Se connecter / S'enregistrer
Votre question

Keygen dans mon ordinateur.

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
16 Février 2010 11:08:24

Bonjours, voila je joue actuellement a counter strike et je me fais souvent déconnecter, car il y a un keygen dans mon ordinnateur (je pense)
1: quand j'entre dans ma session, un logiciel nommé "winject" se lance automatiquement

2Malware byte a trouver 7 malware, dont 4 qu'il n'arrive pas a supprimer (Il y en a un qui se nomme, uUu.uUu, l'autre xXx.xXx, et l'autre je ne sais plus.) Voila j'aimerai avoir une réponse au plus vite, pour la sécurité de mon compte :s

2: Quand je vais dans processus (ctrl+alt+supr) Je vois qu'il y a 3 fois winlogon,winnlogon et winlogon1)
3: Les malware insuprimable (Uuu.uUu, xXx.xXx etc, si je les suprime manuellement, il réaparaisse 5 seconde aprés.)

Scan hitjack this:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:40, on 16/02/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\schtasks.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Thibault\AppData\Local\temp\svchstx.exe
C:\Users\Thibault\AppData\Local\temp\svchsts.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Thibault\AppData\Roaming\system23\winnlogon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Thibault\Desktop\jeux\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll (file missing)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [svchstx] C:\Users\Thibault\AppData\Local\Temp\svchstx.exe
O4 - HKCU\..\Run: [svchsts] C:\Users\Thibault\AppData\Local\Temp\svchsts.exe
O4 - HKCU\..\Run: [HKCU] C:\Users\Thibault\AppData\Roaming\install\Microsoft.exe
O4 - HKCU\..\Run: [Cerberus] C:\Users\Thibault\AppData\Roaming\system23\winnlogon.exe
O8 - Extra context menu item: Add to &Teleport - C:\Program Files\Teleport Pro\teleport.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O15 - Trusted Zone: http://www.laredoute.fr
O15 - Trusted Zone: http://www.paypal.fr
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} -
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} -
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

--
End of file - 10641 bytes

Autres pages sur : keygen ordinateur

a c 267 8 Sécurité
16 Février 2010 13:58:34

Bonjour,

Tu peux poster le rapport de MBAM ?

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\Rsit.
    16 Février 2010 14:02:26

    voila le scan:

    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3745
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 7.0.6002.18005

    16/02/2010 11:43:00
    mbam-log-2010-02-16 (11-43-00).txt

    Type de recherche: Examen rapide
    Eléments examinés: 125067
    Temps écoulé: 7 minute(s), 20 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 3

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Users\Thibault\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.
    C:\Users\Thibault\AppData\Local\temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Users\Thibault\AppData\Local\temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully.
    Contenus similaires
    16 Février 2010 14:05:10

    le scan log:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Thibault at 2010-02-16 14:03:10
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 117 GB (35%) free of 336 GB
    Total RAM: 2046 MB (47% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:03:29, on 16/02/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Windows\system32\schtasks.exe
    C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Users\Thibault\AppData\Local\temp\svchstx.exe
    C:\Users\Thibault\AppData\Local\temp\svchsts.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Windows\System32\mobsync.exe
    C:\Users\Thibault\AppData\Roaming\system23\winnlogon.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\hp\kbd\kbd.exe
    C:\Program Files\Steam\Steam.exe
    C:\Windows\system32\conime.exe
    C:\Users\Thibault\Desktop\jeux\VBGScan1.0\VBGScan.exe
    C:\Users\Thibault\AppData\Local\Temp\Bot.exe
    C:\Users\Thibault\AppData\Local\Temp\Bot.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Anti-keylogger\Anti-keylogger.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Thibault\Desktop\jeux\RSIT.exe
    C:\Users\Thibault\Desktop\jeux\Thibault.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll (file missing)
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [Anti-keylogger] C:\Program Files\Anti-keylogger\Anti-keylogger.exe /autorun
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [svchstx] C:\Users\Thibault\AppData\Local\Temp\svchstx.exe
    O4 - HKCU\..\Run: [svchsts] C:\Users\Thibault\AppData\Local\Temp\svchsts.exe
    O4 - HKCU\..\Run: [HKCU] C:\Users\Thibault\AppData\Roaming\install\Microsoft.exe
    O4 - HKCU\..\Run: [Cerberus] C:\Users\Thibault\AppData\Roaming\system23\winnlogon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O8 - Extra context menu item: Add to &Teleport - C:\Program Files\Teleport Pro\teleport.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O15 - Trusted Zone: http://www.laredoute.fr
    O15 - Trusted Zone: http://www.paypal.fr
    O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} -
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} -
    O23 - Service: Anti-keylogger Service (akl_svc) - Unknown owner - C:\Program Files\Anti-keylogger\akl_svc.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\bin\apache\apache2.2.11\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

    --
    End of file - 11283 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{A072B724-1895-4BC5-9A2A-3F81BDAE87E2}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-09 263280]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-23 764912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {E0E899AB-F487-11D5-8D29-0050BA6940E3}
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-09 263280]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
    "hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
    "KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
    "OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
    "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24 71176]
    "SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-04-07 54936]
    "LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984]
    "LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-10-25 2178832]
    "SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe []
    "ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe []
    "avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-02-11 2756488]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    "SpybotSnD"=C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe [2009-01-26 5365592]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000]
    "Anti-keylogger"=C:\Program Files\Anti-keylogger\Anti-keylogger.exe [2009-04-21 395776]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"=C:\Windows\SMINST\launcher.exe [2007-04-03 44168]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-21 39408]
    "svchstx"=C:\Users\Thibault\AppData\Local\Temp\svchstx.exe [2010-02-12 56424]
    "svchsts"=C:\Users\Thibault\AppData\Local\Temp\svchsts.exe [2010-02-12 31848]
    "HKCU"=C:\Users\Thibault\AppData\Roaming\install\Microsoft.exe [2010-02-14 733184]
    "Cerberus"=C:\Users\Thibault\AppData\Roaming\system23\winnlogon.exe [2006-03-12 745472]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
    "C:\Program Files\Combat Arms\CombatArms.exe"="C:\Program Files\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Program Files\Combat Arms\Engine.exe"="C:\Program Files\Combat Arms\Engine.exe:*Enabled:Engine.exe"
    "C:\Program Files\Combat Arms EU\CombatArms.exe"="C:\Program Files\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Program Files\Combat Arms EU\Engine.exe"="C:\Program Files\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======List of files/folders created in the last 1 months======

    2010-02-16 14:03:10 ----D---- C:\rsit
    2010-02-16 11:57:52 ----D---- C:\Program Files\Anti-keylogger
    2010-02-14 11:45:34 ----D---- C:\Users\Thibault\AppData\Roaming\install
    2010-02-12 17:15:50 ----RSHD---- C:\Users\Thibault\AppData\Roaming\system23
    2010-02-10 13:28:30 ----A---- C:\Windows\system32\ntoskrnl.exe
    2010-02-10 13:28:30 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2010-02-10 13:28:24 ----A---- C:\Windows\system32\tsbyuv.dll
    2010-02-10 13:28:24 ----A---- C:\Windows\system32\quartz.dll
    2010-02-10 13:28:24 ----A---- C:\Windows\system32\msyuv.dll
    2010-02-10 13:28:24 ----A---- C:\Windows\system32\msvidc32.dll
    2010-02-10 13:28:24 ----A---- C:\Windows\system32\msrle32.dll
    2010-02-10 13:28:24 ----A---- C:\Windows\system32\mciavi32.dll
    2010-02-10 13:28:24 ----A---- C:\Windows\system32\iyuv_32.dll
    2010-02-10 13:28:23 ----A---- C:\Windows\system32\msvfw32.dll
    2010-02-10 13:28:23 ----A---- C:\Windows\system32\avifil32.dll
    2010-02-06 19:56:47 ----D---- C:\Program Files\Vista Anti-Lag
    2010-02-06 16:46:10 ----D---- C:\Program Files\NVIDIA Corporation
    2010-02-06 16:44:31 ----A---- C:\Windows\system32\OpenCL.dll
    2010-02-06 16:44:30 ----A---- C:\Windows\system32\nvwgf2um.dll
    2010-02-06 16:44:30 ----A---- C:\Windows\system32\nvoglv32.dll
    2010-02-06 16:44:29 ----A---- C:\Windows\system32\nvcuvid.dll
    2010-02-06 16:44:27 ----A---- C:\Windows\system32\nvcuvenc.dll
    2010-02-06 16:44:27 ----A---- C:\Windows\system32\nvcuda.dll
    2010-02-06 16:44:27 ----A---- C:\Windows\system32\nvcompiler.dll
    2010-02-06 16:44:27 ----A---- C:\Windows\system32\nvcod189.dll
    2010-02-06 16:44:27 ----A---- C:\Windows\system32\nvcod.dll
    2010-02-06 16:44:24 ----D---- C:\NVIDIA
    2010-02-04 20:35:38 ----D---- C:\Program Files\Dofus
    2010-02-04 12:11:11 ----D---- C:\Program Files\EasyPHP5.3.0
    2010-02-01 22:29:54 ----D---- C:\Users\Thibault\AppData\Roaming\VoipBuster
    2010-02-01 22:23:58 ----D---- C:\Program Files\VoipBuster.com
    2010-01-25 14:26:09 ----A---- C:\Windows\system32\libmysql_c.dll
    2010-01-25 14:19:34 ----D---- C:\Program Files\wamp
    2010-01-25 10:01:37 ----A---- C:\Windows\RTKAUDIOSERVICE.EXE
    2010-01-25 10:01:06 ----A---- C:\Windows\system32\SRSWOW.dll
    2010-01-25 10:01:05 ----A---- C:\Windows\system32\RtkPgExt.dll
    2010-01-25 10:01:05 ----A---- C:\Windows\system32\RtkCoInst.dll
    2010-01-25 10:01:05 ----A---- C:\Windows\RtlUpd.exe
    2010-01-25 10:01:05 ----A---- C:\Windows\RtHDVCpl.exe
    2010-01-25 09:58:14 ----D---- C:\Users\Thibault\AppData\Roaming\Hewlett-Packard
    2010-01-25 09:54:27 ----D---- C:\Users\Thibault\AppData\Roaming\WinBatch
    2010-01-25 09:50:04 ----D---- C:\swsetup
    2010-01-22 17:40:51 ----A---- C:\Windows\system32\wininet.dll
    2010-01-22 17:40:51 ----A---- C:\Windows\system32\mshtml.dll
    2010-01-22 17:40:49 ----A---- C:\Windows\system32\urlmon.dll
    2010-01-22 17:40:48 ----A---- C:\Windows\system32\ieframe.dll
    2010-01-22 17:40:46 ----A---- C:\Windows\system32\ieui.dll
    2010-01-22 17:40:45 ----A---- C:\Windows\system32\iepeers.dll
    2010-01-22 17:40:44 ----A---- C:\Windows\system32\ieencode.dll
    2010-01-22 17:40:42 ----A---- C:\Windows\system32\ieapfltr.dll
    2010-01-22 17:25:15 ----A---- C:\Windows\system32\aswBoot.exe
    2010-01-21 20:05:01 ----A---- C:\Windows\system32\ava6652.tmp
    2010-01-21 20:05:00 ----A---- C:\Windows\system32\asw6585.tmp
    2010-01-21 19:46:44 ----A---- C:\Windows\system32\ava8804.tmp
    2010-01-21 19:46:43 ----A---- C:\Windows\system32\asw8593.tmp
    2010-01-21 17:33:02 ----D---- C:\ProgramData\Alwil Software
    2010-01-21 17:16:51 ----D---- C:\$RECYCLE.BIN
    2010-01-21 16:55:30 ----A---- C:\Windows\zip.exe
    2010-01-21 16:55:30 ----A---- C:\Windows\SWREG.exe
    2010-01-21 16:55:30 ----A---- C:\Windows\sed.exe
    2010-01-21 16:55:30 ----A---- C:\Windows\PEV.exe
    2010-01-21 16:55:30 ----A---- C:\Windows\NIRCMD.exe
    2010-01-21 16:55:30 ----A---- C:\Windows\MBR.exe
    2010-01-21 16:55:30 ----A---- C:\Windows\grep.exe
    2010-01-21 16:55:29 ----A---- C:\Windows\SWSC.exe
    2010-01-21 16:54:40 ----D---- C:\Windows\ERDNT
    2010-01-21 16:52:12 ----D---- C:\Qoobox
    2010-01-21 16:51:54 ----A---- C:\Windows\SWXCACLS.exe
    2010-01-19 20:54:53 ----D---- C:\Ad-Remover
    2010-01-19 17:30:32 ----D---- C:\Users\Thibault\AppData\Roaming\Malwarebytes
    2010-01-19 17:30:24 ----D---- C:\ProgramData\Malwarebytes
    2010-01-19 17:30:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-01-18 17:40:16 ----D---- C:\Program Files\trend micro
    2010-01-17 21:34:52 ----D---- C:\Program Files\Navilog1
    2010-01-17 21:32:23 ----HD---- C:\Program Files\winlogon
    2010-01-17 17:50:28 ----D---- C:\Program Files\Mumble
    2010-01-17 17:49:40 ----D---- C:\Users\Thibault\AppData\Roaming\Mumble
    2010-01-17 14:12:19 ----HDC---- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
    2010-01-17 14:12:00 ----D---- C:\ProgramData\Lavasoft
    2010-01-17 14:12:00 ----D---- C:\Program Files\Lavasoft

    ======List of files/folders modified in the last 1 months======

    2010-02-16 14:03:21 ----D---- C:\Windows\Temp
    2010-02-16 12:55:39 ----D---- C:\Program Files\Steam
    2010-02-16 11:59:00 ----SHD---- C:\Windows\Installer
    2010-02-16 11:57:57 ----D---- C:\Windows\system32\drivers
    2010-02-16 11:57:52 ----D---- C:\Program Files
    2010-02-16 11:57:39 ----SHD---- C:\System Volume Information
    2010-02-16 11:51:25 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2010-02-16 11:49:57 ----D---- C:\Windows\SMINST
    2010-02-16 11:49:52 ----D---- C:\ProgramData\NVIDIA
    2010-02-16 11:49:20 ----D---- C:\Program Files\Spybot - Search & Destroy
    2010-02-16 11:46:43 ----D---- C:\Windows
    2010-02-16 11:43:04 ----D---- C:\Windows\tracing
    2010-02-16 11:09:29 ----D---- C:\Windows\Performance
    2010-02-16 10:04:10 ----D---- C:\Windows\Debug
    2010-02-15 22:00:26 ----D---- C:\Windows\Prefetch
    2010-02-15 11:41:15 ----D---- C:\Windows\SoftwareDistribution
    2010-02-12 19:59:58 ----D---- C:\Windows\System32
    2010-02-12 17:00:32 ----A---- C:\Windows\system32\PnkBstrB.exe
    2010-02-12 13:01:27 ----D---- C:\Users\Thibault\AppData\Roaming\Azureus
    2010-02-12 10:34:56 ----D---- C:\Windows\winsxs
    2010-02-12 10:23:29 ----D---- C:\Windows\system32\catroot
    2010-02-11 23:20:43 ----D---- C:\Program Files\Windows Mail
    2010-02-11 11:02:11 ----D---- C:\Windows\system32\MpEngineStore
    2010-02-10 13:28:15 ----D---- C:\Windows\system32\catroot2
    2010-02-08 20:31:39 ----D---- C:\Program Files\Mozilla Firefox
    2010-02-06 16:51:00 ----D---- C:\Windows\inf
    2010-02-06 16:50:15 ----D---- C:\ProgramData
    2010-02-06 16:48:15 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2010-02-06 16:48:13 ----D---- C:\Program Files\AGEIA Technologies
    2010-02-04 17:35:33 ----D---- C:\Program Files\Dofus1
    2010-02-04 15:11:17 ----D---- C:\Program Files\Warcraft III
    2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
    2010-01-28 19:11:26 ----D---- C:\Program Files\DofusArena2
    2010-01-28 18:50:40 ----D---- C:\Program Files\Kalypso
    2010-01-26 17:40:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2010-01-25 14:26:07 ----D---- C:\Program Files\PremiumSoft
    2010-01-25 10:32:25 ----D---- C:\Program Files\Common Files\Steam
    2010-01-25 10:01:30 ----D---- C:\Windows\system32\RTCOM
    2010-01-25 10:01:07 ----A---- C:\Windows\DIFxAPI.dll
    2010-01-25 10:01:05 ----D---- C:\Program Files\Realtek
    2010-01-25 09:58:14 ----D---- C:\Program Files\Hewlett-Packard
    2010-01-25 09:54:30 ----D---- C:\hp
    2010-01-25 09:50:48 ----D---- C:\Program Files\HP
    2010-01-22 17:18:56 ----D---- C:\Windows\system32\config
    2010-01-22 17:18:45 ----HD---- C:\Windows\system32\GroupPolicy
    2010-01-22 17:18:45 ----D---- C:\Windows\Tasks
    2010-01-22 17:18:45 ----D---- C:\Windows\system32\Tasks
    2010-01-22 17:18:45 ----D---- C:\Windows\system32\spool
    2010-01-22 17:18:45 ----D---- C:\Windows\system32\Msdtc
    2010-01-22 17:18:44 ----D---- C:\Windows\system32\wbem
    2010-01-22 17:18:44 ----D---- C:\Windows\registration
    2010-01-21 17:33:02 ----D---- C:\Program Files\Alwil Software
    2010-01-21 17:17:06 ----A---- C:\Windows\system.ini
    2010-01-21 17:14:17 ----D---- C:\Boot
    2010-01-21 17:05:47 ----D---- C:\Windows\AppPatch
    2010-01-21 17:05:46 ----D---- C:\Program Files\Common Files
    2010-01-18 18:10:58 ----D---- C:\Program Files\Postal2STP
    2010-01-17 18:32:11 ----SD---- C:\Users\Thibault\AppData\Roaming\Microsoft

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-02-11 23376]
    R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-02-11 162512]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-02-11 46672]
    R1 krnl_akl;Anti-keylogger Kernel Service; \??\C:\Windows\system32\drivers\krnl_akl.sys [2009-04-21 360960]
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-02-11 19024]
    R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-02-11 51792]
    R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
    R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624]
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
    R3 netr73;Linksys Compact Wireless-G USB Adapter Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2006-12-29 247808]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-03 1065384]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-01-12 11586280]
    R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000]
    R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
    R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
    S2 zntport;NTPort Library Driver; \??\C:\Windows\system32\zntport.sys []
    S3 ap1grjen;ap1grjen; C:\Windows\system32\drivers\ap1grjen.sys []
    S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
    S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976]
    S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
    S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2009-11-07 32768]
    S3 UMPass;Pilote Microsoft UMPass; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-19 7680]
    S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
    S3 WINIO;WINIO; \??\C:\Program Files\Speed Gear\winio.sys []
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
    S3 xnacc;Contrôleur XBOX 360 pour le service de pilote Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2008-01-19 521216]
    S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 56448]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 akl_svc;Anti-keylogger Service; C:\Program Files\Anti-keylogger\akl_svc.exe [2009-04-21 59904]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
    R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
    R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-05-24 61440]
    R2 LexBceS;LexBce Server; C:\Windows\System32\LEXBCES.EXE [2002-10-14 303104]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-04-13 73728]
    R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904]
    R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-11-30 75064]
    R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-02-12 190160]
    R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-01-11 240232]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
    S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]
    S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-01 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-05-11 887544]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-01-24 326792]
    S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-05-03 74656]
    S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 wampapache;wampapache; C:\Program Files\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
    S3 wampmysqld;wampmysqld; C:\Program Files\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]

    -----------------EOF-----------------
    16 Février 2010 14:05:48

    le infos:

    info.txt logfile of random's system information tool 1.06 2010-02-16 14:03:36

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->MsiExec /X{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}
    7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
    ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
    Adobe Acrobat 4.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
    Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 8.1.6 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
    Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
    Age of Chivalry-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17510
    Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
    ALO AVI MPEG WMV 3GP MP4 iPod PSP Converter 6.3-->"C:\Program Files\ALO SOFT\ALO AVI MPEG WMV 3GP MP4 iPod PSP Converter\unins000.exe"
    AnalogX Proxy-->C:\Program Files\AnalogX\Proxy\proxyu.exe
    Anti-keylogger-->MsiExec.exe /I{B8D1E182-53D7-491B-805E-007846100813}
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
    AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
    BearShare-->"C:\Program Files\BearShare Applications\BearShare\UninstallSurvey.exe" "C:\Program Files\BearShare Applications\BearShare\UnwiseLauncher.exe" /A "C:\Program Files\BearShare Applications\BearShare\INSTALL.LOG"
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
    Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Dofus 1.28.0-->C:\Program Files\Dofus\uninstall.exe
    Dofus-->msiexec /qb /x {5EBF7AAB-98C5-2C43-0844-4BD9B9FCA7AD}
    Dofus-->MsiExec.exe /I{5EBF7AAB-98C5-2C43-0844-4BD9B9FCA7AD}
    Dofus-Arena-->C:\Program Files\DofusArena2\uninstall.exe
    DofusBeta 1.27.0-->C:\Program Files\DofusBeta\uninstall.exe
    DolbyFiles-->MsiExec.exe /X{b1adf008-e898-4fe2-8a1f-690d9a06acaf}
    EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
    FIFA 09-->MsiExec.exe /X{2315B23D-3E21-4920-837D-AE6460934ECB}
    FUJIFILM FinePixViewer S Ver.2.1-->C:\Program Files\InstallShield Installation Information\{88B32652-CAE0-4909-A463-5840D2689D93}\setup.exe -runfromtemp -l0x040c -removeonly
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    HP Active Support Library 32 bit components-->MsiExec.exe /I{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}
    HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}\setup.exe -runfromtemp -l0x0409
    HP Advisor-->MsiExec.exe /X{73A43E42-3658-4DD9-8551-FACDA3632538}
    HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
    HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
    HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
    HP On-Screen Cap/Num/Scroll Lock Indicator-->C:\Windows\system32\OsdRemove.exe
    HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
    HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
    HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
    HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
    HyperCam 2-->"C:\Program Files\HyCam2\UnHyCam2.exe"
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    Insurgency-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17700
    IsoBuster 2.5-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
    JAP-->C:\Program Files\JAP\uninstall.exe
    Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    K-Lite Codec Pack 4.0.0 (Standard)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    La Bataille pour la Terre du Milieu(tm)-->C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu(tm)\EAUninstall.exe
    La Bataille pour la Terre du Milieu™ II-->C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\EAUninstall.exe
    L'Avènement du Roi-sorcier™-->C:\Program Files\Electronic Arts\L'Avènement du Roi-sorcier\EAUninstall.exe
    Le Seigneur des Anneaux® - L’Age des Conquêtes™-->MsiExec.exe /X{628C3D50-F524-4C49-A958-672CE7953756}
    Left 4 Dead 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/550
    Left 4 Dead-->"C:\Program Files\Steam\steam.exe" steam://uninstall/500
    LightScribe System Software-->MsiExec.exe /X{2EC502F7-CBB0-44F8-8F5D-C9A6FC1E5A2A}
    Logitech QuickCam-->MsiExec.exe /X{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}
    LogMeIn Hamachi-->C:\Windows\system32\\msiexec.exe /i {067EC517-9731-43FD-B4D5-296EE0027BBB} REMOVE=ALL
    LogMeIn Hamachi-->MsiExec.exe /I{067EC517-9731-43FD-B4D5-296EE0027BBB}
    Magic ISO Maker v5.5 (build 0276)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Menu Templates - Starter Kit-->MsiExec.exe /X{b78120a0-cf84-4366-a393-4d0a59bc546c}
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Age of Empires II : The Conquerors Expansion-->"C:\Program Files\Microsoft Games\Age of Empires II\UNINSTALX.EXE" /runtemp /addremove
    Microsoft Age of Empires II-->"C:\Program Files\Microsoft Games\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
    Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
    Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}
    Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
    Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Movie Templates - Starter Kit-->MsiExec.exe /X{e498385e-1c51-459a-b45f-1721e37aa1a0}
    Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Multutide-Bot-->MsiExec.exe /I{23DCF9BA-E136-41DF-962B-C45F94A23D33}
    Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe
    muvee autoProducer 6.0-->C:\Program Files\InstallShield Installation Information\{14AF024E-2E3B-49D0-A175-D1C1A06B155A}\setup.exe -runfromtemp -l0x040c -removeonly
    MyNetflix-->MsiExec.exe /X{AD7A2DD6-8B66-4BD2-9840-CCE6C1F7A2A2}
    NCsoft Launcher-->C:\Program Files\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x040c -removeonly
    Nero 9 Trial-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-A095-92AW-3TEZ-8MT6-H195-CZCX-53W8"
    Nero BurnRights-->MsiExec.exe /X{7829db6f-a066-4e40-8912-cb07887c20bb}
    Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
    Nero CoverDesigner-->MsiExec.exe /X{62ac81f6-bdd3-4110-9d36-3e9eaab40999}
    Nero Disc Copy Gadget-->MsiExec.exe /X{f1861f30-3419-44db-b2a1-c274825698b3}
    Nero DiscSpeed-->MsiExec.exe /X{869200db-287a-4dc0-b02b-2b6787fbcd4c}
    Nero DriveSpeed-->MsiExec.exe /X{33cf58f5-48d8-4575-83d6-96f574e4d83a}
    Nero InfoTool-->MsiExec.exe /X{fbcdfd61-7dcf-4e71-9226-873ba0053139}
    Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
    Nero Live-->MsiExec.exe /X{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}
    Nero PhotoSnap-->MsiExec.exe /X{9e82b934-9a25-445b-b8df-8012808074ac}
    Nero Recode-->MsiExec.exe /X{359cfc0a-beb1-440d-95ba-cf63a86da34f}
    Nero Rescue Agent-->MsiExec.exe /X{368ba326-73ad-4351-84ed-3c0a7a52cc53}
    Nero ShowTime-->MsiExec.exe /X{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}
    Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
    Nero Vision-->MsiExec.exe /X{43e39830-1826-415d-8bae-86845787b54b}
    Nero WaveEditor-->MsiExec.exe /X{a209525b-3377-43f4-b886-32f6b6e7356f}
    NeroBurningROM-->MsiExec.exe /X{d025a639-b9c9-417d-8531-208859000af8}
    NeroExpress-->MsiExec.exe /X{595a3116-40bb-4e0f-a2e8-d7951da56270}
    NeroLiveGadget-->MsiExec.exe /X{9e9fdde6-2c26-492a-85a0-05646b3f2795}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Notepad++-->C:\Program Files\Notepad++\uninstall.exe
    NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
    NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
    NVIDIA PhysX-->MsiExec.exe /X{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}
    NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
    Orange - Logiciels Internet-->C:\Program Files\Orange\installation\core\Installgui.exe -u
    OtsTurntables Free 1.00.027-->"C:\Windows\OTS_UI.EXE" "C:\OtsLabs\OtsTTfre.osi"
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Outils de diagnostic du matériel-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
    PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
    Pivot Stickfigure Animator-->MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}
    Postal 2 Demo-->C:\Windows\unvise32.exe C:\Program Files\Postal 2 Demo\uninstal.log
    Postal 2 STP - Free Multiplayer Edition-->C:\Windows\unvise32.exe C:\Program Files\Postal2STP\uninstal.log
    PowerBatch 6-->"C:\Program Files\Astase\PowerBatch\unins000.exe"
    PremiumSoft Navicat 8.0 for MySQL-->"C:\Program Files\PremiumSoft\Navicat 8.0 MySQL\unins000.exe"
    PremiumSoft Navicat 8.2 for MySQL-->"C:\Program Files\PremiumSoft\Navicat 8.2 MySQL\unins000.exe"
    PremiumSoft Navicat Lite 8.2-->"C:\Program Files\PremiumSoft\Navicat Lite 8.2\unins000.exe"
    PunkBuster Services-->C:\Windows\system32\pbsvc_heroes.exe -u
    Python 2.5-->MsiExec.exe /I{0A2C5854-557E-48C8-835A-3B9F074BDCAA}
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
    Reg (DOFUS Audio Subsystem)-->msiexec /qb /x {3F900346-A316-BA88-B83C-2513F1260AD7}
    Reg (DOFUS Audio Subsystem)-->MsiExec.exe /I{3F900346-A316-BA88-B83C-2513F1260AD7}
    Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
    Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}
    Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
    Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
    Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}
    Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
    Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}
    Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Roxio MyDVD Basic v9-->MsiExec.exe /X{938B1CD7-7C60-491E-AA90-1F1888168240}
    SAMSUNG CDMA Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Solution de clavier multimédia amélioré-->C:\HP\KBD\Ins
    a c 267 8 Sécurité
    16 Février 2010 14:17:27

  • Télécharge SystemLook sur ton Bureau.
  • Clique droit sur SystemLook.exe et choisis Exécuter en tant qu'administrateur.
  • Copie-colle le contenu du cadre ci-dessous dans la zone texte de SystemLook :

    :dir
    C:\Users\Thibault\AppData\Roaming\install
    C:\Users\Thibault\AppData\Roaming\system23

  • Clique sur le bouton Look pour démarrer l'examen.
  • A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
    Note : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt
    16 Février 2010 14:28:55

    voila:

    SystemLook v1.0 by jpshortstuff (11.01.10)
    Log created at 14:28 on 16/02/2010 by Thibault (Administrator - Elevation successful)

    ========== dir ==========

    C:\Users\Thibault\AppData\Roaming\install - Parameters: "(none)"

    ---Files---
    Microsoft.exe --a--- 733184 bytes [10:45 14/02/2010] [10:45 14/02/2010]

    ---Folders---
    None found.

    C:\Users\Thibault\AppData\Roaming\system23 - Parameters: "(none)"

    ---Files---
    logs.dat --ah-- 14095 bytes [11:23 30/05/2005] [11:23 30/05/2005]
    plugin.dat -rahs- 581632 bytes [07:21 21/03/2006] [07:21 21/03/2006]
    winnlogon.exe -rahs- 745472 bytes [06:12 12/03/2006] [06:12 12/03/2006]

    ---Folders---
    None found.

    -=End Of File=-
    a c 267 8 Sécurité
    16 Février 2010 14:45:24

    1/

  • Démarre Spybot, clique sur Mode, coche Mode avancé.
  • A gauche, clique sur Outils, puis sur Résident.
  • Décoche la case devant Résident "TeaTimer" :

  • Quitte Spybot.


    2/

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{E0E899AB-F487-11D5-8D29-0050BA6940E3}"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "svchstx"=-
    "svchsts"=-
    "HKCU"=-
    "Cerberus"=-

    :files
    C:\Users\Thibault\AppData\Roaming\install
    C:\Users\Thibault\AppData\Roaming\system23

    :commands
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    16 Février 2010 15:16:24

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{E0E899AB-F487-11D5-8D29-0050BA6940E3} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0E899AB-F487-11D5-8D29-0050BA6940E3}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\svchstx deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\svchsts deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Cerberus deleted successfully.
    ========== FILES ==========
    C:\Users\Thibault\AppData\Roaming\install folder moved successfully.
    C:\Users\Thibault\AppData\Roaming\system23 folder moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Mcx1
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: Supermoi
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 3908994 bytes
    ->Java cache emptied: 13689508 bytes
    ->FireFox cache emptied: 97242473 bytes

    User: Thibault
    ->Temp folder emptied: 1421648 bytes
    ->Temporary Internet Files folder emptied: 9211371 bytes
    ->Java cache emptied: 53801651 bytes
    ->FireFox cache emptied: 82833613 bytes
    ->Google Chrome cache emptied: 37544565 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 155845 bytes
    %systemroot%\System32 .tmp files removed: 383040 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 530643 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 29931214 bytes
    %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 13690539 bytes
    RecycleBin emptied: 148606843 bytes

    Total Files Cleaned = 470,00 mb


    OTM by OldTimer - Version 3.1.8.0 log created on 02162010_150653

    Files moved on Reboot...
    File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
    a c 267 8 Sécurité
    16 Février 2010 15:20:15

    Bien, refais un scan avec Malwarebytes' Anti-Malware puis poste le rapport.
    16 Février 2010 15:31:12

    il trouve encore 2 malware:

    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3745
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 7.0.6002.18005

    16/02/2010 15:30:00
    mbam-log-2010-02-16 (15-30-00).txt

    Type de recherche: Examen rapide
    Eléments examinés: 124959
    Temps écoulé: 7 minute(s), 44 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Users\Thibault\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.
    a c 267 8 Sécurité
    16 Février 2010 15:33:38

  • Relance MBAM, va dans Quarantaine et supprime tout.

    Tu as déjà testé l'antivirus AntiVir ?
    16 Février 2010 15:35:31

    J'ai avast 5, Je ne sais pas quel antivirus est le mieux, entre avast et antivir.
    16 Février 2010 15:40:55

    raltoufou a dit :
    Bonjours, voila je joue actuellement a counter strike et je me fais souvent déconnecter, car il y a un keylogger dans mon ordinnateur (je pense)



    Un keygen c'est un générateur de clé^^
    16 Février 2010 15:41:23

    Keylogger ^^ je me suis tromper
    a c 267 8 Sécurité
    16 Février 2010 15:43:11

    Pour moi, c'est AntiVir.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS