Se connecter / S'enregistrer
Votre question

Comment suprimer Gibmed.B.3????

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
31 Janvier 2010 03:14:01

Bonjour, donc voila, j'ai un petit virus sur mon pc se nommant Gibmed.B.3 (c'est d'ailleur pas le seul virus que j'ai).
Je galere un peu a la virer.
en lisant un autre sujet sur ce forum, mais malheuresement pas achevé, j'ai pris l'initiative d'installer Malwarebytes', et de faire une analyse (voir reponse ci-desous)
Pouvez vous m'aidez a m'en débarasser?
Merci d'avance.

Autres pages sur : suprimer gibmed

31 Janvier 2010 03:14:45

voici l'analyse faite avec Malwarebytes': (a la suite de quoi j'ai suprimé la quarantaine et est redemarer le system)

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3665
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

31/01/2010 03:09:37
mbam-log-2010-01-31 (03-09-37).txt

Type de recherche: Examen rapide
Eléments examinés: 130323
Temps écoulé: 7 minute(s), 11 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 15

Processus mémoire infecté(s):
C:\Users\PARENTS\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{1d4db7d3-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c14e6230-757d-4246-81ce-b34e2940c722} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winsvc (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\BIFROST1.2 (Backdoor.Bifrose) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IGB (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winusr (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bend logo clock film (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\ProgramData\Frag great bend logo (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\POL (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Users\PARENTS\Local Settings\Application Data\symsu_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\PARENTS\Local Settings\Application Data\symsu_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\PARENTS\Local Settings\Application Data\symsu.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\PARENTS\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-1908288780-3657467650-1890825559-1001\$RE99ND2.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\ProgramData\Frag great bend logo\Love Play.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\POL\akv.cfg (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\POL\key.bin (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\POL\POL.001 (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\POL\POL.002 (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\POL\POL.005 (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\POL\POL.009 (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\minftnet.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\PARENTS\AppData\Local\Temp\mspass.exe (HackTool.Agent) -> Quarantined and deleted successfully.
a c 267 8 Sécurité
31 Janvier 2010 10:09:04

Bonjour,

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Désactive l'UAC le temps de la désinfection.

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option L.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Contenus similaires
    31 Janvier 2010 13:57:25

    Merci a toi Destrio5
    résultat de l'analyse de Ad-Remover:

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 29.01.2010 à 16:43
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 13:39:25, 31/01/2010 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Ad-Remover\
    Système d'exploitation: Microsoft® Windows Vista™ HomePremium Service Pack 2 v6.0.6001
    Nom du PC: XXXXX | Utilisateur actuel: PARENTS
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    Service: *ASKService*
    Service: *ASKUpgrade*

    C:\Users\PARENTS\AppData\Roaming\Mozilla\FireFox\Profiles\mhn84evu.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Poker
    C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Games-Attack
    C:\Program Files\AGI
    C:\Program Files\AskBarDis
    C:\Program Files\Everest Poker
    C:\Program Files\Games-Attack
    C:\Program Files\vmntoolbar
    C:\Users\PARENTS\AppData\Roaming\Desktopicon
    C:\Users\PARENTS\AppData\Roaming\EoRezo
    C:\Users\PARENTS\AppData\Roaming\Games-Attack
    C:\Users\PARENTS\AppData\Roaming\ItsLabel
    C:\Users\PARENTS\AppData\LocalLow\vmntoolbar
    C:\ProgramData\Games-Attack
    C:\ProgramData\Trymedia
    C:\Users\PARENTS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ebay.lnk
    C:\Users\PARENTS\AppData\Roaming\MICROS~1\Windows\STARTM~1\Ebay.lnk
    C:\Users\BENJAMIN\AppData\Local\Temp\AskBarDis
    C:\Users\BENJAMIN\AppData\Local\Temp\Low\AskBarDis
    C:\Users\BENJAMIN\AppData\Local\VirtualStore\Program Files\InternetGameBox
    C:\Users\BENJAMIN\AppData\LocalLow\VMNTOOLBAR
    C:\Users\laurie\Desktop\trucs ki servent a rien\Everest Poker.lnk
    C:\Users\Public\Desktop\Everest Poker.lnk
    C:\Users\PARENTS\AppData\Local\ygguoyw.bat

    (!) -- Fichiers temporaires supprimés.

    .
    HKCU\software\appdatalow\AskBarDis
    HKCU\software\appdatalow\software\VMNTOOLBAR
    HKCU\software\EoRezo
    HKCU\software\Games-Attack
    HKCU\software\Grand Virtual
    HKCU\software\ItsLabel
    HKCU\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\software\appdatalow\AskBarDis
    HKLM\software\classes\AskIBar.PopSwatterBarButton
    HKLM\software\classes\AskIBar.PopSwatterBarButton.1
    HKLM\software\classes\AskIBar.PopSwatterSettingsControl
    HKLM\software\classes\AskIBar.PopSwatterSettingsControl.1
    HKLM\software\classes\AskToolBar.SettingsPlugin
    HKLM\software\classes\AskToolBar.SettingsPlugin.1
    HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
    HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
    HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
    HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
    HKLM\Software\Classes\CLSID\{A057A204-BACC-4D26-8287-79A187E26987}
    HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
    HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
    HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
    HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
    HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
    HKLM\software\classes\vmntoolbar.VMNTOOLBAR
    HKLM\software\Games-Attack
    HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder
    HKLM\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}
    HKLM\software\microsoft\windows\currentversion\uninstall\Ask Toolbar_is1
    HKLM\software\microsoft\windows\currentversion\uninstall\Everest Poker
    HKLM\software\microsoft\windows\currentversion\uninstall\SoftwareUpdate_is1
    HKLM\software\microsoft\windows\currentversion\uninstall\vmntoolbar
    HKLM\software\microsoft\windows\currentversion\uninstall\ygguoyw
    HKLM\software\Trymedia Systems
    HKU\.default\software\EoRezo
    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version 3.5.7 [fr] *
    .
    Nom du profil: mhn84evu.default (PARENTS)
    .
    (PARENTS, Invalidprefs.js) Browser.download.dir, C:\Users\PARENTS\Downloads
    (PARENTS, Invalidprefs.js) Browser.search.defaultenginename, Google
    (PARENTS, Invalidprefs.js) Browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    (PARENTS, Invalidprefs.js) Browser.search.selectedEngine, Google
    (PARENTS, Invalidprefs.js) Browser.startup.homepage, hxxp://y.lo.st
    (PARENTS, Invalidprefs.js) Extensions.enabledItems, {bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}:1.5.46.5,{3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20080730W,{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10,{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:10.1.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.4
    .
    (PARENTS, Invalidprefs.js) EFFACE - Browser.startup.homepage, hxxp://y.lo.st
    .
    (PARENTS, prefs.js) Browser.download.dir, C:\Users\PARENTS\Downloads
    (PARENTS, prefs.js) Browser.search.defaultenginename, Google
    (PARENTS, prefs.js) Browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    (PARENTS, prefs.js) Browser.search.selectedEngine, Google
    (PARENTS, prefs.js) Browser.startup.homepage, hxxp://y.lo.st
    (PARENTS, prefs.js) Extensions.enabledItems, {71328583-3CA7-4809-B4BA-570A85818FBB}:0.5,{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1,{3112ca9c-de6d-4884-a869-9855de68056c}:6.1.20091216W,{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{20a82645-c095-46ed-80e3-08825760534b}:1.1,personas@christopher.beard:1.5,{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:10.1.0,{E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
    .
    (PARENTS, prefs.js) EFFACE - Browser.startup.homepage, hxxp://y.lo.st
    .
    .
    * Internet Explorer Version 7.0.6001.18000 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Do404Search: 01000000
    Local Page: C:\Windows\system32\blank.htm
    Show_ToolBar: yes
    Enable Browser Extensions: yes
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no
    Use Custom Search URL: 1 (0x1)
    Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Start Page: hxxp://fr.msn.com/
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: %SystemRoot%\system32\blank.htm
    Enable Browser Extensions: yes
    Use Search Asst: no
    Search bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ============== Suspect (Cracks, Serials, ...) ==============
    .
    C:\Users\PARENTS\AppData\Roaming\BitTorrent\FARCRY 2 + CRACK.torrent
    C:\Users\PARENTS\Desktop\ACCESSOIRES\Patch MsnCreative WLM 8.5 final[www.msncreative.net].exe
    C:\Users\PARENTS\Desktop\ACCESSOIRES\Rapidshare Database Searcher\Rapidshare Database Searcher\keygen.exe
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me (tuto2)\CrackmeDaube.exe
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me daube(tuto1)\CrackmeDaube.exe
    C:\Users\PARENTS\Desktop\truc a joan\Winrar pro\keygen.exe
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\ARCHPR.EXE
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\setup.exe
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\Script MSN\script msn 2\patch.exe
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\patchv2[1]\patch.exe
    C:\Users\PARENTS\Favorites\..CRACKWEB...url
    C:\Users\PARENTS\Favorites\video Hack MSN Script By Seboss ! By Nicos11 - habbo, hacking, cracking - videos wideo.url
    C:\Users\TOKEN\Downloads\eMule\Incoming\mes logiciels\Virtual DJ Studio 4.6\Crack\virtualdj.exe
    .
    ===================================
    .
    9177 Octet(s) - C:\Ad-Report-CLEAN[1].log
    .
    522 Fichier(s) - C:\Users\PARENTS\AppData\Local\Temp
    31 Fichier(s) - C:\Windows\Temp
    10 Fichier(s) - C:\Windows\Prefetch
    .
    20 Fichier(s) - C:\Ad-Remover\BACKUP
    1229 Fichier(s) - C:\Ad-Remover\QUARANTINE
    .
    Fin à: 13:46:43 | 31/01/2010 - CLEAN[1]
    .
    ============== E.O.F ==============
    .
    a c 267 8 Sécurité
    31 Janvier 2010 14:22:53

  • Désinstalle Ad-Remover.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\Rsit.
    31 Janvier 2010 20:51:57

    contenu de log.txt:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by PARENTS at 2010-01-31 20:39:11
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 61 GB (26%) free of 233 GB
    Total RAM: 2046 MB (43% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:39:56, on 31/01/2010
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18385)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\conime.exe
    C:\Windows\V0420Mon.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Windows\System32\rundll32.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Windows\System32\wpcumi.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\DNA\btdna.exe
    C:\Users\PARENTS\AppData\Local\Clavier+\Clavier.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Club-Internet\Lanceur\lanceur.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\eMule2\emule.exe
    C:\Program Files\Opera\opera.exe
    C:\Users\PARENTS\AppData\Local\Opera\Opera\profile\cache4\temporary_download\RSIT.exe
    C:\Program Files\trend micro\PARENTS.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
    O3 - Toolbar: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} - (no file)
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam2\Steam.exe" -silent
    O4 - HKCU\..\Run: [Clavier+] C:\Users\PARENTS\AppData\Local\Clavier+\Clavier.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [program defy] "C:\ProgramData\LongDashDash.bqsdus"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Program Files\Opera\Program\Plugins\NPSWF32_FlashUtil.exe -p
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O13 - Gopher Prefix:
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpld...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://11lolori11.spaces.live.com/PhotoUpload/VistaMsnP...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe

    --
    End of file - 12783 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    C:\Windows\tasks\User_Feed_Synchronization-{A31F4002-238A-45B7-A55A-161B716BEBE1}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6b284373-1765-4464-a587-80fbc2b2eefa}]
    LphantBar Toolbar - C:\Program Files\LphantBar\tbLpha.dll [2008-09-15 1784856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-02-12 251504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-02-12 657904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-02-12 522224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]
    {6b284373-1765-4464-a587-80fbc2b2eefa} - LphantBar Toolbar - C:\Program Files\LphantBar\tbLpha.dll [2008-09-15 1784856]
    {A057A204-BACC-4D26-8287-79A187E26987}
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-02-12 251504]


    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "V0420Mon.exe"=C:\Windows\V0420Mon.exe [2007-04-30 32768]
    "RegistryMechanic"= []
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
    "PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
    "NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-05-28 570664]
    "AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
    "WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
    "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    ""= []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-24 68856]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2010-01-31 323392]
    "Speech Recognition"=C:\Windows\Speech\Common\sapisvr.exe [2008-01-19 49664]
    "Steam"=C:\Program Files\Steam2\Steam.exe [2009-10-28 1217808]
    "Clavier+"=C:\Users\PARENTS\AppData\Local\Clavier+\Clavier.exe [2007-10-21 88576]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
    "program defy"=C:\ProgramData\LongDashDash.bqsdus [2009-12-03 311312]
    "Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-10-09 25623336]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "FlashPlayerUpdate"=C:\Program Files\Opera\Program\Plugins\NPSWF32_FlashUtil.exe [2009-07-18 257440]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnumanLive]
    C:\Users\PARENTS\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe [2007-10-30 347136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Live! Cam Manager]
    C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2007-06-07 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
    C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwhypbpydz]
    c:\users\parents\appdata\local\mwhypbpydz.exe mwhypbpydz []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
    C:\Program Files\Spyware Doctor\SDTrayApp.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
    C:\Program Files\Shareaza\Shareaza.exe -tray []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
    C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    C:\Program Files\Steam\Steam.exe -silent []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-24 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
    C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2009-02-27 542096]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
    C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2009-10-03 35696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
    C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~1.EXE [2008-10-10 161264]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Users\PARENTS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    Club Internet.lnk - C:\Program Files\Club-Internet\Lanceur\lanceur.exe
    OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="wbsys.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
    C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "RunStartupScriptSync"=1
    "LogonHoursAction"=2
    "DontDisplayLogonHoursWarnings"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "RunStartupScriptSync"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c27af1b-ac0b-11dc-a2d0-001a922cce5e}]
    shell\AutoRun\command - L:\usb\run.bat

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4b2f128-51a5-11dc-bd95-806e6f6e6963}]
    shell\AutoRun\command - F:\autorun.bat


    ======List of files/folders created in the last 1 months======

    2010-01-31 20:39:12 ----D---- C:\Program Files\trend micro
    2010-01-31 20:39:11 ----D---- C:\rsit
    2010-01-31 13:36:20 ----D---- C:\Ad-Remover
    2010-01-31 03:00:06 ----D---- C:\Users\PARENTS\AppData\Roaming\Malwarebytes
    2010-01-31 02:59:57 ----D---- C:\ProgramData\Malwarebytes
    2010-01-31 02:59:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-01-22 10:56:57 ----A---- C:\Windows\system32\wininet.dll
    2010-01-22 10:56:57 ----A---- C:\Windows\system32\occache.dll
    2010-01-22 10:56:57 ----A---- C:\Windows\system32\mshtml.dll
    2010-01-22 10:56:56 ----A---- C:\Windows\system32\urlmon.dll
    2010-01-22 10:56:55 ----A---- C:\Windows\system32\ieframe.dll
    2010-01-22 10:56:54 ----A---- C:\Windows\system32\msfeeds.dll
    2010-01-22 10:56:54 ----A---- C:\Windows\system32\iertutil.dll
    2010-01-22 10:56:54 ----A---- C:\Windows\system32\iedkcs32.dll
    2010-01-22 10:56:54 ----A---- C:\Windows\system32\ieapfltr.dll
    2010-01-22 10:56:53 ----A---- C:\Windows\system32\mstime.dll
    2010-01-22 10:56:53 ----A---- C:\Windows\system32\ieUnatt.exe
    2010-01-22 10:56:53 ----A---- C:\Windows\system32\iepeers.dll
    2010-01-22 10:56:53 ----A---- C:\Windows\system32\ieencode.dll
    2010-01-22 10:56:53 ----A---- C:\Windows\system32\ieaksie.dll
    2010-01-22 10:56:52 ----A---- C:\Windows\system32\jsproxy.dll
    2010-01-19 13:56:49 ----D---- C:\Program Files\IDoser v4
    2010-01-13 09:49:03 ----A---- C:\Windows\system32\t2embed.dll
    2010-01-13 09:49:03 ----A---- C:\Windows\system32\fontsub.dll
    2010-01-11 13:50:33 ----D---- C:\Users\PARENTS\AppData\Roaming\PhotoFiltre
    2010-01-11 13:50:28 ----D---- C:\Program Files\PhotoFiltre
    2010-01-11 13:48:27 ----A---- C:\Windows\Instaler Setup Log.txt
    2010-01-05 16:39:25 ----D---- C:\Rummy Royal

    ======List of files/folders modified in the last 1 months======

    2010-01-31 20:39:24 ----D---- C:\Windows\Prefetch
    2010-01-31 20:39:18 ----D---- C:\Windows\TEMP
    2010-01-31 20:39:12 ----RD---- C:\Program Files
    2010-01-31 20:39:12 ----D---- C:\Windows\tracing
    2010-01-31 20:37:52 ----D---- C:\Users\PARENTS\AppData\Roaming\DNA
    2010-01-31 16:07:35 ----D---- C:\Program Files\Mozilla Firefox
    2010-01-31 14:56:55 ----SHD---- C:\System Volume Information
    2010-01-31 13:48:32 ----D---- C:\Program Files\Steam2
    2010-01-31 13:48:15 ----D---- C:\Users\PARENTS\AppData\Roaming\OpenOffice.org2
    2010-01-31 13:47:07 ----D---- C:\Program Files\DNA
    2010-01-31 13:46:49 ----D---- C:\Windows\System32
    2010-01-31 13:46:49 ----D---- C:\Windows\inf
    2010-01-31 13:46:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2010-01-31 13:43:06 ----HD---- C:\ProgramData
    2010-01-31 13:27:30 ----D---- C:\Windows\system32\drivers
    2010-01-31 13:26:38 ----D---- C:\Windows\system32\catroot2
    2010-01-31 03:09:36 ----D---- C:\Program Files\Internet Explorer
    2010-01-31 02:35:13 ----D---- C:\Windows
    2010-01-29 10:47:34 ----D---- C:\Windows\system32\Macromed
    2010-01-24 17:34:01 ----D---- C:\ProgramData\Sizeencreal
    2010-01-23 03:19:10 ----D---- C:\Program Files\Microsoft Silverlight
    2010-01-23 03:02:15 ----D---- C:\Windows\winsxs
    2010-01-22 23:47:41 ----D---- C:\ProgramData\Messenger Plus!
    2010-01-22 10:54:21 ----D---- C:\Windows\system32\catroot
    2010-01-21 15:28:59 ----D---- C:\Program Files\Messenger Plus! Live
    2010-01-21 03:10:49 ----SHD---- C:\$Recycle.Bin
    2010-01-21 03:00:58 ----SHD---- C:\Windows\Installer
    2010-01-20 15:44:47 ----D---- C:\Users\PARENTS\AppData\Roaming\BitTorrent
    2010-01-20 08:00:15 ----D---- C:\Users\PARENTS\AppData\Roaming\skypePM
    2010-01-18 23:30:17 ----D---- C:\Users\PARENTS\AppData\Roaming\Skype
    2010-01-18 20:44:06 ----D---- C:\Program Files\Circle Developement
    2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
    2010-01-14 03:03:34 ----D---- C:\Program Files\Windows Mail
    2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
    R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-10-15 371248]
    R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2007-12-24 111632]
    R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]
    R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
    R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
    R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2006-11-22 34576]
    R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2006-11-22 27792]
    R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2006-11-22 18320]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
    R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-24 50688]
    R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
    R3 V0420VID;Live! Cam Vista IM (VF0420); C:\Windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 99648]
    R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2006-11-22 34448]
    R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2006-11-22 44304]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
    S1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080421.002\IDSvix86.sys []
    S1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
    S3 ad00qzf1;ad00qzf1; C:\Windows\system32\drivers\ad00qzf1.sys []
    S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
    S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
    S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2006-11-22 33936]
    S3 catchme;catchme; \??\C:\TRISTAN\catchme.sys []
    S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
    S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
    S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-04-05 19712]
    S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
    S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-04-05 18304]
    S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
    S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080421.003\NAVENG.SYS []
    S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080421.003\NAVEX15.SYS []
    S3 Nokia USB Generic;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2005-10-13 8704]
    S3 Nokia USB Modem;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2005-10-13 12800]
    S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2005-10-13 124928]
    S3 PCAMPR4;PCAMPR4 NDIS Protocol Driver; \??\C:\Windows\system32\PCAMPR4.SYS []
    S3 PCANDIS4;PCANDIS4 NDIS Protocol Driver; \??\C:\Windows\system32\PCANDIS4.SYS []
    S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
    S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
    S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2007-12-25 123952]
    S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-02-18 30464]
    S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
    S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
    S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
    S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
    S3 vtany;vtany; \??\C:\Windows\vtany.sys []
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
    S3 xhunter1;xhunter1; \??\C:\Windows\xhunter1.sys [2009-08-11 50688]
    S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-07-08 103936]
    S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-07-08 103936]
    S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-07-08 103936]
    S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-05-11 247808]
    S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
    S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-01 611664]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 LexBceS;LexBce Server; C:\Windows\System32\LEXBCES.EXE [2003-08-18 303104]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
    R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-12-10 75064]
    R2 TeamViewer4;TeamViewer 4; C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [2009-01-28 185640]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
    R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
    S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-26 135664]
    S2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2007-02-19 47712]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-13 655624]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-12-30 321320]

    -----------------EOF-----------------

    contenu de info.txt :

    info.txt logfile of random's system information tool 1.06 2010-01-31 20:40:01

    ======Uninstall list======

    -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
    -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    -->C:\Windows\UNNeroShowTime.exe /UNINSTALL
    -->C:\Windows\UNNeroVision.exe /UNINSTALL
    -->C:\Windows\UNRecode.exe /UNINSTALL
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EDB7E6-D292-44BD-8CA6-A3E33C9D7750}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
    32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
    ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
    Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
    Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
    Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
    Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
    Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
    Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
    Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
    Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
    Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
    Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
    Adobe Illustrator CS4-->C:\Program Files\Common Files\Adobe\Installers\2a31ae7a5c43ff52d8577782dd34e04\Setup.exe --uninstall=1
    Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
    Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
    Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
    Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
    Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
    Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
    Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
    Adobe Setup-->MsiExec.exe /I{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}
    Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
    Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
    Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
    Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
    AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
    AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
    AlienGUIse Theme Manager-->C:\PROGRA~1\ALIENG~1\thememgr.exe /uninstallwise
    AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
    Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
    Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    AutoIt v3.3.0.0-->C:\Program Files\AutoIt3\Uninstall.exe
    AVIConverter 5.0.1-->C:\Program Files\AVIConverter\uninst.exe
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    AVS Audio Converter version 5.1-->"C:\Program Files\AVS4YOU\AVSAudioConverter\unins000.exe"
    AVS Disc Creator version 2.1-->"C:\Program Files\AVSMedia\DiscCreator\unins000.exe"
    AVS4YOU Software Navigator 1.2-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
    Barre d'outils MSN-->C:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c
    BlueSoleil 3.0 Std Release-->MsiExec.exe /X{B174DCA1-D1AF-45B4-976D-87943E4C5957}
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    CA VMN Anti-Spyware (remove only)-->"C:\Program Files\CA VMN Anti-Spyware\uninstall.exe"
    Cartoonist 1.2-->"C:\Program Files\Cartoonist\unins000.exe"
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    CDex extraction audio-->"C:\Program Files\CDex_170b2\uninstall.exe"
    Clavier+ 10.6.1-->"C:\Users\PARENTS\AppData\Local\Clavier+\unins000.exe"
    Clé Internet de prêt-->"C:\Program Files\InstallShield Installation Information\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}\setup.exe" -runfromtemp -l0x040c -removeonly
    Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
    Counter-Strike: Source-->"C:\Program Files\Steam2\steam.exe" steam://uninstall/240
    Counter-Strike-->"C:\Program Files\Steam2\steam.exe" steam://uninstall/10
    Creative Live! Cam Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c /remove
    Creative Live! Cam Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x40c /remove
    Creative Live! Cam Vista IM Driver (1.00.03.0000)-->C:\Windows\CtDrvIns.exe -uninstall -script VF0420.uns -unsext NT -plugin V0420Pin.dll -pluginres CtCamPin.crl
    Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
    Creative System Information-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
    dBpoweramp Music Converter-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    eBay Icon-->C:\Users\PARENTS\AppData\Roaming\Desktopicon\uninst.exe
    eMule-->"C:\Program Files\eMule2\Uninstall.exe"
    Farces & Attrapes 2.0-->C:\Program Files\Atlence\Farces & Attrapes 2.0\unins000.exe
    FaxTools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x40c ControlPanel
    FileZilla Client 3.2.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
    Free Audio CD Burner version 1.2-->"C:\Program Files\DVDVideoSoft\Free Audio CD Burner\unins000.exe"
    Free Easy Burner V 3.8-->"C:\Program Files\Free Easy Burner\unins000.exe"
    Free FLV Converter V 6.7.4-->"C:\Program Files\Free FLV Converter\unins000.exe"
    Free Mp3 Wma Converter V 1.5.5-->"C:\Program Files\Free Audio Pack\unins000.exe"
    Free YouTube Download 2.3-->"C:\Program Files\DVDVideoSoft\Free YouTube Download\unins000.exe"
    Free YouTube to MP3 Converter version 3.2-->"C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe"
    Fruity Loops Studio Producer Edition XXL v6.04 Patcher-->C:\PROGRA~1\IMAGE-~1\FLSTUD~1\UNWISE.EXE C:\PROGRA~1\IMAGE-~1\FLSTUD~1\INSTALL.LOG
    Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
    Gestionnaire de photos Creative-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c /remove
    GIMP 2.6.4-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
    Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.38\Installer\setup.exe" --uninstall --system-level
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Google Earth-->MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}
    Guide de l'utilisateur Creative Live! Cam-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EDB7E6-D292-44BD-8CA6-A3E33C9D7750}\setup.exe" -l0x40c /remove
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Encoder (KB929182)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={5406B219-A1AC-4BC4-8695-72292C8195AC} /qb
    HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}\setup\hpzscr01.exe -datfile hposcr14.dat
    HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
    HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
    HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
    HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
    HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HP Update-->MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1}
    HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
    Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
    La Somme de Toutes les Peurs-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6736E2A0-3B7C-4CAA-A508-7400F6A8969B}\Setup.exe" -l0x40c
    Lanceur Club Internet v6-->"C:\Program Files\Club-Internet\Lanceur\uninstall.exe"
    LastChaos-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99A37AC7-E724-4621-B167-500B5A52B69C}\setup.exe" -l0x9 -removeonly
    Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x040c -removeonly
    Lexmark X1100 Series-->C:\Windows\system32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series
    LG PC Suite II-->C:\Program Files\InstallShield Installation Information\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}\setup.exe -runfromtemp -l0x040c -removeonly
    LG USB Modem driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly
    LimeWire 4.14.10-->"C:\Program Files\LimeWire\uninstall.exe"
    livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
    Lphant v3.51-->"C:\Program Files\Lphant\unins000.exe"
    LphantBar Toolbar-->C:\PROGRA~1\LPHANT~1\UNWISE.EXE C:\PROGRA~1\LPHANT~1\INSTALL.LOG
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
    Midnight Club II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F3856E7C-AD71-48E1-9A95-6D7E7FCB164A}\Setup.exe" -l0x40c
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSNPlus-->C:\Program Files\groups.im\MSNPlus\uninstall.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    muveeNow 2.0 - Creative-->C:\Program Files\InstallShield Installation Information\{B0F64C44-DC77-497D-9A27-C0F5BAB12493}\setup.exe -runfromtemp -l0x040c -removeonly
    Native Instruments Audio 8 DJ Driver-->"C:\ProgramData\{D6072FCA-C57E-4A39-92CE-3ABE6C6D694B}\Audio 8 DJ Driver Setup.exe" REMOVE=TRUE MODIFY=FALSE
    Native Instruments Audio 8 DJ Driver-->C:\ProgramData\{D6072FCA-C57E-4A39-92CE-3ABE6C6D694B}\Audio 8 DJ Driver Setup.exe
    Native Instruments Service Center-->"C:\ProgramData\{442B6EC3-77A0-4817-825F-67F47D7A2E54}\Service Center Setup.exe" REMOVE=TRUE MODIFY=FALSE
    Native Instruments Service Center-->C:\ProgramData\{442B6EC3-77A0-4817-825F-67F47D7A2E54}\Service Center Setup.exe
    Native Instruments Traktor-->"C:\ProgramData\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}\Traktor Setup.exe" REMOVE=TRUE MODIFY=FALSE
    Native Instruments Traktor-->C:\ProgramData\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}\Traktor Setup.exe
    Nero 7 Essentials-->MsiExec.exe /X{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1036}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Norton Internet Security-->MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
    Notepad++-->C:\Program Files\Notepad++\uninstall.exe
    NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
    OpenOffice.org 2.4-->MsiExec.exe /I{1E0FF527-971B-4BBF-83D1-987E8DEE437D}
    Opera 9.63-->MsiExec.exe /X{1BC4026B-1957-4514-9058-2B542557F143}
    Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Outils Club Internet-->"C:\Program Files\Club-Internet\Assistance\OutilsCI\uninstall.exe"
    Paint Shop Pro 7 Try And Buy-->MsiExec.exe /I{D6DE02C7-1F47-11D4-9515-00105AE4B89A}
    Paper Folding 3D-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EFC6C19-B06F-41B7-9763-42538D5B5CB3}\setup.exe" -l0x9 -removeonly
    PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
    Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
    PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
    Prototype(TM)-->C:\Program Files\InstallShield Installation Information\{9322A850-9091-4D0E-B252-3E82EDA3D94A}\setup.exe -runfromtemp -l0x040c
    QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
    Rami Royal-->MsiExec.exe /I{A7FAC5BD-6361-436A-B593-715241CF198F}
    RAR Password Cracker 4.12-->C:\Program Files\RAR Password Cracker\uninstall.exe
    RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    Reason Demo 4.0-->"C:\Program Files\Propellerhead\Reason Demo\Uninstall Reason Demo\unins000.exe"
    Registry Mechanic 7.0-->"C:\Program Files\Registry Mechanic\unins000.exe"
    Risk II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0EE11800-A1BD-11D3-BFEB-005004AF2D32}\setup.exe" -l0x040c
    SAMSUNG CDMA Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
    SC Ver 2.62-->"C:\Program Files\SC\unins000.exe"
    SecondLife (remove only)-->"C:\Program Files\SecondLife\uninst.exe" /P="SecondLife"
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
    SightSpeed (remove only)-->"C:\Program Files\SightSpeed\uninst.exe"
    Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
    Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    SuddenAttackNA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{732799C0-7785-43C5-8496-71546A062992}\setup.exe" -l0x9 -removeonly
    Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
    SUPER © Version 2008.bld.33 (Sep 2, 2008)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
    TC:Elite Test-->C:\PROGRA~1\WOLFEN~1\tcetest\uninst.exe
    TeamViewer 4-->C:\Program Files\TeamViewer\Version4\uninstall.exe
    The Cleaner 5.3-->"C:\Program Files\The Cleaner Free\unins000.exe"
    TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
    Todae - Live Media-->C:\Program Files\Windows Media Player\Plugins\Todae\RMP\uninstall_fr.exe
    Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
    Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
    Virtual DJ Home Edition - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
    VLC media player 0.9.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Vuze-->C:\Program Files\Vuze\uninstall.exe
    WebExpert 6-->"C:\Program Files\Visicom Media\WebExpert 6\uninst-web.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
    Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    WinHTTrack Website Copier 3.43-2-->"C:\Program Files\WinHTTrack\unins000.exe"
    Wolfenstein - Enemy Territory-->C:\PROGRA~1\WOLFEN~1\Uninstall\Unwise.exe /u C:\PROGRA~1\WOLFEN~1\Uninstall\Install.log
    Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
    Xvid 1.1.3 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

    ======System event log======

    Computer Name: lafitte-Corp
    Event Code: 5
    Message: Error loading Symantec real time Anti-Virus driver.
    Record Number: 204580
    Source Name: SRTSP
    Time Written: 20100131123842.578125-000
    Event Type: Erreur
    User:

    Computer Name: lafitte-Corp
    Event Code: 15016
    Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
    Record Number: 204588
    Source Name: Microsoft-Windows-HttpEvent
    Time Written: 20100131123904.626628-000
    Event Type: Erreur
    User:

    Computer Name: lafitte-Corp
    Event Code: 7000
    Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
    Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
    Record Number: 204625
    Source Name: Service Control Manager
    Time Written: 20100131124027.000000-000
    Event Type: Erreur
    User:

    Computer Name: lafitte-Corp
    Event Code: 7022
    Message: Le service Service HP CUE DeviceDiscovery est en attente de démarrage.
    Record Number: 204662
    Source Name: Service Control Manager
    Time Written: 20100131124041.000000-000
    Event Type: Erreur
    User:

    Computer Name: lafitte-Corp
    Event Code: 7026
    Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
    SRTSP
    Record Number: 204666
    Source Name: Service Control Manager
    Time Written: 20100131124041.000000-000
    Event Type: Erreur
    User:

    =====Application event log=====

    Computer Name: lafitte-Corp
    Event Code: 4113
    Message: AntiVir a détecté dans le fichier C:\Program Files\Winsudate\gibsvc.exe un code suspect avec la désignation 'ADSPY/Gibmed.B.3'!
    Record Number: 75890
    Source Name: Avira AntiVir
    Time Written: 20100131012525.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: lafitte-Corp
    Event Code: 4113
    Message: AntiVir a détecté dans le fichier C:\Program Files\Winsudate\gibsvc.exe un code suspect avec la désignation 'ADSPY/Gibmed.B.3'!
    Record Number: 75891
    Source Name: Avira AntiVir
    Time Written: 20100131020212.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: lafitte-Corp
    Event Code: 4113
    Message: AntiVir a détecté dans le fichier C:\Users\PARENTS\AppData\Local\Temp\bis54AA.exe un code suspect avec la désignation 'TR/Dldr.Swizzor.Gen2'!
    Record Number: 75892
    Source Name: Avira AntiVir
    Time Written: 20100131020637.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: lafitte-Corp
    Event Code: 4113
    Message: AntiVir a détecté dans le fichier C:\Program Files\Winsudate\gibsvc.exe un code suspect avec la désignation 'ADSPY/Gibmed.B.3'!
    Record Number: 75893
    Source Name: Avira AntiVir
    Time Written: 20100131020934.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: lafitte-Corp
    Event Code: 1002
    Message: Le programme msnmsgr.exe version 14.0.8089.726 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 964 Heure de début : 01caa271138e4cfe Heure de fin : 60
    Record Number: 75927
    Source Name: Application Hang
    Time Written: 20100131123445.000000-000
    Event Type: Erreur
    User:

    =====Security event log=====

    Computer Name: lafitte-Corp
    Event Code: 4648
    Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : LAFITTE-CORP$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Compte dont les informations d’identification ont été utilisées :
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Serveur cible :
    Nom du serveur cible : localhost
    Informations supplémentaires : localhost

    Informations sur le processus :
    ID du processus : 0x320
    Nom du processus : C:\
    a c 267 8 Sécurité
    31 Janvier 2010 23:33:46

    Je vois une infection Lop/Swizzor.

  • Télécharge Lop S&D (par Eric_71) sur ton Bureau.
  • Puis double-clique sur Lop S&D présent sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).
    2 Février 2010 20:01:51

    recherche Lop S&D


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : PARENTS ( Not Administrator ! )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:227 Go (Free:59 Go)
    D:\ (CD or DVD)
    E:\ (Local Disk) - NTFS - Total:59 Go (Free:10 Go)
    F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)
    K:\ (USB)
    L:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 02/02/2010|19:56 )

    [ UAC => 0 ]

    --------------------\\ Listing des dossiers dans Local

    [04/11/2009|12:21] C:\Users\PARENTS\AppData\Local\Adobe
    [27/09/2007|18:42] C:\Users\PARENTS\AppData\Local\Ahead
    [09/03/2008|12:26] C:\Users\PARENTS\AppData\Local\Apple Computer
    [23/08/2007|19:38] C:\Users\PARENTS\AppData\Local\Application Data
    [15/09/2008|18:48] C:\Users\PARENTS\AppData\Local\Apps
    [03/02/2009|21:10] C:\Users\PARENTS\AppData\Local\Clavier+
    [31/12/2009|21:45] C:\Users\PARENTS\AppData\Local\d3d9caps.dat
    [24/01/2009|16:43] C:\Users\PARENTS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [15/09/2008|20:36] C:\Users\PARENTS\AppData\Local\Deployment
    [15/10/2008|19:35] C:\Users\PARENTS\AppData\Local\DNA
    [08/07/2009|00:34] C:\Users\PARENTS\AppData\Local\eMule
    [15/09/2008|18:49] C:\Users\PARENTS\AppData\Local\EPS-FileDownloader
    [14/04/2009|18:43] C:\Users\PARENTS\AppData\Local\GDIPFONTCACHEV1.DAT
    [23/01/2010|21:47] C:\Users\PARENTS\AppData\Local\Google
    [30/09/2009|20:19] C:\Users\PARENTS\AppData\Local\groups.im
    [23/08/2007|19:38] C:\Users\PARENTS\AppData\Local\Historique
    [21/10/2008|21:59] C:\Users\PARENTS\AppData\Local\HP
    [31/01/2010|13:37] C:\Users\PARENTS\AppData\Local\IconCache.db
    [17/10/2007|20:50] C:\Users\PARENTS\AppData\Local\IM
    [06/12/2008|00:34] C:\Users\PARENTS\AppData\Local\Mango_Enterprise_-_http__
    [10/03/2009|19:43] C:\Users\PARENTS\AppData\Local\MessengerGroup
    [11/01/2010|09:44] C:\Users\PARENTS\AppData\Local\Microsoft
    [26/08/2007|10:24] C:\Users\PARENTS\AppData\Local\Microsoft Games
    [14/10/2007|18:51] C:\Users\PARENTS\AppData\Local\Mozilla
    [28/01/2009|21:01] C:\Users\PARENTS\AppData\Local\Opera
    [11/10/2007|18:51] C:\Users\PARENTS\AppData\Local\oxyidtndxh.dat
    [10/12/2009|17:52] C:\Users\PARENTS\AppData\Local\PunkBuster
    [31/01/2008|21:31] C:\Users\PARENTS\AppData\Local\Steam
    [02/02/2010|19:55] C:\Users\PARENTS\AppData\Local\Temp
    [23/08/2007|19:38] C:\Users\PARENTS\AppData\Local\Temporary Internet Files
    [14/10/2007|12:18] C:\Users\PARENTS\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [02/02/2010 19:18][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [01/02/2010 21:18][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [02/02/2010 05:12][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A31F4002-238A-45B7-A55A-161B716BEBE1}.job
    [31/01/2010 13:39][--ah-----] C:\Windows\tasks\SA.DAT
    [31/01/2010 13:37][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [08/01/2009|14:18] C:\ProgramData\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}
    [01/02/2009|13:54] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [08/01/2009|14:16] C:\ProgramData\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
    [08/01/2009|14:16] C:\ProgramData\{D6072FCA-C57E-4A39-92CE-3ABE6C6D694B}
    [04/11/2009|12:22] C:\ProgramData\Adobe
    [18/03/2009|12:31] C:\ProgramData\Ahead
    [13/04/2009|13:13] C:\ProgramData\ALM
    [26/02/2009|22:19] C:\ProgramData\ANGYHDL.txt
    [11/11/2007|19:08] C:\ProgramData\Apple
    [02/03/2008|08:36] C:\ProgramData\Apple Computer
    [02/11/2006|14:02] C:\ProgramData\Application Data
    [04/09/2008|19:36] C:\ProgramData\Avg8
    [01/06/2009|12:52] C:\ProgramData\Avira
    [21/01/2008|20:26] C:\ProgramData\AVS4YOU
    [19/06/2009|19:26] C:\ProgramData\Azureus
    [03/12/2009|12:08] C:\ProgramData\bits download body.4citl
    [25/12/2007|02:51] C:\ProgramData\Bluetooth
    [20/04/2008|14:24] C:\ProgramData\BM4ffc8a4f.txt
    [25/04/2008|05:57] C:\ProgramData\BM4ffc8a4f.xml
    [23/08/2007|19:27] C:\ProgramData\Bureau
    [27/08/2007|16:48] C:\ProgramData\BVRP Software
    [20/03/2008|16:32] C:\ProgramData\Creative
    [25/06/2009|19:29] C:\ProgramData\DAEMON Tools Lite
    [02/11/2006|14:02] C:\ProgramData\Desktop
    [02/11/2006|14:02] C:\ProgramData\Documents
    [13/01/2009|17:32] C:\ProgramData\EmailNotifier
    [11/11/2007|19:00] C:\ProgramData\eMule
    [11/03/2009|06:14] C:\ProgramData\ezsidmv.dat
    [23/08/2007|19:27] C:\ProgramData\Favoris
    [02/11/2006|14:02] C:\ProgramData\Favorites
    [16/04/2009|10:45] C:\ProgramData\FLEXnet
    [12/02/2009|19:01] C:\ProgramData\Google
    [23/03/2009|18:33] C:\ProgramData\Google Updater
    [21/10/2008|18:37] C:\ProgramData\Hewlett-Packard
    [31/07/2009|23:24] C:\ProgramData\HP
    [21/10/2008|18:33] C:\ProgramData\HP Product Assistant
    [21/10/2008|18:35] C:\ProgramData\HPSSUPPLY
    [23/09/2009|07:06] C:\ProgramData\hpzinstall.log
    [14/05/2008|19:18] C:\ProgramData\Kaspersky Lab
    [01/10/2008|19:33] C:\ProgramData\Lavasoft
    [03/12/2009|12:07] C:\ProgramData\LongDashDash.bqsdus
    [03/12/2009|12:07] C:\ProgramData\LongDashDash.uy5jk
    [31/01/2010|02:59] C:\ProgramData\Malwarebytes
    [23/08/2007|19:27] C:\ProgramData\Menu D‚marrer
    [22/01/2010|23:47] C:\ProgramData\Messenger Plus!
    [23/05/2009|13:27] C:\ProgramData\MGS
    [23/05/2009|13:21] C:\ProgramData\Microgaming
    [06/11/2009|20:34] C:\ProgramData\Microsoft
    [23/08/2007|19:27] C:\ProgramData\ModŠles
    [07/11/2007|19:04] C:\ProgramData\Motive
    [14/10/2007|09:42] C:\ProgramData\Mozilla
    [25/12/2007|01:34] C:\ProgramData\muvee Technologies
    [08/01/2009|14:18] C:\ProgramData\Native Instruments
    [18/03/2009|12:28] C:\ProgramData\Nero
    [05/05/2009|09:45] C:\ProgramData\ntuser.pol
    [12/12/2008|20:47] C:\ProgramData\NVIDIA
    [27/02/2008|00:32] C:\ProgramData\pixelStorm
    [19/11/2009|19:34] C:\ProgramData\Propellerhead Software
    [25/04/2008|06:43] C:\ProgramData\pskt.ini
    [24/01/2010|17:34] C:\ProgramData\Sizeencreal
    [06/12/2009|01:01] C:\ProgramData\Skype
    [01/06/2009|12:55] C:\ProgramData\Spybot - Search & Destroy
    [02/11/2006|14:02] C:\ProgramData\Start Menu
    [09/11/2008|18:03] C:\ProgramData\Symantec
    [27/10/2008|18:57] C:\ProgramData\TEMP
    [02/11/2006|14:02] C:\ProgramData\Templates
    [28/08/2009|10:01] C:\ProgramData\TrackMania
    [19/11/2008|23:05] C:\ProgramData\vlc-0.9.6-win32.exe
    [28/03/2009|14:12] C:\ProgramData\WEBREG
    [20/10/2008|02:15] C:\ProgramData\WindowsSearch
    [16/12/2008|17:54] C:\ProgramData\WLInstaller
    [11/08/2009|01:43] C:\ProgramData\Xfire
    [21/12/2007|23:20] C:\ProgramData\Yahoo! Companion
    [26/02/2009|21:56] C:\ProgramData\ZATNGAH.txt

    --------------------\\ Listing des dossiers dans C:\Program Files

    [27/08/2007|16:49] C:\Program Files\ABBYY FineReader 5.0 Sprint
    [27/08/2007|16:48] C:\Program Files\ABBYY FineReader 6.0
    [25/06/2009|19:46] C:\Program Files\Activision
    [13/04/2009|13:13] C:\Program Files\Adobe
    [01/11/2008|20:25] C:\Program Files\AlienGUIse
    [17/10/2007|19:11] C:\Program Files\Alwil Software
    [11/01/2009|16:54] C:\Program Files\Atlence
    [18/04/2008|11:48] C:\Program Files\Audacity
    [03/03/2009|19:25] C:\Program Files\AutoIt3
    [06/01/2009|20:45] C:\Program Files\AVIConverter
    [01/06/2009|12:52] C:\Program Files\Avira
    [11/12/2008|18:14] C:\Program Files\AviSynth 2.5
    [12/07/2009|12:02] C:\Program Files\AVS4YOU
    [03/06/2008|21:06] C:\Program Files\AVSMedia
    [15/02/2009|23:29] C:\Program Files\BitTorrent
    [16/11/2007|21:09] C:\Program Files\BitTorrent_DNA
    [01/02/2009|13:48] C:\Program Files\Bonjour
    [12/01/2009|21:51] C:\Program Files\CA VMN Anti-Spyware
    [07/11/2008|12:03] C:\Program Files\Cartoonist
    [28/10/2008|19:10] C:\Program Files\CCleaner
    [22/12/2007|16:28] C:\Program Files\CDex_170b2
    [18/01/2010|20:44] C:\Program Files\Circle Developement
    [08/03/2009|02:35] C:\Program Files\Cl‚ Internet de prˆt
    [26/02/2008|23:11] C:\Program Files\Club-Internet
    [06/12/2009|01:01] C:\Program Files\Common Files
    [15/11/2008|01:47] C:\Program Files\Conduit
    [09/11/2007|16:49] C:\Program Files\Controle Parental
    [25/12/2007|01:39] C:\Program Files\Creative
    [25/06/2009|19:13] C:\Program Files\DAEMON Tools Lite
    [25/06/2009|19:13] C:\Program Files\DAEMON Tools Toolbar
    [29/10/2009|12:47] C:\Program Files\DivX
    [31/01/2010|13:47] C:\Program Files\DNA
    [28/11/2009|20:05] C:\Program Files\DVDVideoSoft
    [22/10/2008|10:04] C:\Program Files\eMule
    [08/07/2009|00:30] C:\Program Files\eMule2
    [11/12/2008|18:14] C:\Program Files\eRightSoft
    [27/08/2007|16:48] C:\Program Files\FaxTools
    [23/08/2007|19:27] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [16/02/2009|18:31] C:\Program Files\FileZilla FTP Client
    [06/03/2008|22:42] C:\Program Files\Free Audio Pack
    [14/05/2008|19:34] C:\Program Files\Free Easy Burner
    [28/11/2009|20:02] C:\Program Files\Free FLV Converter
    [01/02/2009|10:41] C:\Program Files\GIMP-2.0
    [21/12/2009|09:58] C:\Program Files\Google
    [14/10/2008|20:57] C:\Program Files\Google Hacks
    [16/09/2008|19:29] C:\Program Files\Gravity
    [17/10/2007|08:23] C:\Program Files\Grisoft
    [30/09/2009|18:49] C:\Program Files\groups.im
    [21/10/2008|18:32] C:\Program Files\Hewlett-Packard
    [21/10/2008|18:35] C:\Program Files\HP
    [19/01/2010|13:56] C:\Program Files\IDoser v4
    [22/12/2007|16:14] C:\Program Files\Illustrate
    [13/12/2008|15:03] C:\Program Files\Image-Line
    [18/10/2007|18:46] C:\Program Files\IncrediMail
    [10/10/2009|13:14] C:\Program Files\InstallShield Installation Information
    [31/01/2010|03:09] C:\Program Files\Internet Explorer
    [01/11/2008|20:26] C:\Program Files\Invisible Secrets 4
    [01/02/2009|13:54] C:\Program Files\iPod
    [01/02/2009|13:54] C:\Program Files\iTunes
    [25/12/2007|02:46] C:\Program Files\IVT Corporation
    [30/11/2008|16:20] C:\Program Files\Jasc Software Inc
    [01/05/2009|11:37] C:\Program Files\Java
    [26/04/2009|10:53] C:\Program Files\Kellogg's Asie
    [01/10/2008|19:30] C:\Program Files\Lavasoft
    [01/06/2008|21:12] C:\Program Files\Lexmark X1100 Series
    [22/08/2009|11:05] C:\Program Files\LG Electronics
    [10/10/2009|13:21] C:\Program Files\LG PC Suite II
    [11/11/2007|20:11] C:\Program Files\LimeWire
    [15/11/2008|02:45] C:\Program Files\Lphant
    [15/11/2008|01:47] C:\Program Files\LphantBar
    [31/01/2010|03:00] C:\Program Files\Malwarebytes' Anti-Malware
    [21/01/2010|15:28] C:\Program Files\Messenger Plus! Live
    [10/03/2009|19:42] C:\Program Files\MessengerGroup
    [07/10/2007|17:55] C:\Program Files\Microprose
    [07/11/2009|18:24] C:\Program Files\Microsoft
    [02/11/2007|03:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [02/11/2006|13:37] C:\Program Files\Microsoft Games
    [23/01/2010|03:19] C:\Program Files\Microsoft Silverlight
    [11/06/2008|18:49] C:\Program Files\Microsoft SQL Server Compact Edition
    [27/08/2009|12:27] C:\Program Files\Microsoft WSE
    [18/10/2008|11:12] C:\Program Files\Movie Maker
    [31/01/2010|16:07] C:\Program Files\Mozilla Firefox
    [02/11/2006|13:37] C:\Program Files\MSBuild
    [10/10/2007|17:54] C:\Program Files\MSN Apps
    [10/03/2009|19:42] C:\Program Files\MSN Messenger
    [10/10/2007|17:54] C:\Program Files\MSN Toolbar
    [16/05/2008|02:03] C:\Program Files\MSXML 4.0
    [25/12/2007|01:35] C:\Program Files\muvee Technologies
    [08/01/2009|14:18] C:\Program Files\Native Instruments
    [29/01/2007|06:07] C:\Program Files\Nero
    [24/10/2008|20:30] C:\Program Files\Notepad++
    [12/02/2008|19:36] C:\Program Files\NRJ
    [27/05/2008|14:15] C:\Program Files\OpenOffice.org 2.4
    [28/01/2009|21:00] C:\Program Files\Opera
    [11/01/2010|13:50] C:\Program Files\PhotoFiltre
    [27/11/2008|21:24] C:\Program Files\PowerISO
    [01/02/2009|13:47] C:\Program Files\QuickTime
    [16/10/2008|19:30] C:\Program Files\RAR Password Cracker
    [24/10/2007|17:49] C:\Program Files\Real
    [10/07/2008|19:18] C:\Program Files\Red Storm Entertainment
    [02/11/2006|13:37] C:\Program Files\Reference Assemblies
    [11/05/2008|18:29] C:\Program Files\Registry Mechanic
    [08/11/2007|18:51] C:\Program Files\rnamfler
    [09/09/2007|18:37] C:\Program Files\Rockstar Games
    [16/12/2007|18:30] C:\Program Files\SAGEM
    [21/02/2008|13:58] C:\Program Files\Samsung
    [19/09/2008|18:42] C:\Program Files\SC
    [01/02/2009|01:38] C:\Program Files\SecondLife
    [25/12/2007|01:33] C:\Program Files\SightSpeed
    [06/12/2009|01:01] C:\Program Files\Skype
    [03/10/2008|17:10] C:\Program Files\Spybot - Search & Destroy
    [15/05/2008|20:12] C:\Program Files\Steam
    [31/01/2010|13:48] C:\Program Files\Steam2
    [11/02/2009|15:33] C:\Program Files\TeamViewer
    [25/04/2009|10:54] C:\Program Files\The Cleaner Free
    [20/12/2008|20:55] C:\Program Files\TmNationsForever
    [31/01/2010|20:39] C:\Program Files\trend micro
    [02/11/2006|14:01] C:\Program Files\Uninstall Information
    [27/10/2008|13:19] C:\Program Files\uplink
    [17/09/2008|17:23] C:\Program Files\VideoLAN
    [20/02/2009|19:36] C:\Program Files\VirtualDJ
    [12/01/2009|21:50] C:\Program Files\Visicom Media
    [13/12/2008|15:10] C:\Program Files\VstPlugins
    [23/11/2009|17:27] C:\Program Files\Vuze
    [07/11/2007|18:36] C:\Program Files\Wanadoo
    [18/10/2008|11:12] C:\Program Files\Windows Calendar
    [18/10/2008|11:12] C:\Program Files\Windows Collaboration
    [18/10/2008|11:12] C:\Program Files\Windows Defender
    [18/10/2008|11:12] C:\Program Files\Windows Journal
    [07/11/2009|18:27] C:\Program Files\Windows Live
    [14/01/2010|03:03] C:\Program Files\Windows Mail
    [12/02/2008|19:38] C:\Program Files\Windows Media Components
    [28/10/2009|03:17] C:\Program Files\Windows Media Player
    [23/08/2007|19:27] C:\Program Files\Windows NT
    [18/10/2008|11:12] C:\Program Files\Windows Photo Gallery
    [18/10/2008|11:12] C:\Program Files\Windows Sidebar
    [04/02/2009|13:21] C:\Program Files\WinHTTrack
    [21/12/2008|11:47] C:\Program Files\WinRAR
    [10/12/2009|17:46] C:\Program Files\Wolfenstein - Enemy Territory
    [11/08/2009|01:43] C:\Program Files\Xfire
    [14/10/2007|09:37] C:\Program Files\Xvid
    [21/12/2007|23:16] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [04/11/2009|12:20] C:\Program Files\Common Files\Adobe
    [18/03/2009|12:30] C:\Program Files\Common Files\Ahead
    [01/02/2009|13:54] C:\Program Files\Common Files\Apple
    [11/01/2009|16:54] C:\Program Files\Common Files\Atlence
    [21/01/2008|20:26] C:\Program Files\Common Files\AVSMedia
    [29/10/2009|12:46] C:\Program Files\Common Files\DivX Shared
    [28/11/2009|20:05] C:\Program Files\Common Files\DVDVideoSoft
    [21/10/2008|18:32] C:\Program Files\Common Files\Hewlett-Packard
    [21/10/2008|18:33] C:\Program Files\Common Files\HP
    [11/05/2008|23:42] C:\Program Files\Common Files\InstallShield
    [11/11/2007|18:46] C:\Program Files\Common Files\Java
    [13/04/2009|13:07] C:\Program Files\Common Files\Macrovision Shared
    [09/03/2009|03:00] C:\Program Files\Common Files\microsoft shared
    [07/11/2007|18:37] C:\Program Files\Common Files\Motive
    [25/12/2007|01:35] C:\Program Files\Common Files\muvee Technologies
    [08/01/2009|14:16] C:\Program Files\Common Files\Native Instruments
    [14/10/2007|09:42] C:\Program Files\Common Files\PX Storage Engine
    [24/10/2007|17:50] C:\Program Files\Common Files\Real
    [02/11/2006|12:18] C:\Program Files\Common Files\Services
    [06/12/2009|01:01] C:\Program Files\Common Files\Skype
    [03/06/2008|20:48] C:\Program Files\Common Files\Softwin
    [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
    [05/09/2008|23:18] C:\Program Files\Common Files\Stardock
    [31/12/2009|16:15] C:\Program Files\Common Files\Steam
    [10/07/2008|19:23] C:\Program Files\Common Files\SWF Studio
    [25/04/2008|06:18] C:\Program Files\Common Files\Symantec Shared
    [18/10/2008|11:12] C:\Program Files\Common Files\System
    [16/12/2008|15:03] C:\Program Files\Common Files\Windows Live
    [11/06/2008|18:49] C:\Program Files\Common Files\WindowsLiveInstaller
    [01/10/2008|19:29] C:\Program Files\Common Files\Wise Installation Wizard
    [24/10/2007|17:50] C:\Program Files\Common Files\xing shared

    --------------------\\ Process

    ( 76 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    C:\ProgramData\bits download body.4citl
    C:\ProgramData\LongDashDash.uy5jk
    C:\ProgramData\LongDashDash.bqsdus

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\Program Files\Circle Developement

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "program defy"="\"C:\\ProgramData\\LongDashDash.bqsdus\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-02-02 19:57:03
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------\\ Recherche d'autres infections

    --------------------\\ ROGUES ..

    C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Spyware-Secure

    --------------------\\ Cracks & Keygens ..

    C:\Users\PARENTS\AppData\Local\Opera\Opera\profile\images\http%3A%2F%2Fwww.downloadcrackserialkeygen.com%2Ffavicon.ico
    C:\Users\PARENTS\AppData\Local\Opera\Opera\profile\images\www.downloadcrackserialkeygen.com.idx
    C:\Users\PARENTS\AppData\Roaming\BitTorrent\FARCRY 2 + CRACK.torrent
    C:\Users\PARENTS\AppData\Roaming\Microsoft\Windows\Recent\Crack_unofficial.drg.lnk
    C:\Users\PARENTS\Desktop\ACCESSOIRES\Rapidshare Database Searcher\Rapidshare Database Searcher\keygen.exe
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me (tuto2)
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me daube(tuto1)
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me daube(tuto1)\readme.txt
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\ollydbg 1.10\CrackGenMe v2.udd
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\ollydbg 1.10\CrackGenMe#2_keyGen_by_rAsM.udd
    C:\Users\PARENTS\Desktop\truc a joan\Winrar pro\keygen.exe
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Dose Files\Crack.drg
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Dose Files\Unofficial\Crack_unofficial.drg
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\ARCHPR.EXE
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\archpr.log
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\Fui descargado desde
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\readme.txt
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\setup.exe
    C:\Users\PARENTS\Favorites\..CRACKWEB...url
    C:\Users\PARENTS\Favorites\video Hack MSN Script By Seboss ! By Nicos11 - habbo, hacking, cracking - videos wideo.url


    [F:543][D:41]-> C:\Users\PARENTS\AppData\Local\Temp
    [F:55][D:1]-> C:\Users\PARENTS\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:560][D:4]-> C:\Users\PARENTS\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:396][D:17]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 02/02/2010|20:00 - Option : [1]

    --------------------\\ Fin du rapport a 20:00:49
    [ UAC => 1 ]

    a c 267 8 Sécurité
    2 Février 2010 21:30:54

  • Relance Lop S&D.
    (Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Choisis cette fois-ci l'option 2 (Suppression).
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt).

    (Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    2 Février 2010 21:43:42

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : PARENTS ( Not Administrator ! )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:227 Go (Free:59 Go)
    D:\ (CD or DVD)
    E:\ (Local Disk) - NTFS - Total:59 Go (Free:10 Go)
    F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)
    K:\ (USB)
    L:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 02/02/2010|21:39 )

    [ UAC => 1 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\ProgramData\bits download body.4citl
    Supprime! - C:\ProgramData\LongDashDash.uy5jk
    Supprime! - C:\ProgramData\LongDashDash.bqsdus
    Supprime! - C:\Program Files\Circle Developement
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans Local

    [04/11/2009|12:21] C:\Users\PARENTS\AppData\Local\Adobe
    [27/09/2007|18:42] C:\Users\PARENTS\AppData\Local\Ahead
    [09/03/2008|12:26] C:\Users\PARENTS\AppData\Local\Apple Computer
    [23/08/2007|19:38] C:\Users\PARENTS\AppData\Local\Application Data
    [15/09/2008|18:48] C:\Users\PARENTS\AppData\Local\Apps
    [03/02/2009|21:10] C:\Users\PARENTS\AppData\Local\Clavier+
    [31/12/2009|21:45] C:\Users\PARENTS\AppData\Local\d3d9caps.dat
    [24/01/2009|16:43] C:\Users\PARENTS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [15/09/2008|20:36] C:\Users\PARENTS\AppData\Local\Deployment
    [15/10/2008|19:35] C:\Users\PARENTS\AppData\Local\DNA
    [08/07/2009|00:34] C:\Users\PARENTS\AppData\Local\eMule
    [15/09/2008|18:49] C:\Users\PARENTS\AppData\Local\EPS-FileDownloader
    [14/04/2009|18:43] C:\Users\PARENTS\AppData\Local\GDIPFONTCACHEV1.DAT
    [23/01/2010|21:47] C:\Users\PARENTS\AppData\Local\Google
    [30/09/2009|20:19] C:\Users\PARENTS\AppData\Local\groups.im
    [23/08/2007|19:38] C:\Users\PARENTS\AppData\Local\Historique
    [21/10/2008|21:59] C:\Users\PARENTS\AppData\Local\HP
    [31/01/2010|13:37] C:\Users\PARENTS\AppData\Local\IconCache.db
    [17/10/2007|20:50] C:\Users\PARENTS\AppData\Local\IM
    [06/12/2008|00:34] C:\Users\PARENTS\AppData\Local\Mango_Enterprise_-_http__
    [10/03/2009|19:43] C:\Users\PARENTS\AppData\Local\MessengerGroup
    [11/01/2010|09:44] C:\Users\PARENTS\AppData\Local\Microsoft
    [26/08/2007|10:24] C:\Users\PARENTS\AppData\Local\Microsoft Games
    [14/10/2007|18:51] C:\Users\PARENTS\AppData\Local\Mozilla
    [28/01/2009|21:01] C:\Users\PARENTS\AppData\Local\Opera
    [11/10/2007|18:51] C:\Users\PARENTS\AppData\Local\oxyidtndxh.dat
    [10/12/2009|17:52] C:\Users\PARENTS\AppData\Local\PunkBuster
    [31/01/2008|21:31] C:\Users\PARENTS\AppData\Local\Steam
    [02/02/2010|21:39] C:\Users\PARENTS\AppData\Local\Temp
    [23/08/2007|19:38] C:\Users\PARENTS\AppData\Local\Temporary Internet Files
    [14/10/2007|12:18] C:\Users\PARENTS\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [02/02/2010 21:21][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [02/02/2010 21:18][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [02/02/2010 05:12][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A31F4002-238A-45B7-A55A-161B716BEBE1}.job
    [31/01/2010 13:39][--ah-----] C:\Windows\tasks\SA.DAT
    [31/01/2010 13:37][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [08/01/2009|14:18] C:\ProgramData\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}
    [01/02/2009|13:54] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [08/01/2009|14:16] C:\ProgramData\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
    [08/01/2009|14:16] C:\ProgramData\{D6072FCA-C57E-4A39-92CE-3ABE6C6D694B}
    [04/11/2009|12:22] C:\ProgramData\Adobe
    [18/03/2009|12:31] C:\ProgramData\Ahead
    [13/04/2009|13:13] C:\ProgramData\ALM
    [26/02/2009|22:19] C:\ProgramData\ANGYHDL.txt
    [11/11/2007|19:08] C:\ProgramData\Apple
    [02/03/2008|08:36] C:\ProgramData\Apple Computer
    [02/11/2006|14:02] C:\ProgramData\Application Data
    [04/09/2008|19:36] C:\ProgramData\Avg8
    [01/06/2009|12:52] C:\ProgramData\Avira
    [21/01/2008|20:26] C:\ProgramData\AVS4YOU
    [19/06/2009|19:26] C:\ProgramData\Azureus
    [25/12/2007|02:51] C:\ProgramData\Bluetooth
    [20/04/2008|14:24] C:\ProgramData\BM4ffc8a4f.txt
    [25/04/2008|05:57] C:\ProgramData\BM4ffc8a4f.xml
    [23/08/2007|19:27] C:\ProgramData\Bureau
    [27/08/2007|16:48] C:\ProgramData\BVRP Software
    [20/03/2008|16:32] C:\ProgramData\Creative
    [25/06/2009|19:29] C:\ProgramData\DAEMON Tools Lite
    [02/11/2006|14:02] C:\ProgramData\Desktop
    [02/11/2006|14:02] C:\ProgramData\Documents
    [13/01/2009|17:32] C:\ProgramData\EmailNotifier
    [11/11/2007|19:00] C:\ProgramData\eMule
    [11/03/2009|06:14] C:\ProgramData\ezsidmv.dat
    [23/08/2007|19:27] C:\ProgramData\Favoris
    [02/11/2006|14:02] C:\ProgramData\Favorites
    [16/04/2009|10:45] C:\ProgramData\FLEXnet
    [12/02/2009|19:01] C:\ProgramData\Google
    [23/03/2009|18:33] C:\ProgramData\Google Updater
    [21/10/2008|18:37] C:\ProgramData\Hewlett-Packard
    [31/07/2009|23:24] C:\ProgramData\HP
    [21/10/2008|18:33] C:\ProgramData\HP Product Assistant
    [21/10/2008|18:35] C:\ProgramData\HPSSUPPLY
    [23/09/2009|07:06] C:\ProgramData\hpzinstall.log
    [14/05/2008|19:18] C:\ProgramData\Kaspersky Lab
    [01/10/2008|19:33] C:\ProgramData\Lavasoft
    [31/01/2010|02:59] C:\ProgramData\Malwarebytes
    [23/08/2007|19:27] C:\ProgramData\Menu D‚marrer
    [22/01/2010|23:47] C:\ProgramData\Messenger Plus!
    [23/05/2009|13:27] C:\ProgramData\MGS
    [23/05/2009|13:21] C:\ProgramData\Microgaming
    [06/11/2009|20:34] C:\ProgramData\Microsoft
    [23/08/2007|19:27] C:\ProgramData\ModŠles
    [07/11/2007|19:04] C:\ProgramData\Motive
    [14/10/2007|09:42] C:\ProgramData\Mozilla
    [25/12/2007|01:34] C:\ProgramData\muvee Technologies
    [08/01/2009|14:18] C:\ProgramData\Native Instruments
    [18/03/2009|12:28] C:\ProgramData\Nero
    [05/05/2009|09:45] C:\ProgramData\ntuser.pol
    [12/12/2008|20:47] C:\ProgramData\NVIDIA
    [27/02/2008|00:32] C:\ProgramData\pixelStorm
    [19/11/2009|19:34] C:\ProgramData\Propellerhead Software
    [25/04/2008|06:43] C:\ProgramData\pskt.ini
    [24/01/2010|17:34] C:\ProgramData\Sizeencreal
    [06/12/2009|01:01] C:\ProgramData\Skype
    [01/06/2009|12:55] C:\ProgramData\Spybot - Search & Destroy
    [02/11/2006|14:02] C:\ProgramData\Start Menu
    [09/11/2008|18:03] C:\ProgramData\Symantec
    [27/10/2008|18:57] C:\ProgramData\TEMP
    [02/11/2006|14:02] C:\ProgramData\Templates
    [28/08/2009|10:01] C:\ProgramData\TrackMania
    [19/11/2008|23:05] C:\ProgramData\vlc-0.9.6-win32.exe
    [28/03/2009|14:12] C:\ProgramData\WEBREG
    [20/10/2008|02:15] C:\ProgramData\WindowsSearch
    [16/12/2008|17:54] C:\ProgramData\WLInstaller
    [11/08/2009|01:43] C:\ProgramData\Xfire
    [21/12/2007|23:20] C:\ProgramData\Yahoo! Companion
    [26/02/2009|21:56] C:\ProgramData\ZATNGAH.txt

    --------------------\\ Listing des dossiers dans C:\Program Files

    [27/08/2007|16:49] C:\Program Files\ABBYY FineReader 5.0 Sprint
    [27/08/2007|16:48] C:\Program Files\ABBYY FineReader 6.0
    [25/06/2009|19:46] C:\Program Files\Activision
    [13/04/2009|13:13] C:\Program Files\Adobe
    [01/11/2008|20:25] C:\Program Files\AlienGUIse
    [17/10/2007|19:11] C:\Program Files\Alwil Software
    [11/01/2009|16:54] C:\Program Files\Atlence
    [18/04/2008|11:48] C:\Program Files\Audacity
    [03/03/2009|19:25] C:\Program Files\AutoIt3
    [06/01/2009|20:45] C:\Program Files\AVIConverter
    [01/06/2009|12:52] C:\Program Files\Avira
    [11/12/2008|18:14] C:\Program Files\AviSynth 2.5
    [12/07/2009|12:02] C:\Program Files\AVS4YOU
    [03/06/2008|21:06] C:\Program Files\AVSMedia
    [15/02/2009|23:29] C:\Program Files\BitTorrent
    [16/11/2007|21:09] C:\Program Files\BitTorrent_DNA
    [01/02/2009|13:48] C:\Program Files\Bonjour
    [12/01/2009|21:51] C:\Program Files\CA VMN Anti-Spyware
    [07/11/2008|12:03] C:\Program Files\Cartoonist
    [28/10/2008|19:10] C:\Program Files\CCleaner
    [22/12/2007|16:28] C:\Program Files\CDex_170b2
    [08/03/2009|02:35] C:\Program Files\Cl‚ Internet de prˆt
    [26/02/2008|23:11] C:\Program Files\Club-Internet
    [06/12/2009|01:01] C:\Program Files\Common Files
    [15/11/2008|01:47] C:\Program Files\Conduit
    [09/11/2007|16:49] C:\Program Files\Controle Parental
    [25/12/2007|01:39] C:\Program Files\Creative
    [25/06/2009|19:13] C:\Program Files\DAEMON Tools Lite
    [25/06/2009|19:13] C:\Program Files\DAEMON Tools Toolbar
    [29/10/2009|12:47] C:\Program Files\DivX
    [31/01/2010|13:47] C:\Program Files\DNA
    [28/11/2009|20:05] C:\Program Files\DVDVideoSoft
    [22/10/2008|10:04] C:\Program Files\eMule
    [08/07/2009|00:30] C:\Program Files\eMule2
    [11/12/2008|18:14] C:\Program Files\eRightSoft
    [27/08/2007|16:48] C:\Program Files\FaxTools
    [23/08/2007|19:27] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [16/02/2009|18:31] C:\Program Files\FileZilla FTP Client
    [06/03/2008|22:42] C:\Program Files\Free Audio Pack
    [14/05/2008|19:34] C:\Program Files\Free Easy Burner
    [28/11/2009|20:02] C:\Program Files\Free FLV Converter
    [01/02/2009|10:41] C:\Program Files\GIMP-2.0
    [02/02/2010|21:21] C:\Program Files\Google
    [14/10/2008|20:57] C:\Program Files\Google Hacks
    [16/09/2008|19:29] C:\Program Files\Gravity
    [17/10/2007|08:23] C:\Program Files\Grisoft
    [30/09/2009|18:49] C:\Program Files\groups.im
    [21/10/2008|18:32] C:\Program Files\Hewlett-Packard
    [21/10/2008|18:35] C:\Program Files\HP
    [19/01/2010|13:56] C:\Program Files\IDoser v4
    [22/12/2007|16:14] C:\Program Files\Illustrate
    [13/12/2008|15:03] C:\Program Files\Image-Line
    [18/10/2007|18:46] C:\Program Files\IncrediMail
    [10/10/2009|13:14] C:\Program Files\InstallShield Installation Information
    [31/01/2010|03:09] C:\Program Files\Internet Explorer
    [01/11/2008|20:26] C:\Program Files\Invisible Secrets 4
    [01/02/2009|13:54] C:\Program Files\iPod
    [01/02/2009|13:54] C:\Program Files\iTunes
    [25/12/2007|02:46] C:\Program Files\IVT Corporation
    [30/11/2008|16:20] C:\Program Files\Jasc Software Inc
    [01/05/2009|11:37] C:\Program Files\Java
    [26/04/2009|10:53] C:\Program Files\Kellogg's Asie
    [01/10/2008|19:30] C:\Program Files\Lavasoft
    [01/06/2008|21:12] C:\Program Files\Lexmark X1100 Series
    [22/08/2009|11:05] C:\Program Files\LG Electronics
    [10/10/2009|13:21] C:\Program Files\LG PC Suite II
    [11/11/2007|20:11] C:\Program Files\LimeWire
    [15/11/2008|02:45] C:\Program Files\Lphant
    [15/11/2008|01:47] C:\Program Files\LphantBar
    [31/01/2010|03:00] C:\Program Files\Malwarebytes' Anti-Malware
    [21/01/2010|15:28] C:\Program Files\Messenger Plus! Live
    [10/03/2009|19:42] C:\Program Files\MessengerGroup
    [07/10/2007|17:55] C:\Program Files\Microprose
    [07/11/2009|18:24] C:\Program Files\Microsoft
    [02/11/2007|03:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [02/11/2006|13:37] C:\Program Files\Microsoft Games
    [23/01/2010|03:19] C:\Program Files\Microsoft Silverlight
    [11/06/2008|18:49] C:\Program Files\Microsoft SQL Server Compact Edition
    [27/08/2009|12:27] C:\Program Files\Microsoft WSE
    [18/10/2008|11:12] C:\Program Files\Movie Maker
    [31/01/2010|16:07] C:\Program Files\Mozilla Firefox
    [02/11/2006|13:37] C:\Program Files\MSBuild
    [10/10/2007|17:54] C:\Program Files\MSN Apps
    [10/03/2009|19:42] C:\Program Files\MSN Messenger
    [10/10/2007|17:54] C:\Program Files\MSN Toolbar
    [16/05/2008|02:03] C:\Program Files\MSXML 4.0
    [25/12/2007|01:35] C:\Program Files\muvee Technologies
    [08/01/2009|14:18] C:\Program Files\Native Instruments
    [29/01/2007|06:07] C:\Program Files\Nero
    [24/10/2008|20:30] C:\Program Files\Notepad++
    [12/02/2008|19:36] C:\Program Files\NRJ
    [27/05/2008|14:15] C:\Program Files\OpenOffice.org 2.4
    [28/01/2009|21:00] C:\Program Files\Opera
    [11/01/2010|13:50] C:\Program Files\PhotoFiltre
    [27/11/2008|21:24] C:\Program Files\PowerISO
    [01/02/2009|13:47] C:\Program Files\QuickTime
    [16/10/2008|19:30] C:\Program Files\RAR Password Cracker
    [24/10/2007|17:49] C:\Program Files\Real
    [10/07/2008|19:18] C:\Program Files\Red Storm Entertainment
    [02/11/2006|13:37] C:\Program Files\Reference Assemblies
    [11/05/2008|18:29] C:\Program Files\Registry Mechanic
    [08/11/2007|18:51] C:\Program Files\rnamfler
    [09/09/2007|18:37] C:\Program Files\Rockstar Games
    [16/12/2007|18:30] C:\Program Files\SAGEM
    [21/02/2008|13:58] C:\Program Files\Samsung
    [19/09/2008|18:42] C:\Program Files\SC
    [01/02/2009|01:38] C:\Program Files\SecondLife
    [25/12/2007|01:33] C:\Program Files\SightSpeed
    [06/12/2009|01:01] C:\Program Files\Skype
    [03/10/2008|17:10] C:\Program Files\Spybot - Search & Destroy
    [15/05/2008|20:12] C:\Program Files\Steam
    [31/01/2010|13:48] C:\Program Files\Steam2
    [11/02/2009|15:33] C:\Program Files\TeamViewer
    [25/04/2009|10:54] C:\Program Files\The Cleaner Free
    [20/12/2008|20:55] C:\Program Files\TmNationsForever
    [31/01/2010|20:39] C:\Program Files\trend micro
    [02/11/2006|14:01] C:\Program Files\Uninstall Information
    [27/10/2008|13:19] C:\Program Files\uplink
    [17/09/2008|17:23] C:\Program Files\VideoLAN
    [20/02/2009|19:36] C:\Program Files\VirtualDJ
    [12/01/2009|21:50] C:\Program Files\Visicom Media
    [13/12/2008|15:10] C:\Program Files\VstPlugins
    [23/11/2009|17:27] C:\Program Files\Vuze
    [07/11/2007|18:36] C:\Program Files\Wanadoo
    [18/10/2008|11:12] C:\Program Files\Windows Calendar
    [18/10/2008|11:12] C:\Program Files\Windows Collaboration
    [18/10/2008|11:12] C:\Program Files\Windows Defender
    [18/10/2008|11:12] C:\Program Files\Windows Journal
    [07/11/2009|18:27] C:\Program Files\Windows Live
    [14/01/2010|03:03] C:\Program Files\Windows Mail
    [12/02/2008|19:38] C:\Program Files\Windows Media Components
    [28/10/2009|03:17] C:\Program Files\Windows Media Player
    [23/08/2007|19:27] C:\Program Files\Windows NT
    [18/10/2008|11:12] C:\Program Files\Windows Photo Gallery
    [18/10/2008|11:12] C:\Program Files\Windows Sidebar
    [04/02/2009|13:21] C:\Program Files\WinHTTrack
    [21/12/2008|11:47] C:\Program Files\WinRAR
    [10/12/2009|17:46] C:\Program Files\Wolfenstein - Enemy Territory
    [11/08/2009|01:43] C:\Program Files\Xfire
    [14/10/2007|09:37] C:\Program Files\Xvid
    [21/12/2007|23:16] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [04/11/2009|12:20] C:\Program Files\Common Files\Adobe
    [18/03/2009|12:30] C:\Program Files\Common Files\Ahead
    [01/02/2009|13:54] C:\Program Files\Common Files\Apple
    [11/01/2009|16:54] C:\Program Files\Common Files\Atlence
    [21/01/2008|20:26] C:\Program Files\Common Files\AVSMedia
    [29/10/2009|12:46] C:\Program Files\Common Files\DivX Shared
    [28/11/2009|20:05] C:\Program Files\Common Files\DVDVideoSoft
    [21/10/2008|18:32] C:\Program Files\Common Files\Hewlett-Packard
    [21/10/2008|18:33] C:\Program Files\Common Files\HP
    [11/05/2008|23:42] C:\Program Files\Common Files\InstallShield
    [11/11/2007|18:46] C:\Program Files\Common Files\Java
    [13/04/2009|13:07] C:\Program Files\Common Files\Macrovision Shared
    [09/03/2009|03:00] C:\Program Files\Common Files\microsoft shared
    [07/11/2007|18:37] C:\Program Files\Common Files\Motive
    [25/12/2007|01:35] C:\Program Files\Common Files\muvee Technologies
    [08/01/2009|14:16] C:\Program Files\Common Files\Native Instruments
    [14/10/2007|09:42] C:\Program Files\Common Files\PX Storage Engine
    [24/10/2007|17:50] C:\Program Files\Common Files\Real
    [02/11/2006|12:18] C:\Program Files\Common Files\Services
    [06/12/2009|01:01] C:\Program Files\Common Files\Skype
    [03/06/2008|20:48] C:\Program Files\Common Files\Softwin
    [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
    [05/09/2008|23:18] C:\Program Files\Common Files\Stardock
    [31/12/2009|16:15] C:\Program Files\Common Files\Steam
    [10/07/2008|19:23] C:\Program Files\Common Files\SWF Studio
    [25/04/2008|06:18] C:\Program Files\Common Files\Symantec Shared
    [18/10/2008|11:12] C:\Program Files\Common Files\System
    [16/12/2008|15:03] C:\Program Files\Common Files\Windows Live
    [11/06/2008|18:49] C:\Program Files\Common Files\WindowsLiveInstaller
    [01/10/2008|19:29] C:\Program Files\Common Files\Wise Installation Wizard
    [24/10/2007|17:50] C:\Program Files\Common Files\xing shared

    --------------------\\ Process

    ( 75 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-02-02 21:39:54
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------\\ Recherche d'autres infections

    --------------------\\ ROGUES ..

    C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Spyware-Secure

    --------------------\\ Cracks & Keygens ..

    C:\Users\PARENTS\AppData\Local\Opera\Opera\profile\images\http%3A%2F%2Fwww.downloadcrackserialkeygen.com%2Ffavicon.ico
    C:\Users\PARENTS\AppData\Local\Opera\Opera\profile\images\www.downloadcrackserialkeygen.com.idx
    C:\Users\PARENTS\AppData\Roaming\BitTorrent\FARCRY 2 + CRACK.torrent
    C:\Users\PARENTS\AppData\Roaming\Microsoft\Windows\Recent\Crack_unofficial.drg.lnk
    C:\Users\PARENTS\Desktop\ACCESSOIRES\Rapidshare Database Searcher\Rapidshare Database Searcher\keygen.exe
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me (tuto2)
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me daube(tuto1)
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me daube(tuto1)\readme.txt
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\ollydbg 1.10\CrackGenMe v2.udd
    C:\Users\PARENTS\Desktop\Hacking\dossier de hack\ollydbg 1.10\CrackGenMe#2_keyGen_by_rAsM.udd
    C:\Users\PARENTS\Desktop\truc a joan\Winrar pro\keygen.exe
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Dose Files\Crack.drg
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Dose Files\Unofficial\Crack_unofficial.drg
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\ARCHPR.EXE
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\archpr.log
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\Fui descargado desde
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\readme.txt
    C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\setup.exe
    C:\Users\PARENTS\Favorites\..CRACKWEB...url
    C:\Users\PARENTS\Favorites\video Hack MSN Script By Seboss ! By Nicos11 - habbo, hacking, cracking - videos wideo.url


    [F:545][D:41]-> C:\Users\PARENTS\AppData\Local\Temp
    [F:55][D:1]-> C:\Users\PARENTS\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:561][D:4]-> C:\Users\PARENTS\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:398][D:17]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 02/02/2010|20:00 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 02/02/2010|21:43 - Option : [2]

    --------------------\\ Fin du rapport a 21:43:18
    [ UAC => 1 ]

    a c 267 8 Sécurité
    2 Février 2010 22:08:14

  • Télécharge SystemLook sur ton Bureau.
  • Clique droit sur SystemLook.exe et choisis Exécuter en tant qu'administrateur.
  • Copie-colle le contenu du cadre ci-dessous dans la zone texte de SystemLook :

    :dir
    C:\ProgramData\Sizeencreal

  • Clique sur le bouton Look pour démarrer l'examen.
  • A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
    Note : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt
    3 Février 2010 13:53:29

    analyse SystemLook:

    SystemLook v1.0 by jpshortstuff (11.01.10)
    Log created at 13:52 on 03/02/2010 by PARENTS (Administrator - Elevation successful)

    ========== dir ==========

    C:\ProgramData\Sizeencreal - Parameters: "(none)"

    ---Files---
    Hope error anti.exe --a--- 442368 bytes [11:07 03/12/2009] [11:07 03/12/2009]

    ---Folders---
    None found.

    -=End Of File=-
    a c 267 8 Sécurité
    3 Février 2010 14:51:24

    C'est bien un dossier Lop/Swizzor.

  • Refais un scan RSIT et poste le rapport log.
    3 Février 2010 15:29:13

    contenu de log.txt:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by PARENTS at 2010-02-03 15:27:11
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 60 GB (26%) free of 233 GB
    Total RAM: 2046 MB (42% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:27:30, on 03/02/2010
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18385)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\conime.exe
    C:\Windows\V0420Mon.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Windows\System32\rundll32.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Windows\System32\wpcumi.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\DNA\btdna.exe
    C:\Users\PARENTS\AppData\Local\Clavier+\Clavier.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe
    C:\Program Files\Opera\opera.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\PARENTS\Desktop\RSIT.exe
    C:\Program Files\trend micro\PARENTS.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
    O3 - Toolbar: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} - (no file)
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam2\Steam.exe" -silent
    O4 - HKCU\..\Run: [Clavier+] C:\Users\PARENTS\AppData\Local\Clavier+\Clavier.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Program Files\Opera\Program\Plugins\NPSWF32_FlashUtil.exe -p
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O13 - Gopher Prefix:
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpld...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://11lolori11.spaces.live.com/PhotoUpload/VistaMsnP...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe

    --
    End of file - 12652 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    C:\Windows\tasks\User_Feed_Synchronization-{A31F4002-238A-45B7-A55A-161B716BEBE1}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6b284373-1765-4464-a587-80fbc2b2eefa}]
    LphantBar Toolbar - C:\Program Files\LphantBar\tbLpha.dll [2008-09-15 1784856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-02-12 251504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-02-12 657904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-02-12 522224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]
    {6b284373-1765-4464-a587-80fbc2b2eefa} - LphantBar Toolbar - C:\Program Files\LphantBar\tbLpha.dll [2008-09-15 1784856]
    {A057A204-BACC-4D26-8287-79A187E26987}
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-02-12 251504]


    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "V0420Mon.exe"=C:\Windows\V0420Mon.exe [2007-04-30 32768]
    "RegistryMechanic"= []
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
    "PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
    "NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-05-28 570664]
    "AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
    "WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
    "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    ""= []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-24 68856]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2010-01-31 323392]
    "Speech Recognition"=C:\Windows\Speech\Common\sapisvr.exe [2008-01-19 49664]
    "Steam"=C:\Program Files\Steam2\Steam.exe [2009-10-28 1217808]
    "Clavier+"=C:\Users\PARENTS\AppData\Local\Clavier+\Clavier.exe [2007-10-21 88576]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
    "Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-10-09 25623336]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "FlashPlayerUpdate"=C:\Program Files\Opera\Program\Plugins\NPSWF32_FlashUtil.exe [2009-07-18 257440]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnumanLive]
    C:\Users\PARENTS\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe [2007-10-30 347136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Live! Cam Manager]
    C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2007-06-07 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
    C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwhypbpydz]
    c:\users\parents\appdata\local\mwhypbpydz.exe mwhypbpydz []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
    C:\Program Files\Spyware Doctor\SDTrayApp.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
    C:\Program Files\Shareaza\Shareaza.exe -tray []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
    C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    C:\Program Files\Steam\Steam.exe -silent []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-24 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
    C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2009-02-27 542096]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
    C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2009-10-03 35696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
    C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~1.EXE [2008-10-10 161264]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Users\PARENTS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    Club Internet.lnk - C:\Program Files\Club-Internet\Lanceur\lanceur.exe
    OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="wbsys.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
    C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "RunStartupScriptSync"=1
    "LogonHoursAction"=2
    "DontDisplayLogonHoursWarnings"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "FilterAdministratorToken"=1
    "RunStartupScriptSync"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c27af1b-ac0b-11dc-a2d0-001a922cce5e}]
    shell\AutoRun\command - L:\usb\run.bat

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4b2f128-51a5-11dc-bd95-806e6f6e6963}]
    shell\AutoRun\command - F:\autorun.bat


    ======List of files/folders created in the last 1 months======

    2010-02-02 19:56:48 ----A---- C:\lopR.txt
    2010-02-02 19:55:39 ----D---- C:\Lop SD
    2010-01-31 20:39:12 ----D---- C:\Program Files\trend micro
    2010-01-31 20:39:11 ----D---- C:\rsit
    2010-01-31 13:36:20 ----D---- C:\Ad-Remover
    2010-01-31 03:00:06 ----D---- C:\Users\PARENTS\AppData\Roaming\Malwarebytes
    2010-01-31 02:59:57 ----D---- C:\ProgramData\Malwarebytes
    2010-01-31 02:59:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-01-22 10:56:57 ----A---- C:\Windows\system32\wininet.dll
    2010-01-22 10:56:57 ----A---- C:\Windows\system32\occache.dll
    2010-01-22 10:56:57 ----A---- C:\Windows\system32\mshtml.dll
    2010-01-22 10:56:56 ----A---- C:\Windows\system32\urlmon.dll
    2010-01-22 10:56:55 ----A---- C:\Windows\system32\ieframe.dll
    2010-01-22 10:56:54 ----A---- C:\Windows\system32\msfeeds.dll
    2010-01-22 10:56:54 ----A---- C:\Windows\system32\iertutil.dll
    2010-01-22 10:56:54 ----A---- C:\Windows\system32\iedkcs32.dll
    2010-01-22 10:56:54 ----A---- C:\Windows\system32\ieapfltr.dll
    2010-01-22 10:56:53 ----A---- C:\Windows\system32\mstime.dll
    2010-01-22 10:56:53 ----A---- C:\Windows\system32\ieUnatt.exe
    2010-01-22 10:56:53 ----A---- C:\Windows\system32\iepeers.dll
    2010-01-22 10:56:53 ----A---- C:\Windows\system32\ieencode.dll
    2010-01-22 10:56:53 ----A---- C:\Windows\system32\ieaksie.dll
    2010-01-22 10:56:52 ----A---- C:\Windows\system32\jsproxy.dll
    2010-01-19 13:56:49 ----D---- C:\Program Files\IDoser v4
    2010-01-13 09:49:03 ----A---- C:\Windows\system32\t2embed.dll
    2010-01-13 09:49:03 ----A---- C:\Windows\system32\fontsub.dll
    2010-01-11 13:50:33 ----D---- C:\Users\PARENTS\AppData\Roaming\PhotoFiltre
    2010-01-11 13:50:28 ----D---- C:\Program Files\PhotoFiltre
    2010-01-11 13:48:27 ----A---- C:\Windows\Instaler Setup Log.txt
    2010-01-05 16:39:25 ----D---- C:\Rummy Royal

    ======List of files/folders modified in the last 1 months======

    2010-02-03 15:27:30 ----D---- C:\Windows\TEMP
    2010-02-03 15:27:16 ----D---- C:\Windows\Prefetch
    2010-02-03 15:24:35 ----D---- C:\Users\PARENTS\AppData\Roaming\DNA
    2010-02-03 12:47:21 ----D---- C:\Windows\tracing
    2010-02-03 01:36:33 ----SHD---- C:\System Volume Information
    2010-02-02 22:25:00 ----D---- C:\Windows\System32
    2010-02-02 22:25:00 ----D---- C:\Windows\inf
    2010-02-02 22:25:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2010-02-02 21:39:44 ----RD---- C:\Program Files
    2010-02-02 21:39:44 ----HD---- C:\ProgramData
    2010-02-02 21:21:42 ----SHD---- C:\Windows\Installer
    2010-02-02 21:21:16 ----D---- C:\Program Files\Google
    2010-01-31 16:07:35 ----D---- C:\Program Files\Mozilla Firefox
    2010-01-31 13:48:32 ----D---- C:\Program Files\Steam2
    2010-01-31 13:48:15 ----D---- C:\Users\PARENTS\AppData\Roaming\OpenOffice.org2
    2010-01-31 13:47:07 ----D---- C:\Program Files\DNA
    2010-01-31 13:27:30 ----D---- C:\Windows\system32\drivers
    2010-01-31 13:26:38 ----D---- C:\Windows\system32\catroot2
    2010-01-31 03:09:36 ----D---- C:\Program Files\Internet Explorer
    2010-01-31 02:35:13 ----D---- C:\Windows
    2010-01-29 10:47:34 ----D---- C:\Windows\system32\Macromed
    2010-01-24 17:34:01 ----D---- C:\ProgramData\Sizeencreal
    2010-01-23 03:19:10 ----D---- C:\Program Files\Microsoft Silverlight
    2010-01-23 03:02:15 ----D---- C:\Windows\winsxs
    2010-01-22 23:47:41 ----D---- C:\ProgramData\Messenger Plus!
    2010-01-22 10:54:21 ----D---- C:\Windows\system32\catroot
    2010-01-21 15:28:59 ----D---- C:\Program Files\Messenger Plus! Live
    2010-01-21 03:10:49 ----SHD---- C:\$Recycle.Bin
    2010-01-20 15:44:47 ----D---- C:\Users\PARENTS\AppData\Roaming\BitTorrent
    2010-01-20 08:00:15 ----D---- C:\Users\PARENTS\AppData\Roaming\skypePM
    2010-01-18 23:30:17 ----D---- C:\Users\PARENTS\AppData\Roaming\Skype
    2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
    2010-01-14 03:03:34 ----D---- C:\Program Files\Windows Mail
    2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
    R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-10-15 371248]
    R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2007-12-24 111632]
    R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]
    R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
    R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
    R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2006-11-22 34576]
    R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2006-11-22 27792]
    R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2006-11-22 18320]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
    R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-24 50688]
    R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
    R3 V0420VID;Live! Cam Vista IM (VF0420); C:\Windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 99648]
    R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2006-11-22 34448]
    R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2006-11-22 44304]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
    S1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080421.002\IDSvix86.sys []
    S1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
    S3 ad00qzf1;ad00qzf1; C:\Windows\system32\drivers\ad00qzf1.sys []
    S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
    S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
    S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2006-11-22 33936]
    S3 catchme;catchme; \??\C:\TRISTAN\catchme.sys []
    S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
    S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
    S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-04-05 19712]
    S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
    S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-04-05 18304]
    S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
    S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080421.003\NAVENG.SYS []
    S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080421.003\NAVEX15.SYS []
    S3 Nokia USB Generic;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2005-10-13 8704]
    S3 Nokia USB Modem;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2005-10-13 12800]
    S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2005-10-13 124928]
    S3 PCAMPR4;PCAMPR4 NDIS Protocol Driver; \??\C:\Windows\system32\PCAMPR4.SYS []
    S3 PCANDIS4;PCANDIS4 NDIS Protocol Driver; \??\C:\Windows\system32\PCANDIS4.SYS []
    S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
    S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
    S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2007-12-25 123952]
    S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-02-18 30464]
    S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
    S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
    S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
    S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
    S3 vtany;vtany; \??\C:\Windows\vtany.sys []
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
    S3 xhunter1;xhunter1; \??\C:\Windows\xhunter1.sys [2009-08-11 50688]
    S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-07-08 103936]
    S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-07-08 103936]
    S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-07-08 103936]
    S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-05-11 247808]
    S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
    S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-01 611664]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 LexBceS;LexBce Server; C:\Windows\System32\LEXBCES.EXE [2003-08-18 303104]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
    R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-12-10 75064]
    R2 TeamViewer4;TeamViewer 4; C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [2009-01-28 185640]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
    R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
    S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-26 135664]
    S2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2007-02-19 47712]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-13 655624]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-12-30 321320]

    -----------------EOF-----------------

    a c 267 8 Sécurité
    3 Février 2010 15:43:32

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :reg
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c27af1b-ac0b-11dc-a2d0-001a922cce5e}]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4b2f128-51a5-11dc-bd95-806e6f6e6963}]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwhypbpydz]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{A057A204-BACC-4D26-8287-79A187E26987}"=-

    :files
    C:\ProgramData\Sizeencreal

    :commands
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    3 Février 2010 16:09:28

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== REGISTRY ==========
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c27af1b-ac0b-11dc-a2d0-001a922cce5e}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c27af1b-ac0b-11dc-a2d0-001a922cce5e}\ not found.
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4b2f128-51a5-11dc-bd95-806e6f6e6963}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4b2f128-51a5-11dc-bd95-806e6f6e6963}\ not found.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwhypbpydz\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{A057A204-BACC-4D26-8287-79A187E26987} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-8287-79A187E26987}\ not found.
    ========== FILES ==========
    C:\ProgramData\Sizeencreal folder moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: BENJAMIN
    ->Temp folder emptied: 2794843 bytes
    ->Temporary Internet Files folder emptied: 66456808 bytes
    ->Java cache emptied: 13690324 bytes
    ->Opera cache emptied: 10137340 bytes

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: laurie
    ->Temp folder emptied: 499875 bytes
    ->Temporary Internet Files folder emptied: 54101131 bytes

    User: PARENTS
    ->Temp folder emptied: 49791023 bytes
    ->Temporary Internet Files folder emptied: 6349159 bytes
    ->Java cache emptied: 79060472 bytes
    ->FireFox cache emptied: 129738701 bytes
    ->Google Chrome cache emptied: 9016507 bytes
    ->Opera cache emptied: 436197433 bytes

    User: Public

    User: TOKEN
    ->Temp folder emptied: 46290665 bytes
    ->Temporary Internet Files folder emptied: 98664236 bytes
    ->FireFox cache emptied: 11426117 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 1966559 bytes
    %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1984657 bytes
    %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 7620214 bytes
    RecycleBin emptied: 724279693 bytes

    Total Files Cleaned = 1 669,00 mb


    OTM by OldTimer - Version 3.1.7.1 log created on 02032010_155622

    Files moved on Reboot...
    File move failed. C:\Users\TOKEN\AppData\Local\Temp\hsperfdata_TOKEN\1708 scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
    3 Février 2010 16:31:17

    plus de soucis :bounce:  merci beaucoup simpa de ta part :D 
    a c 267 8 Sécurité
    3 Février 2010 16:39:36

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Clique droit sur ToolsCleaner2.exe et choisis Exécuter en tant qu'administrateur.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Réactive l'UAC si ce n'est pas déjà fait.

    Pour supprimer les popups d'AntiVir : Lien

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    3 Février 2010 17:18:30

    raport tools cleaner2:

    [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\Combofix.txt: trouvé !
    C:\lopR.txt: trouvé !
    C:\Lop SD: trouvé !
    C:\Qoobox: trouvé !
    C:\_OTM: trouvé !
    C:\Rsit: trouvé !
    C:\Ad-remover: trouvé !
    C:\Lop SD\catchme.exe: trouvé !
    C:\Lop SD\catchme.log: trouvé !
    C:\Program Files\trend micro\HijackThis.exe: trouvé !
    C:\Program Files\trend micro\hijackthis.log: trouvé !
    C:\QooBox\Quarantine\catchme.log: trouvé !
    a c 267 8 Sécurité
    3 Février 2010 17:43:23

    Tu n'as pas cliqué sur Suppression apparemment.
    3 Février 2010 18:45:49

    --> Suppression:

    C:\Lop SD\catchme.exe: supprimé !
    C:\Program Files\trend micro\HijackThis.exe: ERREUR DE SUPPRESSION !!
    C:\Combofix.txt: ERREUR DE SUPPRESSION !!
    C:\lopR.txt: ERREUR DE SUPPRESSION !!
    C:\Lop SD\catchme.log: supprimé !
    C:\Program Files\trend micro\hijackthis.log: ERREUR DE SUPPRESSION !!
    C:\QooBox\Quarantine\catchme.log: supprimé !
    C:\Lop SD: supprimé !
    C:\Qoobox: ERREUR DE SUPPRESSION !!
    C:\_OTM: supprimé !
    C:\Rsit: supprimé !
    C:\Ad-remover: supprimé !
    a c 267 8 Sécurité
    3 Février 2010 18:48:02

    Tu peux supprimer ToolsCleaner.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS