w C:\Program Files\Spybot - Search & Destroy
    2009-05-26 14:31:58 . 2009-05-27 01:05:48 0 d-----w C:\ProgramData\Spybot - Search & Destroy
    2009-05-26 14:27:53 . 2009-05-26 14:28:11 0 d-----w C:\Users\Laurza\AppData\Roaming\.clamwin
    2009-05-26 14:27:45 . 2009-05-26 14:27:45 0 d-----w C:\ProgramData\.clamwin
    2009-05-26 14:27:45 . 2009-05-26 14:27:45 0 d-----w C:\Program Files\ClamWin
    2009-05-26 14:20:41 . 2009-05-26 14:20:41 0 d-----w C:\Program Files\Alwil Software
    2009-05-26 14:01:58 . 2009-05-26 14:01:58 0 d-----w C:\Program Files\Trend Micro
    2009-05-26 13:45:46 . 2009-05-26 13:45:46 0 d-----w C:\Users\Public\Games.59103d90.temp
    2009-05-26 13:45:24 . 2004-08-04 06:00:00 506368 ----a-w C:\Windows\system32\msxml.dll
    2009-05-26 13:24:14 . 2009-05-26 13:24:14 0 d-----w C:\Users\Public\Games.e19ffd5e.temp
    2009-05-26 13:02:07 . 2009-05-26 13:02:07 0 d-----w C:\Users\Public\Games.f7424816.temp
    2009-05-26 12:49:46 . 2009-05-26 12:49:46 0 d-----w C:\ProgramData\Pets Fun House
    2009-05-26 12:48:34 . 2009-05-26 12:48:34 0 d-----w C:\PetsFunHouse
    2009-05-26 12:37:35 . 2009-05-26 12:37:35 0 d-----w C:\Users\Laurza\AppData\Roaming\eGames
    2009-05-26 12:19:41 . 2009-05-26 12:19:41 0 d-----w C:\Users\Public\Games.a4581092.temp
    2009-05-26 12:19:10 . 2009-05-26 19:49:04 233472 ----a-w C:\Users\Laurza\google.com
    2009-05-26 12:02:47 . 2009-05-26 12:02:47 0 d-----w C:\Users\Public\Games.temp
    2009-05-26 11:58:01 . 2009-05-26 11:58:01 0 d-----w C:\Program Files\GamesBar
    2009-05-26 09:15:15 . 2009-05-06 18:06:53 4784464 ----a-w C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3762BF3B-B545-41E6-BC6A-2886A88C6B4D}\mpengine.dll
    2009-05-25 15:16:53 . 2009-05-25 15:16:53 0 d-----w C:\AeriaGames
    2009-05-24 11:18:02 . 2009-05-24 11:18:02 0 d-----w C:\ProgramData\Office Genuine Advantage
    2009-05-20 22:47:33 . 2009-05-20 22:47:33 10134 ----a-r C:\Users\Laurza\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
    2009-05-20 22:47:28 . 2009-05-20 22:47:28 0 d-----w C:\Program Files\Microsoft WSE
    2009-05-20 22:31:15 . 2009-05-20 22:31:15 0 d-----w C:\Program Files\Electronic Arts
    2009-05-20 21:40:05 . 2009-05-20 21:40:05 0 d-----w C:\ProgramData\Legacy Interactive
    2009-05-20 20:50:35 . 2009-05-20 20:50:35 0 d-----w C:\ProgramData\NannyMania
    2009-05-20 20:18:53 . 2009-05-20 20:18:53 0 d-----w C:\Users\Laurza\AppData\Roaming\MysteryStudio
    2009-05-20 19:48:10 . 2009-05-20 19:48:10 0 d-----w C:\Users\Laurza\AppData\Roaming\Boolat Games
    2009-05-20 18:18:54 . 2009-05-20 18:18:54 0 d-----w C:\ProgramData\Valusoft
    2009-05-20 16:27:27 . 2009-05-20 16:27:27 0 d-----w C:\ProgramData\Arcade Lab
    2009-05-20 14:59:02 . 2009-05-20 14:59:02 0 d-----w C:\Users\Laurza\AppData\Roaming\Gamelab
    2009-05-20 14:57:22 . 2009-05-26 13:19:40 0 d-----w C:\Program Files\Oberon Media
    2009-05-20 14:57:22 . 2009-05-20 14:57:22 0 d-----w C:\Program Files\Common Files\Oberon Media
    2009-05-17 23:41:33 . 2009-05-17 23:41:36 0 d-----w C:\Users\Laurza\AppData\Roaming\vlc
    2009-05-17 23:04:19 . 2009-05-17 23:04:19 0 d-----w C:\Program Files\CodeGazer
    2009-05-16 15:22:10 . 2009-05-16 15:22:10 0 d-----w C:\Users\Laurza\AppData\Roaming\Canneverbe_Limited
    2009-05-16 15:16:03 . 2009-05-16 15:16:03 0 d-----w C:\Users\Laurza\AppData\Roaming\Nero
    2009-05-16 15:01:23 . 2009-05-16 15:01:23 0 d-----w C:\ProgramData\Messenger Plus!
    2009-05-16 14:28:45 . 2009-05-16 15:38:56 0 d-----w C:\Program Files\Messenger Plus! Live
    2009-05-16 14:20:11 . 2009-05-16 14:56:39 0 d-----w C:\Program Files\Nero
    2009-05-16 14:19:31 . 2009-05-16 14:48:29 0 d-----w C:\ProgramData\Nero
    2009-05-16 14:19:30 . 2009-05-16 14:57:07 0 d-----w C:\Program Files\Common Files\Nero
    2009-05-13 13:42:14 . 2009-05-13 13:43:15 0 d-----w C:\Users\Laurza\RCT
    2009-05-13 12:56:04 . 2009-05-13 12:56:04 0 d-----w C:\Users\Laurza\AppData\Roaming\BitZipper
    2009-05-12 18:05:49 . 2009-05-12 18:06:40 0 d-----w C:\Users\Laurza\AppData\Roaming\Crayon Physics Deluxe
    2009-05-12 17:12:44 . 2009-05-12 17:12:44 0 d-----w C:\Program Files\Java
    2009-05-11 18:04:17 . 2009-05-11 18:04:17 0 d-----w C:\Program Files\Common Files\PocketSoft
    2009-05-11 18:04:17 . 2002-02-27 16:50:00 197120 ----a-w C:\Windows\patchw32.dll
    2009-05-11 17:22:21 . 2009-05-11 17:22:21 0 d-----w C:\Program Files\SystemRequirementsLab
    2009-05-11 17:22:11 . 2009-05-11 17:22:21 0 d-----w C:\Users\Laurza\AppData\Roaming\SystemRequirementsLab
    2009-05-11 17:22:11 . 2009-05-11 17:22:11 207872 ----a-w C:\Users\Laurza\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4.dll
    2009-05-11 17:22:11 . 2009-05-11 17:22:11 207872 ----a-w C:\Users\Laurza\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_3.dll
    2009-05-11 17:22:11 . 2009-05-11 17:22:11 207872 ----a-w C:\Users\Laurza\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_2.dll
    2009-05-11 17:22:11 . 2009-05-11 17:22:11 207872 ----a-w C:\Users\Laurza\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_1.dll
    2009-05-10 01:08:43 . 2009-05-10 01:08:43 2560 ----a-w C:\Windows\_MSRSTRT.EXE
    2009-05-10 00:52:54 . 2009-05-10 00:52:56 0 d-----w C:\Users\Laurza\AppData\Local\CaledosLAB
    2009-05-10 00:22:07 . 2009-05-10 01:54:11 0 d-----w C:\Program Files\Crawler
    2009-05-10 00:21:59 . 2009-05-10 01:40:05 0 d-----w C:\ProgramData\Laconic Software
    2009-05-10 00:21:46 . 2009-05-10 00:23:16 0 d-----w C:\Users\Laurza\AppData\Roaming\GetRightToGo
    2009-05-10 00:21:46 . 2009-05-10 00:21:46 0 d-----w C:\Downloads
    2009-05-10 00:11:23 . 2009-05-10 00:11:23 1609732 ----a-w C:\Users\Laurza\AppData\Roaming\elefundesktops\fireworksonbrooklynbridge_wallpaper\swfplayer.exe
    2009-05-10 00:11:19 . 2009-05-10 00:11:19 0 d-----w C:\Users\Laurza\AppData\Roaming\elefundesktops
    2009-05-10 00:09:33 . 2009-05-10 00:09:36 0 d-----w C:\Users\Laurza\AppData\Roaming\Desktop3D
    2009-05-10 00:04:57 . 2009-05-10 00:04:57 0 d-----w C:\Users\Laurza\AppData\Roaming\StickIt
    2009-05-10 00:04:49 . 2009-05-10 01:45:30 0 d-----w C:\Program Files\StickIt
    2009-05-09 23:35:07 . 2009-05-10 01:40:55 0 d-----w C:\Program Files\Common Files\Program4Pc
    2009-05-09 23:31:14 . 2009-05-09 23:31:14 0 d-----w C:\Windows\system32\FlashPlayer
    2009-05-09 22:46:38 . 2009-05-09 22:46:38 0 d-----w C:\Users\Laurza\AppData\Local\Bump Technologies, Inc
    2009-05-09 22:46:33 . 2009-05-09 22:46:33 0 d-----w C:\Users\Laurza\AppData\Roaming\Bump Technologies, Inc
    2009-05-09 22:40:42 . 2009-05-09 22:41:01 0 d-----w C:\Users\Laurza\AppData\Roaming\Q-Dir
    2009-05-09 22:08:34 . 2009-05-09 22:08:34 3006464 ----a-w C:\ProgramData\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\nous3.tls.dll
    2009-05-09 22:07:18 . 2009-05-09 22:07:18 495616 ----a-w C:\ProgramData\TuneUp Software\TuneUp Utilities\WinStyler\LogoAnimations\nous2.tla.dll
    2009-05-09 21:59:15 . 2009-05-09 21:59:15 604416 ----a-w C:\Windows\system32\TUProgSt.exe
    2009-05-09 21:59:03 . 2009-05-09 21:59:03 0 d-----w C:\Users\Laurza\AppData\Roaming\TuneUp Software
    2009-05-09 21:58:23 . 2009-05-09 21:58:23 0 d-----w C:\ProgramData\TuneUp Software
    2009-05-09 21:57:39 . 2009-05-09 21:57:39 0 d-sh--w C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
    2009-05-09 21:23:25 . 2008-04-26 14:14:22 42672 ----a-w C:\Windows\system32\wbsys.dll
    2009-05-09 21:23:25 . 2008-04-26 14:14:20 58792 ----a-w C:\Windows\system32\wbload.dll
    2009-05-09 21:01:01 . 2007-06-05 09:26:48 56496 ----a-w C:\Windows\system32\wbhelp2.dll
    2009-05-09 20:47:47 . 2009-05-17 23:04:58 615424 ----a-w C:\Windows\system32\themeui.dll
    2009-05-09 14:19:05 . 2009-05-09 14:19:05 0 d-----w C:\Users\Laurza\AppData\Roaming\Leadertech
    2009-05-09 14:14:57 . 2009-05-09 14:14:57 0 d-----w C:\Program Files\Atari
    2009-05-06 23:02:25 . 2009-05-06 23:02:25 0 d-----w C:\Users\Laurza\AppData\Roaming\GameInvest
    2009-05-06 21:31:18 . 2009-05-20 18:18:54 0 d-----w C:\Users\Laurza\AppData\Roaming\ValuSoft
    2009-05-06 20:04:14 . 2009-05-06 20:04:14 4096 ----a-w C:\Windows\d3dx.dat
    2009-05-06 19:02:12 . 2009-05-06 19:02:12 0 d-----w C:\Users\Laurza\AppData\Roaming\Home Sweet Home
    2009-05-06 17:39:30 . 2009-05-06 17:39:31 0 d-----w C:\Users\Laurza\AppData\Roaming\Farm Mania
    2009-05-06 16:38:23 . 2009-05-06 16:38:23 0 d-sh--w C:\Windows\ftpcache
    2009-05-06 16:17:14 . 2006-09-26 11:03:14 98304 ----a-w C:\Users\Laurza\AppData\Roaming\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
    2009-05-06 16:17:13 . 2009-05-06 16:17:19 0 d-----w C:\Users\Laurza\AppData\Roaming\Zylom
    2009-05-06 16:17:13 . 2006-09-26 11:03:14 161976 ----a-w C:\Users\Laurza\AppData\Roaming\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll
    2009-05-06 16:16:37 . 2009-05-06 23:43:37 0 d-----w C:\Users\Laurza\AppData\Local\Zylom Games
    2009-05-06 15:24:05 . 2009-05-06 15:24:06 0 d-----w C:\Program Files\HKO
    2009-05-05 19:59:11 . 2009-05-05 19:59:11 73 ----a-w C:\NUMER.BAT
    2009-05-05 19:58:35 . 2009-05-05 19:58:40 0 d-----w C:\NUMER400
    2009-05-03 18:19:03 . 2009-05-03 18:19:03 0 d-----w C:\Users\Laurza\AppData\Local\Rising
    2009-05-03 12:41:52 . 2009-05-03 12:41:39 19568 ----a-w C:\Windows\system32\drivers\rfwbase.sys
    2009-05-03 12:41:52 . 2009-05-03 12:41:39 19568 ----a-w C:\ProgramData\Rising\Rfw\rfwbase.sys
    2009-05-03 12:40:55 . 2009-05-06 23:39:25 0 d-s---r C:\RavBin
    2009-05-03 12:40:48 . 2009-05-03 12:41:48 0 d-----w C:\Program Files\CoGen Media
    2009-05-03 12:40:04 . 2009-05-03 12:41:39 0 d-----w C:\ProgramData\Rising
    2009-04-29 22:10:09 . 2009-04-29 22:10:09 0 d-----w C:\Users\Laurza\AppData\Roaming\Media Player Classic
    2009-04-29 10:46:33 . 2009-04-29 10:46:33 0 d-----w C:\ProgramData\2DBoy

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-05-26 23:38:11 . 2008-07-19 11:20:36 0 d--h--w C:\Program Files\InstallShield Installation Information
    2009-05-26 23:12:16 . 2008-12-04 17:16:48 7376 ----a-w C:\Users\Laurza\AppData\Local\d3d9caps.dat
    2009-05-26 20:44:56 . 2008-07-19 11:21:57 0 d-----w C:\Program Files\Common Files\Symantec Shared
    2009-05-26 20:42:28 . 2008-07-19 11:21:58 0 d-----w C:\ProgramData\Symantec
    2009-05-26 20:40:48 . 2009-02-06 22:36:32 0 d-----w C:\ProgramData\NortonInstaller
    2009-05-26 14:04:36 . 2008-10-10 15:46:34 0 d-----w C:\Program Files\Common Files\Adobe
    2009-05-26 13:24:50 . 2009-03-02 02:31:45 5120 ----a-w C:\Users\Laurza\AppData\Local\ImprovedAdsHelper.dat
    2009-05-26 11:33:13 . 2008-10-10 16:04:35 0 d-----w C:\Program Files\Common Files\Blizzard Entertainment
    2009-05-26 10:42:13 . 2008-11-08 21:54:12 0 d-----w C:\Users\Laurza\AppData\Roaming\LimeWire
    2009-05-25 23:21:47 . 2008-10-19 23:23:15 0 d-----w C:\Users\Laurza\AppData\Roaming\dvdcss
    2009-05-22 17:01:39 . 2008-04-16 11:16:08 672322 ----a-w C:\Windows\system32\perfh00C.dat
    2009-05-22 17:01:39 . 2008-04-16 11:16:08 124434 ----a-w C:\Windows\system32\perfc00C.dat
    2009-05-20 16:49:56 . 2008-11-19 19:11:57 0 d-----w C:\Users\Laurza\AppData\Roaming\PlayFirst
    2009-05-20 16:49:56 . 2008-11-19 19:11:57 0 d-----w C:\ProgramData\PlayFirst
    2009-05-20 11:17:09 . 2009-04-10 21:52:49 0 d-----w C:\Program Files\Common Files\PX Storage Engine
    2009-05-20 11:05:55 . 2009-04-02 21:16:38 0 d-----w C:\Users\Laurza\AppData\Roaming\Download Manager
    2009-05-17 23:04:58 . 2008-01-21 02:23:43 240128 ----a-w C:\Windows\system32\uxtheme.dll
    2009-05-14 10:22:55 . 2008-07-19 11:05:48 0 d-----w C:\ProgramData\Microsoft Help
    2009-05-14 10:19:52 . 2006-11-02 11:18:33 0 d-----w C:\Program Files\Windows Mail
    2009-05-12 17:12:48 . 2008-10-31 23:04:20 410984 ----a-w C:\Windows\system32\deploytk.dll
    2009-05-12 15:27:43 . 2008-11-18 19:05:43 0 d-----w C:\Program Files\Common Files\Wise Installation Wizard
    2009-05-12 15:26:42 . 2008-07-19 11:20:36 0 d-----w C:\Program Files\CyberLink
    2009-05-11 20:17:15 . 2009-03-07 17:38:51 0 d-----w C:\Program Files\AGEIA Technologies
    2009-05-10 02:02:59 . 2008-10-31 23:04:54 0 d-----w C:\Program Files\Google
    2009-05-10 01:54:11 . 2008-10-10 15:49:41 122624 ----a-w C:\Users\Laurza\AppData\Local\GDIPFONTCACHEV1.DAT
    2009-05-10 01:46:53 . 2008-11-20 21:10:49 0 d-----w C:\Users\Laurza\AppData\Roaming\Microsoft Games
    2009-05-10 01:46:53 . 2008-11-20 21:10:49 0 d-----w C:\ProgramData\Microsoft Games
    2009-05-10 01:46:50 . 2006-11-02 12:37:34 0 d-----w C:\Program Files\Microsoft Games
    2009-05-10 01:42:04 . 2009-04-23 20:25:56 0 d-----w C:\Program Files\NDSROM Player
    2009-05-09 22:39:46 . 2009-04-05 13:23:23 2828 --sha-w C:\Windows\system32\KGyGaAvL.sys
    2009-05-09 22:39:44 . 2009-04-05 13:23:23 88 --sha-r C:\Windows\system32\CE2200BEB1.sys
    2009-05-09 21:01:03 . 2009-02-01 22:40:23 0 d-----w C:\ProgramData\Stardock
    2009-05-09 14:46:37 . 2008-11-19 17:40:03 0 d-----w C:\Users\Laurza\AppData\Roaming\Atari
    2009-05-06 16:17:26 . 2009-03-09 00:35:04 0 d-----w C:\ProgramData\Zylom
    2009-04-29 22:24:29 . 2009-02-12 00:50:09 0 d-----w C:\Program Files\A table
    2009-04-29 22:22:20 . 2009-04-04 16:05:27 0 d-----w C:\Users\Laurza\AppData\Roaming\Studio-Scrap2
    2009-04-29 22:19:41 . 2009-01-02 05:12:26 0 d-----w C:\Program Files\MSN Messenger
    2009-04-29 22:15:29 . 2009-01-29 01:14:04 0 d-----w C:\Program Files\There
    2009-04-20 12:18:45 . 2009-01-04 02:38:10 0 d-----w C:\Users\Laurza\AppData\Roaming\vghd
    2009-04-11 10:32:19 . 2009-04-11 10:32:19 0 d-----w C:\Users\Laurza\AppData\Roaming\DivX
    2009-04-10 21:55:18 . 2009-04-10 21:55:18 0 d-----w C:\ProgramData\Megaupload
    2009-04-10 21:55:18 . 2009-04-10 21:55:18 0 d-----w C:\ProgramData\EmailNotifier
    2009-04-07 19:59:22 . 2009-04-07 19:59:22 0 d-----w C:\Program Files\MSXML 4.0
    2009-04-06 12:09:01 . 2009-04-05 13:29:04 0 d-----w C:\Users\Laurza\AppData\Roaming\Corel
    2009-04-05 13:28:02 . 2009-04-05 13:28:02 0 d-----w C:\ProgramData\Corel
    2009-04-05 13:26:58 . 2009-04-05 13:26:58 480848 ----a-w C:\ProgramData\pswi_preloaded.exe
    2009-04-05 13:26:58 . 2009-04-05 13:26:58 480848 ----a-w C:\ProgramData\pswi_preloaded.exe
    2009-04-04 16:26:19 . 2009-04-04 16:06:15 0 d-----w C:\ProgramData\Studio-Scrap2
    2009-04-04 16:05:57 . 2009-04-04 16:05:57 0 d-----w C:\Program Files\Tracker Software
    2009-04-02 23:04:57 . 2009-04-02 23:04:57 0 d-----w C:\ProgramData\FLEXnet
    2009-04-02 22:42:29 . 2009-04-02 22:42:29 32768 ----a-w C:\ProgramData\MGS\cache\_\_crt_keno.ed975aa9c9bb5e5ec89c8ffeee254e8a.dll
    2009-04-02 22:42:17 . 2009-04-02 22:42:17 32834 ----a-w C:\ProgramData\MGS\cache\_\_crt_baccarat.a090413d6195a12421945ded5707d93f.dll
    2009-04-02 22:40:06 . 2009-04-02 22:40:06 262416 ----a-w C:\ProgramData\MGS\cache\t\transition_temp.c6aaf42b66fa6688c8ea18a671984287.dll
    2009-04-02 22:40:06 . 2009-04-02 22:40:06 254224 ----a-w C:\ProgramData\MGS\cache\t\transition.26c3e2ce55c7cca8b63e5e8d7b4627e4.dll
    2009-04-02 22:40:06 . 2009-04-02 22:40:06 225280 ----a-w C:\ProgramData\MGS\cache\m\myslot.14d73c530d6c095843c7fbfb86364c4e.dll
    2009-04-02 22:40:06 . 2009-04-02 22:40:05 421888 ----a-w C:\ProgramData\MGS\cache\l\lua51host.4f93c8cce0c64b200821a73dd29068f6.dll
    2009-04-02 22:37:12 . 2009-04-02 22:37:12 114960 ----a-w C:\ProgramData\MGS\cache\t\type_5reelnormal3_4_5.07db0a5618a0565d7bde7a2766c54711.dll
    2009-04-02 22:35:16 . 2009-04-02 22:35:16 204905 ----a-w C:\ProgramData\MGS\cache\t\thunderstruck.0cc1be68d215832fa06fc779c0b3e069.dll
    2009-04-02 22:33:41 . 2009-04-02 22:33:41 225280 ----a-w C:\ProgramData\MGS\cache\m\mhbjgoldxxx.042cb38dc856800dc292666302eb33ed.dll
    2009-04-02 22:33:41 . 2009-04-02 22:33:41 126976 ----a-w C:\ProgramData\MGS\cache\m\mhbjstrategyui1.95a00a7e6658ab8736067b646ccd9783.dll
    2009-04-02 22:33:40 . 2009-04-02 22:33:40 413696 ----a-w C:\ProgramData\MGS\cache\m\mhbjgoldplugin.5d832144ec1b88e6caeb7446bbe13d54.dll
    2009-04-02 22:33:05 . 2009-04-02 22:33:05 94208 ----a-w C:\ProgramData\MGS\cache\b\bjgoldautoplayplugin.9eecf610ea29425ecba27ee4d82e5058.dll
    2009-04-02 22:33:05 . 2009-04-02 22:33:05 49152 ----a-w C:\ProgramData\MGS\cache\b\bjstrategylogic1.0ce35352c4c4658d12c59ec38c70398a.dll
    2009-04-02 22:33:05 . 2009-04-02 22:33:05 327680 ----a-w C:\ProgramData\MGS\cache\b\bjgoldplugin.77868ad6c41073f45be5eb8a5441c690.dll
    2009-04-02 22:33:05 . 2009-04-02 22:33:05 217088 ----a-w C:\ProgramData\MGS\cache\b\bjgoldxxx.49c3810d214dd99c8c9a10ec7d79ed46.dll
    2009-04-02 22:33:05 . 2009-04-02 22:33:05 126976 ----a-w C:\ProgramData\MGS\cache\b\bjstrategyui1.044e0fc76ee8cda8665503293a47d38a.dll
    2009-04-02 22:33:05 . 2009-04-02 22:33:05 102400 ----a-w C:\ProgramData\MGS\cache\b\bjgoldstatsplugin.6518eac98880e1c269feffe4b0025ca1.dll
    2009-04-02 22:32:41 . 2008-11-20 20:21:57 0 d-----w C:\Program Files\Common Files\Macrovision Shared
    2009-04-02 22:31:23 . 2009-04-02 22:31:23 114688 ----a-w C:\ProgramData\MGS\cache\e\euroroulette.fa2b524975a5d8bbc30203d094e2b084.dll
    2009-04-02 22:30:42 . 2009-04-02 22:30:42 380928 ----a-w C:\ProgramData\MGS\cache\s\superfun21blackjack.fc65bebd8cad283071824009b0f58e18.dll
    2009-04-02 22:30:35 . 2009-04-02 22:30:35 376832 ----a-w C:\ProgramData\MGS\cache\s\spanishblackjack.8c2ac90e8c4bbda7817e074b224d622e.dll
    2009-04-02 22:30:20 . 2009-04-02 22:30:20 73811 ----a-w C:\ProgramData\MGS\cache\_\_crt_mhblackjack.031a97dbfc22ce8c3c008e321e750432.dll
    2009-04-02 22:30:09 . 2009-04-02 22:30:09 229486 ----a-w C:\ProgramData\MGS\cache\c\classicblackjack.cd8f07669d8ad1880944c3c957f8a558.dll
    2009-04-02 22:29:18 . 2009-04-02 22:29:17 385024 ----a-w C:\ProgramData\MGS\cache\b\bonusblackjack.dab6343a296b066bd5fe18d7c7d9940f.dll
    2009-04-02 22:28:39 . 2009-04-02 22:28:39 311398 ----a-w C:\ProgramData\MGS\cache\m\mpvblackjacktourxxx.e4ccb563efd75763602af7373fbd8cec.dll
    2009-04-02 22:28:39 . 2009-04-02 22:28:39 303204 ----a-w C:\ProgramData\MGS\cache\m\mpvblackjackplugin.49e5f42fbdf0e1e2df5232e5ea419897.dll
    2009-04-02 22:28:14 . 2009-04-02 22:28:14 327784 ----a-w C:\ProgramData\MGS\cache\m\mpvtabletournamentlobby.fea1be7b63b308e9fdb6e8d4bd356052.dll
    2009-04-02 22:27:32 . 2009-04-02 22:27:32 323856 ----a-w C:\ProgramData\MGS\cache\h\hitmancontractbonus.339a969d902930975b3194643e289fc9.dll
    2009-04-02 22:27:32 . 2009-04-02 22:27:32 213264 ----a-w C:\ProgramData\MGS\cache\c\choosebonus.df815bbfb8ae7a29a353f0ae65e4af17.dll
    2009-04-02 22:23:22 . 2009-04-02 22:23:22 508176 ----a-w C:\ProgramData\MGS\cache\s\simplepickxofybonus_temp.556fffdfd1bc700038c0a1370a1eb004.dll
    2009-04-02 22:23:22 . 2009-04-02 22:23:22 499984 ----a-w C:\ProgramData\MGS\cache\s\simplepickxofybonus.4968e33b858e6c30beb0ac4b11a9c459.dll
    2009-04-02 19:18:32 . 2009-04-02 19:18:32 0 d-----w C:\ProgramData\Microgaming
    2009-03-17 03:38:46 . 2009-04-16 18:02:21 13824 ----a-w C:\Windows\system32\apilogen.dll
    2009-03-17 03:38:44 . 2009-04-16 18:02:21 24064 ----a-w C:\Windows\system32\amxread.dll
    2009-03-07 18:20:11 . 2009-03-07 18:20:11 413696 ----a-w C:\Windows\system32\wrap_oal.dll
    2009-03-07 18:20:11 . 2009-03-07 18:20:11 110592 ----a-w C:\Windows\system32\OpenAL32.dll
    2009-03-03 04:46:01 . 2009-04-16 18:02:29 3599328 ----a-w C:\Windows\system32\ntkrnlpa.exe
    2009-03-03 04:46:01 . 2009-04-16 18:02:28 3547632 ----a-w C:\Windows\system32\ntoskrnl.exe
    2009-03-03 04:40:12 . 2009-04-16 18:02:12 827392 ----a-w C:\Windows\system32\wininet.dll
    2009-03-03 04:39:36 . 2009-04-16 18:02:26 183296 ----a-w C:\Windows\system32\sdohlp.dll
    2009-03-03 04:39:32 . 2009-04-16 18:02:29 551424 ----a-w C:\Windows\system32\rpcss.dll
    2009-03-03 04:39:22 . 2009-04-16 18:02:26 26112 ----a-w C:\Windows\system32\printfilterpipelineprxy.dll
    2009-03-03 04:37:14 . 2009-04-16 18:02:11 78336 ----a-w C:\Windows\system32\ieencode.dll
    2009-03-03 04:37:11 . 2009-04-16 18:02:26 98304 ----a-w C:\Windows\system32\iasrecst.dll
    2009-03-03 04:37:11 . 2009-04-16 18:02:26 54784 ----a-w C:\Windows\system32\iasads.dll
    2009-03-03 04:37:11 . 2009-04-16 18:02:26 44032 ----a-w C:\Windows\system32\iasdatastore.dll
    2009-03-03 03:04:59 . 2009-04-16 18:02:27 666624 ----a-w C:\Windows\system32\printfilterpipelinesvc.exe
    2009-03-03 02:38:13 . 2009-04-16 18:02:26 17408 ----a-w C:\Windows\system32\iashost.exe
    2009-03-03 02:28:19 . 2009-04-16 18:02:11 26624 ----a-w C:\Windows\system32\ieUnatt.exe
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 17:51:28 3885408]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 02:25:11 125952]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 02:25:33 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 15:27:32 61440]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-23 05:27:27 815104]
    "ASUSTPE"="C:\Windows\system32\ASUSTPE.exe" [2006-12-12 22:06:42 106496]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-05-12 17:12:48 148888]
    "ClamWin"="C:\Program Files\ClamWin\bin\ClamTray.exe" [2009-04-14 10:52:58 86016]
    "NotebookHardwareControl"="C:\Program Files\Notebook Hardware Control\nhc.exe" [2007-05-04 16:16:18 2629632]
    "avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 11:08:11 209153]
    "RtHDVCpl"="RtHDVCpl.exe" - C:\Windows\RtHDVCpl.exe [2007-02-15 09:07:15 4390912]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
    "wave1"= serwvdrv.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{F1DB2673-B076-45F3-AC22-249D1AFFDEF4}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{5C3C8E60-DEBE-43B3-BD95-CD8D0F346598}"= UDP:443:TCP port 443 ooVoo
    "{8714C65E-2A07-4834-9F00-62EE93C120F8}"= TCP:443:UDP port 443 ooVoo
    "{C178A461-32AA-44EA-B739-E89D7B8A6E5D}"= UDP:37674:TCP port 37674 ooVoo
    "{61108E16-BE2F-44A0-94DF-1946ACAA1791}"= TCP:37674:UDP port 37674 ooVoo
    "{E7E3C27E-43E7-49CF-84F7-8CEC9C19CBEA}"= TCP:37675:UDP port 37675 ooVoo
    "{C05CF7E6-FE55-419F-8F66-1BD38B52055E}"= UDP:C:\Makena\There\ThereClient\There.exe:There
    "{27D7EBFC-5DEB-481F-9F90-8C633C720FE7}"= TCP:C:\Makena\There\ThereClient\There.exe:There
    "{13FC2998-D347-4E5E-864F-802059C2DA17}"= UDP:C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\s2gs.exe:Sacred 2 Game Server
    "{6FD98AC6-BBBD-4D30-9ACC-4016116F5255}"= TCP:C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\s2gs.exe:Sacred 2 Game Server
    "{446C84F1-6EC6-40B4-98AF-AD173B817936}"= UDP:C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\sacred2.exe:Sacred 2
    "{093ACD46-D776-40BE-B4D2-4781DB99FD09}"= TCP:C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\sacred2.exe:Sacred 2
    "{3D107361-0388-45E8-BE0E-DDEEDB78E1E8}"= UDP:5353:Adobe CSI CS4
    "{B031EA0A-FFC8-46CE-96E1-B8BCF26A25FB}"= UDP:C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
    "{367D42E7-72EC-4917-AB8E-07E5FFDDE68C}"= TCP:C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
    "{7A472840-9384-4C55-B16A-AA23AFCE9267}"= UDP:C:\Program Files\Sierra\FEAR\FEAR.exe:FEAR
    "{76FA084F-B0E5-406E-9632-2422B79124C4}"= TCP:C:\Program Files\Sierra\FEAR\FEAR.exe:FEAR
    "TCP Query User{E7DACB4D-9A52-4F81-9196-93E5775C41E0}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
    "UDP Query User{19F7AD16-7A5F-4120-B55A-32676211F53E}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
    "TCP Query User{DC643B01-868D-4DD8-981F-D35DC058CC66}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
    "UDP Query User{0E794E28-FC04-42C3-9023-8350AF777632}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
    "{D176CA50-80FD-4DA8-846F-32E6AF391047}"= UDP:C:\Program Files\Cyanide\Dungeon Party\DungeonParty.exe:D ungeon Party
    "{453F33A9-1906-4E2A-856F-4AE665B034CC}"= TCP:C:\Program Files\Cyanide\Dungeon Party\DungeonParty.exe:D ungeon Party
    "TCP Query User{AC4E7813-BB88-47CE-8FF1-EC5C8BF388C6}C:\\users\\public\\games\\world of warcraft\\launcher.exe"= UDP:C:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher
    "UDP Query User{AECE9353-3885-402C-AC41-CCC18594E58C}C:\\users\\public\\games\\world of warcraft\\launcher.exe"= TCP:C:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher
    "{AAFF466D-E06B-4072-91E2-3A0A2E9A16A4}"= UDP:C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-frFR-downloader.exe:Blizzard Downloader
    "{3B4CCAC2-10B8-4F30-AF0D-49A0727E4B62}"= TCP:C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-frFR-downloader.exe:Blizzard Downloader
    "{EFB0312E-6A0E-4848-B379-A94C643596CD}"= UDP:6882:Blizzard Downloader: 6882
    "{6BEB9569-7CEB-458E-87D4-12588763AA32}"= UDP:C:\Users\Laurza\AppData\Local\Temp\7zS7829.tmp\SymNRT.exe:Norton Removal Tool
    "{4C3B4341-A30C-4C0F-BE61-5D924784EE9E}"= TCP:C:\Users\Laurza\AppData\Local\Temp\7zS7829.tmp\SymNRT.exe:Norton Removal Tool

    R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;C:\Windows\System32\drivers\l260x86.sys [17/08/2007 8:00:59 28672]
    S2 AntiVirSchedulerService;Avira AntiVir Planificateur;C:\Program Files\Avira\AntiVir Desktop\sched.exe [26/05/2009 22:53:23 108289]
    S3 s916bus;Sony Ericsson Device 916 driver (WDM);C:\Windows\System32\drivers\s916bus.sys [15/12/2008 17:03:36 83496]
    S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;C:\Windows\System32\drivers\s916mdfl.sys [15/12/2008 17:03:36 15016]
    S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;C:\Windows\System32\drivers\s916mdm.sys [15/12/2008 17:03:36 109992]
    S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);C:\Windows\System32\drivers\s916mgmt.sys [15/12/2008 17:03:36 103976]
    S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;C:\Windows\System32\drivers\s916obex.sys [15/12/2008 17:03:36 100008]

    --- Autres Services/Pilotes en mémoire ---

    *Deregistered* - sptd

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
    msiexec /fums {6173A4FC-D42D-69A6-52CA-A30496389760} /qb

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
    .
    Contenu du dossier 'Tâches planifiées'

    2009-05-27 C:\Windows\Tasks\User_Feed_Synchronization-{B9051ECF-40C9-47DD-BD07-6F1A9E7B4C3C}.job
    - C:\Windows\system32\msfeedssync.exe [2008-01-21 02:24:52 . 2008-01-21 02:24:52]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    SafeBoot-procexp90.Sys


    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.be/
    IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
    DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab
    FF - ProfilePath - C:\Users\Laurza\AppData\Roaming\Mozilla\Firefox\Profiles\41vc18rr.default\
    FF - prefs.js: browser.search.selectedEngine -
    FF - prefs.js: browser.startup.homepage - www.google.be
    FF - prefs.js: keyword.URL - hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=

    ---- PARAMETRES FIREFOX ----
    FF - user.js: browser.xul.error_pages.enabled - false
    FF - user.js: network.http.max-connections-per-server - 6
    FF - user.js: network.http.max-persistent-connections-per-server - 3
    .

    c'est bien sa ? :whistle: 
    a c 296 8 Sécurité
    27 Mai 2009 05:12:28

    Oui.

    Des changements par rapport à AntiVir ?
    27 Mai 2009 19:55:00

    non toujours pas su mettre a jour le "Guard"
    a c 296 8 Sécurité
    27 Mai 2009 19:55:48

    Réinstalle AntiVir pour voir.
        • 1 / 2
        • 2
        • Dernier
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS