Votre question

Virus dans le systéme

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
17 Janvier 2010 20:52:38

Bonjour, depuis quelque temps j'ai des page de pub qui s'affiche quand je surf sur internet, je décide donc de lancer avast. Il trouve alors un virus dans le système 32, et si je veux le mettre en quarantaine, cela éteint mon ordinateur pour protéger les données, et si je fais continuer, il trouve un autre virus dans le système et me demande de redémarrer pour qu'il fasse un scan, mais sans effet (je l'ai fait 3 fois, toujours les deux virus)
Je suis sous windows vista et j'ai spybot et avast comme protection

Voici mon scan hijck this:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:28:33, on 17/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Users\Thibault\Desktop\jeux\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [{fc61cf35-9015-2adf-5bac-c510f741fd93}] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\wivkrfqhzvboopcq.dll" DllStart
O4 - HKLM\..\Run: [Turbine Download Manager Tray Icon] "C:\Program Files\Turbine\Turbine Download Manager\TurbineDownloadManagerIcon.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [NeroRebootSetup] "C:\Users\Thibault\AppData\Local\Temp\nro.tmp\SetupX.exe" SC -Reboot PIINSTALLTYPE="0"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [{ADF9B913-9AC8-9032-7400-095C6B2A74D2}] C:\Users\Thibault\AppData\Roaming\server.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [vfncme] "c:\users\thibault\appdata\local\vfncme.exe" vfncme
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: ashDisp - Raccourci.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O8 - Extra context menu item: Add to &Teleport - C:\Program Files\Teleport Pro\teleport.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.laredoute.fr
O15 - Trusted Zone: http://www.paypal.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

--
End of file - 10784 bytes

Autres pages sur : virus systeme

a c 304 8 Sécurité
17 Janvier 2010 21:09:43

Bonjour,

Il y a plusieurs infections sur ce PC.

  • Désinstalle Favorit.

  • Désactive l'UAC le temps de la désinfection.
  • Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
  • Double-clique sur Navilog1.exe pour le lancer.
    (Sous Vista, clique droit sur Navilog1 et choisis Exécuter en tant qu'administrateur)
  • Appuie sur 1 puis valide avec Entrée pour choisir Français.
  • Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
  • Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
  • Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
  • Patiente jusqu'au message : *** Scan terminé le ..... ***
  • Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le rapport dans ta prochaine réponse.
  • Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\cleannavi.txt
    17 Janvier 2010 21:42:07

    merci de ton aide, voici le rapport du scan:

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Thibault ( Administrator )
    BOOT : Normal boot




    C:\ (Local Disk) - NTFS - Total:328 Go (Free:57 Go)
    D:\ (Local Disk) - NTFS - Total:7 Go (Free:0 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (CD or DVD)
    K:\ (CD or DVD)


    Recherche executée en mode normal

    Nettoyage exécuté au redémarrage de l'ordinateur


    C:\Program Files\Live-Player supprimé !
    c:\progra~2\micros~1\windows\startm~1\programs\Live-Player supprimé !
    c:\users\thibault\appdata\local\virtua~1\progra~1\Live-Player supprimé !
    C:\Users\Thibault\AppData\Roaming\Live-Player supprimé !
    C:\Windows\prefetch\GAMEOVERLAYUI.EXE-B60F837D.pf supprimé !
    C:\Users\Thibault\AppData\Local\utssygf.dat supprimé !
    C:\Users\Thibault\AppData\Local\utssygf_navps.dat supprimé !


    Nettoyage contenu C:\Windows\Temp effectué !
    Nettoyage contenu C:\Users\Thibault\AppData\Local\Temp effectué !


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok




    *** Scan terminé 17/01/2010 21:39:20,31 ***
    Contenus similaires
    a c 304 8 Sécurité
    17 Janvier 2010 22:30:50

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\Rsit.
    18 Janvier 2010 17:49:13

    voila le log.txt:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Thibault at 2010-01-18 17:40:15
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 58 GB (17%) free of 336 GB
    Total RAM: 2046 MB (46% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:40:28, on 18/01/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Windows\System32\LEXBCES.EXE
    C:\Windows\System32\LEXPPS.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\AskBarDis\bar\bin\AskService.exe
    C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\Windows\system32\PnkBstrA.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
    C:\Windows\system32\schtasks.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Users\Thibault\Desktop\jeux\RSIT.exe
    C:\hp\kbd\kbd.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\trend micro\Thibault.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
    O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll
    O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [{fc61cf35-9015-2adf-5bac-c510f741fd93}] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\wivkrfqhzvboopcq.dll" DllStart
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
    O4 - HKCU\..\Run: [{ADF9B913-9AC8-9032-7400-095C6B2A74D2}] C:\Users\Thibault\AppData\Roaming\server.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: ashDisp - Raccourci.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    O8 - Extra context menu item: Add to &Teleport - C:\Program Files\Teleport Pro\teleport.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://www.laredoute.fr
    O15 - Trusted Zone: http://www.paypal.fr
    O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} -
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} -
    O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
    O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

    --
    End of file - 15023 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{A072B724-1895-4BC5-9A2A-3F81BDAE87E2}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E896FCA-D07E-45FE-901F-6A26FCF59C02}]
    Iminent.SearchTheWeb.HelperObject - C:\Windows\system32\mscoree.dll [2009-03-30 278848]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2007-08-31 1122128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
    UrlHelper Class - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll [2009-05-04 398776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-09 263280]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-23 764912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {E0E899AB-F487-11D5-8D29-0050BA6940E3}
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
    {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-09 263280]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]
    "{fc61cf35-9015-2adf-5bac-c510f741fd93}"=C:\Windows\system32\wivkrfqhzvboopcq.dll DllStart []
    "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe []
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "Lexmark X74-X75"=C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe []
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-08 13683232]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-08 92704]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
    "hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
    "KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
    "OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
    "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24 71176]
    "SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-04-07 54936]
    "HP Software Update"=c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    ""= []
    "NvSvc"=C:\Windows\system32\nvsvc.dll [2009-03-08 641568]
    "LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984]
    "LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-10-25 2178832]
    "SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208]
    "ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400]
    "EoEngine"= []

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"=C:\Windows\SMINST\launcher.exe [2007-04-03 44168]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2007-08-31 1460560]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-21 39408]
    "PlayNC Launcher"= []
    "VistaStartMenu"=C:\Program Files\Vista Start Menu\VistaStartMenu.exe [2009-12-04 2752856]
    "{ADF9B913-9AC8-9032-7400-095C6B2A74D2}"=C:\Users\Thibault\AppData\Roaming\server.exe [2009-10-04 1469382]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    C:\Users\Thibault\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    ashDisp - Raccourci.lnk - C:\Program Files\Alwil Software\Avast4\ashDisp.exe

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
    "C:\Program Files\Combat Arms\CombatArms.exe"="C:\Program Files\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Program Files\Combat Arms\Engine.exe"="C:\Program Files\Combat Arms\Engine.exe:*Enabled:Engine.exe"
    "C:\Program Files\Combat Arms EU\CombatArms.exe"="C:\Program Files\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Program Files\Combat Arms EU\Engine.exe"="C:\Program Files\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45457181-b2e0-11dc-ade1-001bb9f1457f}]
    shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\demarrer.html

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e008809e-3c90-11de-a9cd-001bb9f1457f}]
    shell\AutoRun\command - K:\AutoRun.exe


    ======List of files/folders created in the last 1 months======

    2010-01-18 17:40:16 ----D---- C:\Program Files\trend micro
    2010-01-18 17:40:15 ----D---- C:\rsit
    2010-01-17 21:35:05 ----A---- C:\cleannavi.txt
    2010-01-17 21:34:52 ----D---- C:\Program Files\Navilog1
    2010-01-17 21:32:23 ----HD---- C:\Program Files\winlogon
    2010-01-17 17:50:28 ----D---- C:\Program Files\Mumble
    2010-01-17 17:49:40 ----D---- C:\Users\Thibault\AppData\Roaming\Mumble
    2010-01-17 14:12:19 ----HDC---- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
    2010-01-17 14:12:00 ----D---- C:\ProgramData\Lavasoft
    2010-01-17 14:12:00 ----D---- C:\Program Files\Lavasoft
    2010-01-17 14:06:31 ----D---- C:\Program Files\CleanUp!
    2010-01-15 23:11:16 ----D---- C:\Windows\system32\MpEngineStore
    2010-01-14 17:52:11 ----A---- C:\Windows\system32\MRT.INI
    2010-01-13 18:28:29 ----A---- C:\Windows\system32\t2embed.dll
    2010-01-13 18:28:29 ----A---- C:\Windows\system32\fontsub.dll
    2009-12-29 20:38:40 ----D---- C:\Program Files\Steam
    2009-12-29 14:34:34 ----A---- C:\Windows\tmp.tmp.tmp
    2009-12-29 14:01:08 ----H---- C:\Users\Thibault\AppData\Roaming\server.exe
    2009-12-29 13:18:10 ----D---- C:\Program Files\Teleport Pro
    2009-12-26 15:01:36 ----D---- C:\Users\Thibault\AppData\Roaming\SQLyog
    2009-12-26 15:01:26 ----D---- C:\Program Files\SQLyog Enterprise Trial
    2009-12-26 14:40:01 ----D---- C:\Program Files\IntelliTamper
    2009-12-26 13:46:52 ----A---- C:\Windows\system32\libmysql_d.dll
    2009-12-26 13:46:50 ----D---- C:\Program Files\PremiumSoft
    2009-12-26 13:42:31 ----D---- C:\wamp
    2009-12-25 18:02:57 ----D---- C:\Program Files\JAP
    2009-12-25 17:41:15 ----D---- C:\Users\Thibault\AppData\Roaming\Hide IP NG
    2009-12-25 17:31:09 ----D---- C:\Program Files\Steganos Secure FileSharing 6
    2009-12-25 17:18:20 ----D---- C:\Program Files\AnalogX
    2009-12-25 16:12:25 ----D---- C:\Users\Thibault\AppData\Roaming\BITS
    2009-12-25 16:11:54 ----D---- C:\profiles
    2009-12-25 16:11:43 ----D---- C:\Program Files\FlashGet Network
    2009-12-21 19:35:27 ----D---- C:\Program Files\LogMeIn Hamachi

    ======List of files/folders modified in the last 1 months======

    2010-01-18 17:40:28 ----D---- C:\Windows\Prefetch
    2010-01-18 17:40:20 ----D---- C:\Windows\Temp
    2010-01-18 17:40:16 ----D---- C:\Program Files
    2010-01-18 17:38:50 ----D---- C:\Program Files\Mozilla Firefox
    2010-01-18 17:38:00 ----D---- C:\Windows\SMINST
    2010-01-17 18:32:11 ----SD---- C:\Users\Thibault\AppData\Roaming\Microsoft
    2010-01-17 17:50:34 ----D---- C:\Windows\winsxs
    2010-01-17 14:39:10 ----D---- C:\Windows\system32\config
    2010-01-17 14:38:58 ----D---- C:\Windows\Tasks
    2010-01-17 14:38:58 ----D---- C:\Windows\system32\spool
    2010-01-17 14:38:58 ----D---- C:\Windows\system32\Msdtc
    2010-01-17 14:38:58 ----D---- C:\Windows\system32\drivers
    2010-01-17 14:38:58 ----D---- C:\Windows\system32\catroot2
    2010-01-17 14:38:58 ----D---- C:\Windows\System32
    2010-01-17 14:38:58 ----D---- C:\Windows\inf
    2010-01-17 14:38:58 ----D---- C:\Windows
    2010-01-17 14:38:57 ----D---- C:\Windows\system32\wbem
    2010-01-17 14:38:57 ----D---- C:\Windows\registration
    2010-01-17 14:14:57 ----SHD---- C:\Windows\Installer
    2010-01-17 14:14:07 ----D---- C:\Windows\system32\catroot
    2010-01-17 14:12:19 ----D---- C:\ProgramData
    2010-01-17 13:03:33 ----SHD---- C:\System Volume Information
    2010-01-16 21:39:48 ----D---- C:\Users\Thibault\AppData\Roaming\Vista Start Menu
    2010-01-14 17:52:25 ----D---- C:\Program Files\Windows Mail
    2010-01-14 17:47:51 ----D---- C:\Windows\Debug
    2010-01-10 11:18:28 ----D---- C:\Program Files\Common Files\Steam
    2010-01-09 10:33:13 ----D---- C:\Program Files\Dofus
    2010-01-09 10:00:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2010-01-08 20:59:36 ----D---- C:\Program Files\MessengerDiscovery
    2010-01-08 17:24:08 ----D---- C:\Program Files\Warcraft III
    2010-01-08 17:14:47 ----A---- C:\Windows\system32\PnkBstrB.exe
    2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
    2010-01-04 18:26:34 ----SD---- C:\Windows\Downloaded Program Files
    2009-12-29 20:57:15 ----D---- C:\Windows\Minidump
    2009-12-29 14:00:30 ----D---- C:\Users\Thibault\AppData\Roaming\Azureus
    2009-12-25 16:38:11 ----D---- C:\Downloads
    2009-12-21 14:54:35 ----D---- C:\Program Files\Vuze
    2009-12-21 11:31:36 ----D---- C:\Users\Thibault\AppData\Roaming\Tropico 3
    2009-12-20 16:49:06 ----D---- C:\Nexon
    2009-12-19 19:44:42 ----D---- C:\Program Files\Common Files

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
    R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
    R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-11 1793880]
    R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624]
    R3 netr73;Linksys Compact Wireless-G USB Adapter Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2006-12-29 247808]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-03 1065384]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-08 7745696]
    R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
    S1 samuucjx;samuucjx; \??\C:\Windows\system32\drivers\samuucjx.sys [2010-01-15 30784]
    S2 zntport;NTPort Library Driver; \??\C:\Windows\system32\zntport.sys []
    S3 ahwkalp2;ahwkalp2; C:\Windows\system32\drivers\ahwkalp2.sys []
    S3 az76ctj1;az76ctj1; C:\Windows\system32\drivers\az76ctj1.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
    S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976]
    S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
    S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
    S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2009-11-07 32768]
    S3 UMPass;Pilote Microsoft UMPass; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-19 7680]
    S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
    S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
    S3 WINIO;WINIO; \??\C:\Program Files\Speed Gear\winio.sys []
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
    S3 xnacc;Contrôleur XBOX 360 pour le service de pilote Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2008-01-19 521216]
    S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 56448]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-12-09 464264]
    R2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-09 234888]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
    R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
    R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-05-24 61440]
    R2 LexBceS;LexBce Server; C:\Windows\System32\LEXBCES.EXE [2002-10-14 303104]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-04-13 73728]
    R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904]
    R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-08 207392]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-11-30 75064]
    R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 600912]
    R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
    S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]
    S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-04-16 69120]
    S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-01 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-05-11 887544]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-01-09 321320]
    S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-05-03 74656]
    S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
    S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]

    -----------------EOF-----------------
    18 Janvier 2010 17:50:38

    et le info.txt :

    info.txt logfile of random's system information tool 1.06 2010-01-18 17:40:31

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
    3xi hacks 1.2-->C:\Nexon\Combat Arms\Uninstall.exe
    7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
    ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
    Adobe Acrobat 4.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
    Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 8.1.6 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
    adsl TV-->C:\Program Files\adsltv\Uninstal.exe
    Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
    Adzgalore Games Collection-->C:\Program Files\Adzgalore Games Collection\uninstall.exe
    Age of Chivalry-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17510
    Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
    ALO AVI MPEG WMV 3GP MP4 iPod PSP Converter 6.3-->"C:\Program Files\ALO SOFT\ALO AVI MPEG WMV 3GP MP4 iPod PSP Converter\unins000.exe"
    AnalogX Proxy-->C:\Program Files\AnalogX\Proxy\proxyu.exe
    Ask.com Search Assistant 1.0.1-->C:\Program Files\Ask Search Assistant\uninst.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
    BearShare-->"C:\Program Files\BearShare Applications\BearShare\UninstallSurvey.exe" "C:\Program Files\BearShare Applications\BearShare\UnwiseLauncher.exe" /A "C:\Program Files\BearShare Applications\BearShare\INSTALL.LOG"
    Browser Optimizer Adzgalore-->C:\Windows\system32\adzgalore-remove.exe
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Combat Arms EU-->"C:\ProgramData\NexonEU\NGM\NGM.exe" -mode:uninstall -dll:ngm.nexoneu.com/cbangm/NGM/Bin/NGMDll.dll -game:50340359 -locale:EU
    Cossacks II-->C:\Program Files\GSC Game World\Cossacks II\uninstall.exe
    Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
    Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
    Dev-C++ 5 beta 9 release (4.9.9.2)-->"C:\Dev-Cpp\uninstall.exe"
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Dofus 1.28.0-->C:\Program Files\Dofus\uninstall.exe
    Dofus-->msiexec /qb /x {5EBF7AAB-98C5-2C43-0844-4BD9B9FCA7AD}
    Dofus-->MsiExec.exe /I{5EBF7AAB-98C5-2C43-0844-4BD9B9FCA7AD}
    Dofus-Arena-->C:\Program Files\DofusArena2\uninstall.exe
    DofusBeta 1.27.0-->C:\Program Files\DofusBeta\uninstall.exe
    DolbyFiles-->MsiExec.exe /X{b1adf008-e898-4fe2-8a1f-690d9a06acaf}
    Enhancement Browser Tools Cpmsky-->C:\Windows\system32\zdqgxykpeajxlxvo.exe
    EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
    FIFA 09-->MsiExec.exe /X{2315B23D-3E21-4920-837D-AE6460934ECB}
    FUJIFILM FinePixViewer S Ver.2.1-->C:\Program Files\InstallShield Installation Information\{88B32652-CAE0-4909-A463-5840D2689D93}\setup.exe -runfromtemp -l0x040c -removeonly
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    Harry Potter et la Coupe de Feu™-->C:\Program Files\Electronic Arts\Harry Potter et la Coupe de Feu\EAUninstall.exe
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    HP Active Support Library 32 bit components-->MsiExec.exe /I{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}
    HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}\setup.exe -runfromtemp -l0x0409
    HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
    HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
    HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
    HP On-Screen Cap/Num/Scroll Lock Indicator-->C:\Windows\system32\OsdRemove.exe
    HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
    HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
    HP Total Care Advisor-->MsiExec.exe /X{0DDA7620-4F8B-43B3-8828-CA5EE292FA3B}
    HP Update-->MsiExec.exe /X{11B83AD3-7A46-4C2E-A568-9505981D4C6F}
    HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
    HyperCam 2-->"C:\Program Files\HyCam2\UnHyCam2.exe"
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    Insurgency-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17700
    IsoBuster 2.5-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
    JAP-->C:\Program Files\JAP\uninstall.exe
    Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    K-Lite Codec Pack 4.0.0 (Standard)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    La Bataille pour la Terre du Milieu(tm)-->C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu(tm)\EAUninstall.exe
    La Bataille pour la Terre du Milieu™ II-->C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\EAUninstall.exe
    L'Avènement du Roi-sorcier™-->C:\Program Files\Electronic Arts\L'Avènement du Roi-sorcier\EAUninstall.exe
    Le Seigneur des Anneaux® - L’Age des Conquêtes™-->MsiExec.exe /X{628C3D50-F524-4C49-A958-672CE7953756}
    Left 4 Dead-->"C:\Program Files\Steam\steam.exe" steam://uninstall/500
    LightScribe System Software-->MsiExec.exe /X{2EC502F7-CBB0-44F8-8F5D-C9A6FC1E5A2A}
    Logitech QuickCam-->MsiExec.exe /X{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}
    LogMeIn Hamachi-->C:\Windows\system32\\msiexec.exe /i {067EC517-9731-43FD-B4D5-296EE0027BBB} REMOVE=ALL
    LogMeIn Hamachi-->MsiExec.exe /I{067EC517-9731-43FD-B4D5-296EE0027BBB}
    Magic ISO Maker v5.5 (build 0276)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
    Menu Templates - Starter Kit-->MsiExec.exe /X{b78120a0-cf84-4366-a393-4d0a59bc546c}
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Age of Empires II : The Conquerors Expansion-->"C:\Program Files\Microsoft Games\Age of Empires II\UNINSTALX.EXE" /runtemp /addremove
    Microsoft Age of Empires II-->"C:\Program Files\Microsoft Games\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
    Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
    Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
    Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}
    Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
    Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Movie Templates - Starter Kit-->MsiExec.exe /X{e498385e-1c51-459a-b45f-1721e37aa1a0}
    Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Multutide-Bot-->MsiExec.exe /I{23DCF9BA-E136-41DF-962B-C45F94A23D33}
    Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe
    muvee autoProducer 6.0-->C:\Program Files\InstallShield Installation Information\{14AF024E-2E3B-49D0-A175-D1C1A06B155A}\setup.exe -runfromtemp -l0x040c -removeonly
    MyNetflix-->MsiExec.exe /X{AD7A2DD6-8B66-4BD2-9840-CCE6C1F7A2A2}
    MySidesearch Search Assistant Adzgalore-->C:\Windows\system32\parpombtip.dll-uninst.exe
    NCsoft Launcher-->C:\Program Files\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x040c -removeonly
    Nero 9 Trial-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-A095-92AW-3TEZ-8MT6-H195-CZCX-53W8"
    Nero BurnRights-->MsiExec.exe /X{7829db6f-a066-4e40-8912-cb07887c20bb}
    Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
    Nero CoverDesigner-->MsiExec.exe /X{62ac81f6-bdd3-4110-9d36-3e9eaab40999}
    Nero Disc Copy Gadget-->MsiExec.exe /X{f1861f30-3419-44db-b2a1-c274825698b3}
    Nero DiscSpeed-->MsiExec.exe /X{869200db-287a-4dc0-b02b-2b6787fbcd4c}
    Nero DriveSpeed-->MsiExec.exe /X{33cf58f5-48d8-4575-83d6-96f574e4d83a}
    Nero InfoTool-->MsiExec.exe /X{fbcdfd61-7dcf-4e71-9226-873ba0053139}
    Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
    Nero Live-->MsiExec.exe /X{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}
    Nero PhotoSnap-->MsiExec.exe /X{9e82b934-9a25-445b-b8df-8012808074ac}
    Nero Recode-->MsiExec.exe /X{359cfc0a-beb1-440d-95ba-cf63a86da34f}
    Nero Rescue Agent-->MsiExec.exe /X{368ba326-73ad-4351-84ed-3c0a7a52cc53}
    Nero ShowTime-->MsiExec.exe /X{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}
    Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
    Nero Vision-->MsiExec.exe /X{43e39830-1826-415d-8bae-86845787b54b}
    Nero WaveEditor-->MsiExec.exe /X{a209525b-3377-43f4-b886-32f6b6e7356f}
    NeroBurningROM-->MsiExec.exe /X{d025a639-b9c9-417d-8531-208859000af8}
    NeroExpress-->MsiExec.exe /X{595a3116-40bb-4e0f-a2e8-d7951da56270}
    NeroLiveGadget-->MsiExec.exe /X{9e9fdde6-2c26-492a-85a0-05646b3f2795}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Notepad++-->C:\Program Files\Notepad++\uninstall.exe
    NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
    NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
    Orange - Logiciels Internet-->C:\Program Files\Orange\installation\core\Installgui.exe -u
    OtsTurntables Free 1.00.027-->"C:\Windows\OTS_UI.EXE" "C:\OtsLabs\OtsTTfre.osi"
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Outils de diagnostic du matériel-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
    PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
    PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
    Pivot Stickfigure Animator-->MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}
    Postal 2 Demo-->C:\Windows\unvise32.exe C:\Program Files\Postal 2 Demo\uninstal.log
    Postal 2 Share The Pain-->C:\Windows\unvise32.exe C:\Program Files\Postal2STP\uninstal.log
    Postal 2 STP - Free Multiplayer Edition-->C:\Windows\unvise32.exe C:\Program Files\Postal2STP\uninstal.log
    PowerBatch 6-->"C:\Program Files\Astase\PowerBatch\unins000.exe"
    PremiumSoft Navicat 8.2 for MySQL-->"C:\Program Files\PremiumSoft\Navicat 8.2 MySQL\unins000.exe"
    PremiumSoft Navicat Lite 8.2-->"C:\Program Files\PremiumSoft\Navicat Lite 8.2\unins000.exe"
    PunkBuster Services-->C:\Windows\system32\pbsvc_heroes.exe -u
    Python 2.5-->MsiExec.exe /I{0A2C5854-557E-48C8-835A-3B9F074BDCAA}
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    Reg (DOFUS Audio Subsystem)-->msiexec /qb /x {3F900346-A316-BA88-B83C-2513F1260AD7}
    Reg (DOFUS Audio Subsystem)-->MsiExec.exe /I{3F900346-A316-BA88-B83C-2513F1260AD7}
    ROTWK Map Pack3-->C:\Users\Thibault\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files\Maps\Uninstall ROTWK Map Pack v3.exe
    Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
    Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}
    Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
    Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
    Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}
    Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
    Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}
    Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Roxio MyDVD Basic v9-->MsiExec.exe /X{938B1CD7-7C60-491E-AA90-1F1888168240}
    SAMSUNG CDMA Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Solution de clavier multimédia amélioré-->C:\HP\KBD\Install.exe /u
    SoundTrax-->MsiExec.exe /X{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}
    Source SDK Base-->"C:\Program Files\Steam\steam.exe" steam://uninstall/215
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    SQLyog Enterprise Trial 6.55 -->C:\Program Files\SQLyog Enterprise Trial\uninst.exe
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    Steganos Secure FileSharing 6.0.4-->MsiExec.exe /X{7FC79540-F8A0-4581-A82F-99C9F79BD64C}
    Stickman 5-->MsiExec.exe /I{57E1A28F-B089-4DB8-B062-A15F1736B060}
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    System Requirements Lab-->MsiExec.exe /I{1E99F5D7-4262-4C7C-9135-F066E7485811}
    Teleport Pro-->C:\Program Files\Teleport Pro\Uninstall.exe
    Tony Hawks Pro Skater 4-->MsiExec.exe /X{E0F07676-2C60-4465-A727-20DE3BFCABAC}
    TOWTools 2005 3.5.4-->C:\Program Files\TOWTools 2005\uninst.exe
    Tropico 3 1.00-->"C:\Program Files\Kalypso\Tropico 3\uninst.exe"
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Valve Hammer Editor-->C:\PROGRA~1\VALVEH~1\UNWISE.EXE C:\PROGRA~1\VALVEH~1\INSTALL.LOG
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Vista Start Menu 3.41-->"C:\Program Files\Vista Start Menu\unins000.exe"
    Vodafone WCDMA Composite Device Drive Software-->C:\Windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
    Vuze Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
    Vuze-->C:\Program Files\Vuze\uninstall.exe
    Wakfu-->C:\Program Files\Wakfu\uninstall.exe
    WampServer 2.0-->"c:\wamp\unins000.exe"
    Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
    World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
    XBCD 1.06-->C:\Program Files\XBCD\uninst.exe
    Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
    Yahoo! Install Manager-->C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
    Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
    Zombie Shooter 2 - Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/33190

    ======Hosts File======

    127.0.0.1 007guard.com
    127.0.0.1 www.007guard.com
    127.0.0.1 008i.com
    127.0.0.1 008k.com
    127.0.0.1 www.008k.com
    127.0.0.1 00hq.com
    127.0.0.1 www.00hq.com
    127.0.0.1 010402.com
    127.0.0.1 032439.com
    127.0.0.1 www.032439.com

    ======Security center information======

    AS: Spybot - Search and Destroy (outdated)
    AS: Windows Defender

    ======System event log======

    Computer Name: DIDI003
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB949247(Update) à l’état Installation demandée(Install Requested)
    Record Number: 181294
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090815080418.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: DIDI003
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB949247(Update) à l’état Installation demand
    a c 304 8 Sécurité
    18 Janvier 2010 21:32:57

  • Désinstalle Vuze Toolbar.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    19 Janvier 2010 17:42:42

    Voici le rapport:

    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3598
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 7.0.6002.18005

    19/01/2010 17:37:58
    mbam-log-2010-01-19 (17-37-58).txt

    Type de recherche: Examen rapide
    Eléments examinés: 117623
    Temps écoulé: 6 minute(s), 6 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 8
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 3
    Fichier(s) infecté(s): 11

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8331d1c9-ab49-429c-a69e-b55994d44407} (Adware.Rabio) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83c35173-e029-42f1-9692-0341ee379a0d} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adzgalore (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cpmsky (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adzgaloregames (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{adf9b913-9ac8-9032-7400-095c6b2a74d2} (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\Local Page (Hijack.SearchPage) -> Bad: (http://www.iesearch.com/) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\ProgramData\Rabio (Adware.Rabio) -> Quarantined and deleted successfully.
    C:\Program Files\Adzgalore Games Collection (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\BitDownload (Trojan.Swizzor) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Windows\System32\adzgalore-remove.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\zdqgxykpeajxlxvo.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Adzgalore Games Collection\BattlesOfHelicopters.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Adzgalore Games Collection\BobAndBill.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Adzgalore Games Collection\CrazyBlocks.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Adzgalore Games Collection\Lines.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Adzgalore Games Collection\uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Adzgalore Games Collection\VideoPool.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\winlogon\server.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
    C:\Users\Thibault\AppData\Roaming\addon.dat (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Users\Thibault\AppData\Roaming\server.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    a c 304 8 Sécurité
    19 Janvier 2010 20:21:14

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Refais un scan RSIT et poste le rapport log.
    19 Janvier 2010 20:28:52

    rapport log:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Thibault at 2010-01-19 20:27:51
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 62 GB (18%) free of 336 GB
    Total RAM: 2046 MB (51% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:27:58, on 19/01/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\system32\schtasks.exe
    C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
    C:\Windows\ehome\ehtray.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\hp\kbd\kbd.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\Thibault\Desktop\jeux\RSIT.exe
    C:\Program Files\trend micro\Thibault.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
    O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll
    O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [{fc61cf35-9015-2adf-5bac-c510f741fd93}] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\wivkrfqhzvboopcq.dll" DllStart
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: ashDisp - Raccourci.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    O8 - Extra context menu item: Add to &Teleport - C:\Program Files\Teleport Pro\teleport.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://www.laredoute.fr
    O15 - Trusted Zone: http://www.paypal.fr
    O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} -
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} -
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

    --
    End of file - 11858 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{A072B724-1895-4BC5-9A2A-3F81BDAE87E2}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E896FCA-D07E-45FE-901F-6A26FCF59C02}]
    Iminent.SearchTheWeb.HelperObject - C:\Windows\system32\mscoree.dll [2009-03-30 278848]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2007-08-31 1122128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
    UrlHelper Class - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll [2009-05-04 398776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-09 263280]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-23 764912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {E0E899AB-F487-11D5-8D29-0050BA6940E3}
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-09 263280]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]
    "{fc61cf35-9015-2adf-5bac-c510f741fd93}"=C:\Windows\system32\wivkrfqhzvboopcq.dll DllStart []
    "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe []
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "Lexmark X74-X75"=C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe []
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-08 13683232]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-08 92704]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
    "hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
    "KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
    "OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
    "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24 71176]
    "SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-04-07 54936]
    "HP Software Update"=c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    ""= []
    "NvSvc"=C:\Windows\system32\nvsvc.dll [2009-03-08 641568]
    "LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984]
    "LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-10-25 2178832]
    "SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208]
    "ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400]
    "EoEngine"= []

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"=C:\Windows\SMINST\launcher.exe [2007-04-03 44168]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2007-08-31 1460560]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-21 39408]
    "PlayNC Launcher"= []
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    C:\Users\Thibault\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    ashDisp - Raccourci.lnk - C:\Program Files\Alwil Software\Avast4\ashDisp.exe

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
    "C:\Program Files\Combat Arms\CombatArms.exe"="C:\Program Files\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Program Files\Combat Arms\Engine.exe"="C:\Program Files\Combat Arms\Engine.exe:*Enabled:Engine.exe"
    "C:\Program Files\Combat Arms EU\CombatArms.exe"="C:\Program Files\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Program Files\Combat Arms EU\Engine.exe"="C:\Program Files\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45457181-b2e0-11dc-ade1-001bb9f1457f}]
    shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\demarrer.html

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e008809e-3c90-11de-a9cd-001bb9f1457f}]
    shell\AutoRun\command - K:\AutoRun.exe


    ======List of files/folders created in the last 1 months======

    2010-01-19 17:30:32 ----D---- C:\Users\Thibault\AppData\Roaming\Malwarebytes
    2010-01-19 17:30:24 ----D---- C:\ProgramData\Malwarebytes
    2010-01-19 17:30:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-01-18 17:40:16 ----D---- C:\Program Files\trend micro
    2010-01-18 17:40:15 ----D---- C:\rsit
    2010-01-17 21:35:05 ----A---- C:\cleannavi.txt
    2010-01-17 21:34:52 ----D---- C:\Program Files\Navilog1
    2010-01-17 21:32:23 ----HD---- C:\Program Files\winlogon
    2010-01-17 17:50:28 ----D---- C:\Program Files\Mumble
    2010-01-17 17:49:40 ----D---- C:\Users\Thibault\AppData\Roaming\Mumble
    2010-01-17 14:12:19 ----HDC---- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
    2010-01-17 14:12:00 ----D---- C:\ProgramData\Lavasoft
    2010-01-17 14:12:00 ----D---- C:\Program Files\Lavasoft
    2010-01-17 14:06:31 ----D---- C:\Program Files\CleanUp!
    2010-01-15 23:11:16 ----D---- C:\Windows\system32\MpEngineStore
    2010-01-14 17:52:11 ----A---- C:\Windows\system32\MRT.INI
    2010-01-13 18:28:29 ----A---- C:\Windows\system32\t2embed.dll
    2010-01-13 18:28:29 ----A---- C:\Windows\system32\fontsub.dll
    2009-12-29 20:38:40 ----D---- C:\Program Files\Steam
    2009-12-29 14:34:34 ----A---- C:\Windows\tmp.tmp.tmp
    2009-12-29 13:18:10 ----D---- C:\Program Files\Teleport Pro
    2009-12-26 15:01:36 ----D---- C:\Users\Thibault\AppData\Roaming\SQLyog
    2009-12-26 15:01:26 ----D---- C:\Program Files\SQLyog Enterprise Trial
    2009-12-26 14:40:01 ----D---- C:\Program Files\IntelliTamper
    2009-12-26 13:46:52 ----A---- C:\Windows\system32\libmysql_d.dll
    2009-12-26 13:46:50 ----D---- C:\Program Files\PremiumSoft
    2009-12-26 13:42:31 ----D---- C:\wamp
    2009-12-25 18:02:57 ----D---- C:\Program Files\JAP
    2009-12-25 17:41:15 ----D---- C:\Users\Thibault\AppData\Roaming\Hide IP NG
    2009-12-25 17:31:09 ----D---- C:\Program Files\Steganos Secure FileSharing 6
    2009-12-25 17:18:20 ----D---- C:\Program Files\AnalogX
    2009-12-25 16:12:25 ----D---- C:\Users\Thibault\AppData\Roaming\BITS
    2009-12-25 16:11:54 ----D---- C:\profiles
    2009-12-25 16:11:43 ----D---- C:\Program Files\FlashGet Network
    2009-12-21 19:35:27 ----D---- C:\Program Files\LogMeIn Hamachi

    ======List of files/folders modified in the last 1 months======

    2010-01-19 20:27:55 ----D---- C:\Windows\Temp
    2010-01-19 19:43:41 ----D---- C:\Program Files\Dofus
    2010-01-19 19:13:13 ----D---- C:\Program Files\Mozilla Firefox
    2010-01-19 17:44:38 ----D---- C:\Program Files
    2010-01-19 17:40:25 ----D---- C:\Windows\SMINST
    2010-01-19 17:39:55 ----D---- C:\Windows\system32\drivers
    2010-01-19 17:39:55 ----D---- C:\Windows\registration
    2010-01-19 17:37:57 ----D---- C:\Windows\System32
    2010-01-19 17:37:57 ----D---- C:\ProgramData
    2010-01-18 18:19:12 ----SHD---- C:\Windows\Installer
    2010-01-18 18:15:39 ----D---- C:\Nexon
    2010-01-18 18:11:25 ----D---- C:\Windows\Prefetch
    2010-01-18 18:11:18 ----SHD---- C:\System Volume Information
    2010-01-18 18:10:58 ----D---- C:\Program Files\Postal2STP
    2010-01-17 18:32:11 ----SD---- C:\Users\Thibault\AppData\Roaming\Microsoft
    2010-01-17 17:50:34 ----D---- C:\Windows\winsxs
    2010-01-17 14:39:10 ----D---- C:\Windows\system32\config
    2010-01-17 14:38:58 ----D---- C:\Windows\Tasks
    2010-01-17 14:38:58 ----D---- C:\Windows\system32\spool
    2010-01-17 14:38:58 ----D---- C:\Windows\system32\Msdtc
    2010-01-17 14:38:58 ----D---- C:\Windows\system32\catroot2
    2010-01-17 14:38:58 ----D---- C:\Windows\inf
    2010-01-17 14:38:58 ----D---- C:\Windows
    2010-01-17 14:38:57 ----D---- C:\Windows\system32\wbem
    2010-01-17 14:14:07 ----D---- C:\Windows\system32\catroot
    2010-01-14 17:52:25 ----D---- C:\Program Files\Windows Mail
    2010-01-14 17:47:51 ----D---- C:\Windows\Debug
    2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
    2010-01-10 11:18:28 ----D---- C:\Program Files\Common Files\Steam
    2010-01-09 10:00:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2010-01-08 20:59:36 ----D---- C:\Program Files\MessengerDiscovery
    2010-01-08 17:24:08 ----D---- C:\Program Files\Warcraft III
    2010-01-08 17:14:47 ----A---- C:\Windows\system32\PnkBstrB.exe
    2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
    2010-01-04 18:26:34 ----SD---- C:\Windows\Downloaded Program Files
    2009-12-29 20:57:15 ----D---- C:\Windows\Minidump
    2009-12-29 14:00:30 ----D---- C:\Users\Thibault\AppData\Roaming\Azureus
    2009-12-25 16:38:11 ----D---- C:\Downloads
    2009-12-21 14:54:35 ----D---- C:\Program Files\Vuze
    2009-12-21 11:31:36 ----D---- C:\Users\Thibault\AppData\Roaming\Tropico 3

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
    R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
    R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-11 1793880]
    R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624]
    R3 netr73;Linksys Compact Wireless-G USB Adapter Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2006-12-29 247808]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-03 1065384]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-08 7745696]
    R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
    S1 samuucjx;samuucjx; \??\C:\Windows\system32\drivers\samuucjx.sys [2010-01-15 30784]
    S2 zntport;NTPort Library Driver; \??\C:\Windows\system32\zntport.sys []
    S3 ahw5v046;ahw5v046; C:\Windows\system32\drivers\ahw5v046.sys []
    S3 alwueng7;alwueng7; C:\Windows\system32\drivers\alwueng7.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
    S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976]
    S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
    S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
    S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2009-11-07 32768]
    S3 UMPass;Pilote Microsoft UMPass; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-19 7680]
    S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
    S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
    S3 WINIO;WINIO; \??\C:\Program Files\Speed Gear\winio.sys []
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
    S3 xnacc;Contrôleur XBOX 360 pour le service de pilote Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2008-01-19 521216]
    S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 56448]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
    R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
    R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-05-24 61440]
    R2 LexBceS;LexBce Server; C:\Windows\System32\LEXBCES.EXE [2002-10-14 303104]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-04-13 73728]
    R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904]
    R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-08 207392]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-11-30 75064]
    R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 600912]
    R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
    S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]
    S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-04-16 69120]
    S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-01 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-05-11 887544]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-01-09 321320]
    S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-05-03 74656]
    S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
    S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]

    -----------------EOF-----------------
    a c 304 8 Sécurité
    19 Janvier 2010 20:42:41

    1/

  • Démarre Spybot, clique sur Mode, coche Mode avancé.
  • A gauche, clique sur Outils, puis sur Résident.
  • Décoche la case devant Résident "TeaTimer" :

  • Quitte Spybot.


    2/

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option L.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    19 Janvier 2010 21:30:43

    voila:

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_H | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 18.01.2010 à 18:32
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 21:19:47, 19/01/2010 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Ad-Remover\
    Système d'exploitation: Microsoft® Windows Vista™ HomePremium Service Pack 2 v6.0.6002
    Nom du PC: DIDI003 | Utilisateur actuel: Thibault
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .

    C:\Users\Thibault\AppData\Roaming\Mozilla\FireFox\Profiles\vloaix6d.default\searchplugins\ask.xml
    C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    C:\Users\Thibault\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Ask Search Assistant
    C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Adzgalore Games Collection
    C:\Program Files\Ask Search Assistant
    C:\Program Files\EoRezo
    C:\Program Files\Iminent
    C:\Users\Thibault\AppData\Roaming\Iminent
    C:\ProgramData\Trymedia
    C:\Users\Supermoi\AppData\Local\Temp\Low\AskBarDis

    (!) -- Fichiers temporaires supprimés.

    .
    HKCU\software\EoRezo
    HKCU\software\ItsLabel
    HKCU\software\Live-Player
    HKCU\software\microsoft\internet explorer\searchscopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
    HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\Software\Classes\CLSID\{0047f570-eeca-7aef-5ecd-ea1a33998a26}
    HKLM\Software\Classes\CLSID\{0E896FCA-D07E-45FE-901F-6A26FCF59C02}
    HKLM\Software\Classes\CLSID\{5f889df7-b72d-05cb-8bfd-d4b2993ab105}
    HKLM\Software\Classes\CLSID\{668aa686-5a15-8fd8-5833-5728cfc40ba9}
    HKLM\Software\Classes\CLSID\{6a64713f-64ae-05ec-149d-755627a5bd65}
    HKLM\Software\Classes\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}
    HKLM\software\classes\DiscoveryHelper.iMesh6Discovery
    HKLM\software\classes\DiscoveryHelper.iMesh6Discovery.1
    HKLM\software\classes\EoRezoBHO.EoBho
    HKLM\software\classes\EoRezoBHO.EoBho.1
    HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870E}
    HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7D}
    HKLM\software\ItsLabel
    HKLM\software\Live-Player
    HKLM\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\AskSearchAsst.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E896FCA-D07E-45FE-901F-6A26FCF59C02}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine
    HKLM\software\microsoft\windows\currentversion\uninstall\{F9D79F57-7B5B-33D7-6ED0-0F1CCEE829D5}
    HKLM\software\microsoft\windows\currentversion\uninstall\Ask.com Search Assistant
    HKLM\software\Trymedia Systems
    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version 3.0.11 [fr] *
    .
    Nom du profil: vloaix6d.default (Thibault)
    .
    (Thibault, prefs.js) Browser.download.dir, C:\Users\Thibault\Desktop\jeux
    (Thibault, prefs.js) Browser.download.lastDir, C:\Users\Thibault\Desktop\jeux
    (Thibault, prefs.js) Browser.search.defaultenginename, Ask
    (Thibault, prefs.js) Browser.search.selectedEngine, Google
    (Thibault, prefs.js) Browser.startup.homepage, hxxp://www.google.fr/
    (Thibault, prefs.js) Extensions.enabledItems, battlefieldheroespatcher@ea.com:4.0.27.0,foxyproxy@eric.h.jung:2.16.1,{3112ca9c-de6d-4884-a869-9855de68056c}:6.1.20091119W,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{20a82645-c095-46ed-80e3-08825760534b}:1.1,en-US@dictionaries.addons.mozilla.org:4.0.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
    (Thibault, prefs.js) Keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q=
    .
    (Thibault, prefs.js) EFFACE - Bearsharemediabar.cmd_cmd_cmb_search_BearShare.oncommand, bearsharemediabar_webjump%28%22hxxp%3A//maps.ask.com/maps%3Fo%3D13047%26l%3Ddis%26a%3D%25combo_BearShare%22%2C%22%22%2C%22%22%2C%22%22%2C%220%22%2C%2265001%22%29
    (Thibault, prefs.js) EFFACE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q={searchTerms}&crm=1
    (Thibault, prefs.js) EFFACE - Extensions.snipit.history_query, crack%20microsoft%20points=ASKURL=hxxp://www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||crack%20microsoft%20points=ASKURL=//www.ask.com/web?q=crack%20microsoft%20points&qsrc=2871&...||cr
    a c 304 8 Sécurité
    19 Janvier 2010 21:45:18

    Bien, désinstalle Ad-Remover.

    Comment va le PC ?

  • Refais un scan RSIT et poste le rapport log.
    20 Janvier 2010 17:49:50

    Je n'ai plus de pub en surfant sur internet, mais avast trouve toujours le virus dans le systeme:

    Nom du fichier: c:\windows\system32\drivers\nvstor32.sys
    Nom du logiciel malveillant : Win32:Alureon-EU
    Types de logiciel malveillant: Virus/Ver
    Version VPS: 100120-1, 20/01/2010
    j'envoie le scan après ce message
    20 Janvier 2010 17:51:25

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Thibault at 2010-01-20 17:50:48
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 62 GB (18%) free of 336 GB
    Total RAM: 2046 MB (51% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:50:55, on 20/01/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\system32\schtasks.exe
    C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\hp\kbd\kbd.exe
    C:\Users\Thibault\Desktop\jeux\RSIT.exe
    C:\Program Files\trend micro\Thibault.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [{fc61cf35-9015-2adf-5bac-c510f741fd93}] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\wivkrfqhzvboopcq.dll" DllStart
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: ashDisp - Raccourci.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    O8 - Extra context menu item: Add to &Teleport - C:\Program Files\Teleport Pro\teleport.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://www.laredoute.fr
    O15 - Trusted Zone: http://www.paypal.fr
    O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} -
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} -
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} -
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

    --
    End of file - 11093 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{A072B724-1895-4BC5-9A2A-3F81BDAE87E2}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2007-08-31 1122128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-09 263280]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-23 764912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {E0E899AB-F487-11D5-8D29-0050BA6940E3}
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-09 263280]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]
    "{fc61cf35-9015-2adf-5bac-c510f741fd93}"=C:\Windows\system32\wivkrfqhzvboopcq.dll DllStart []
    "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe []
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "Lexmark X74-X75"=C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe []
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-08 13683232]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-08 92704]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
    "hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
    "KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
    "OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
    "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24 71176]
    "SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-04-07 54936]
    "HP Software Update"=c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    ""= []
    "NvSvc"=C:\Windows\system32\nvsvc.dll [2009-03-08 641568]
    "LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984]
    "LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-10-25 2178832]
    "SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208]
    "ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"=C:\Windows\SMINST\launcher.exe [2007-04-03 44168]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-21 39408]
    "PlayNC Launcher"= []
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    C:\Users\Thibault\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    ashDisp - Raccourci.lnk - C:\Program Files\Alwil Software\Avast4\ashDisp.exe

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
    "C:\Program Files\Combat Arms\CombatArms.exe"="C:\Program Files\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Program Files\Combat Arms\Engine.exe"="C:\Program Files\Combat Arms\Engine.exe:*Enabled:Engine.exe"
    "C:\Program Files\Combat Arms EU\CombatArms.exe"="C:\Program Files\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Program Files\Combat Arms EU\Engine.exe"="C:\Program Files\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45457181-b2e0-11dc-ade1-001bb9f1457f}]
    shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\demarrer.html

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e008809e-3c90-11de-a9cd-001bb9f1457f}]
    shell\AutoRun\command - K:\AutoRun.exe


    ======List of files/folders created in the last 1 months======

    2010-01-19 20:54:53 ----D---- C:\Ad-Remover
    2010-01-19 17:30:32 ----D---- C:\Users\Thibault\AppData\Roaming\Malwarebytes
    2010-01-19 17:30:24 ----D---- C:\ProgramData\Malwarebytes
    2010-01-19 17:30:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-01-18 17:40:16 ----D---- C:\Program Files\trend micro
    2010-01-18 17:40:15 ----D---- C:\rsit
    2010-01-17 21:35:05 ----A---- C:\cleannavi.txt
    2010-01-17 21:34:52 ----D---- C:\Program Files\Navilog1
    2010-01-17 21:32:23 ----HD---- C:\Program Files\winlogon
    2010-01-17 17:50:28 ----D---- C:\Program Files\Mumble
    2010-01-17 17:49:40 ----D---- C:\Users\Thibault\AppData\Roaming\Mumble
    2010-01-17 14:12:19 ----HDC---- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
    2010-01-17 14:12:00 ----D---- C:\ProgramData\Lavasoft
    2010-01-17 14:12:00 ----D---- C:\Program Files\Lavasoft
    2010-01-17 14:06:31 ----D---- C:\Program Files\CleanUp!
    2010-01-15 23:11:16 ----D---- C:\Windows\system32\MpEngineStore
    2010-01-14 17:52:11 ----A---- C:\Windows\system32\MRT.INI
    2010-01-13 18:28:29 ----A---- C:\Windows\system32\t2embed.dll
    2010-01-13 18:28:29 ----A---- C:\Windows\system32\fontsub.dll
    2009-12-29 20:38:40 ----D---- C:\Program Files\Steam
    2009-12-29 14:34:34 ----A---- C:\Windows\tmp.tmp.tmp
    2009-12-29 13:18:10 ----D---- C:\Program Files\Teleport Pro
    2009-12-26 15:01:36 ----D---- C:\Users\Thibault\AppData\Roaming\SQLyog
    2009-12-26 15:01:26 ----D---- C:\Program Files\SQLyog Enterprise Trial
    2009-12-26 14:40:01 ----D---- C:\Program Files\IntelliTamper
    2009-12-26 13:46:52 ----A---- C:\Windows\system32\libmysql_d.dll
    2009-12-26 13:46:50 ----D---- C:\Program Files\PremiumSoft
    2009-12-26 13:42:31 ----D---- C:\wamp
    2009-12-25 18:02:57 ----D---- C:\Program Files\JAP
    2009-12-25 17:41:15 ----D---- C:\Users\Thibault\AppData\Roaming\Hide IP NG
    2009-12-25 17:31:09 ----D---- C:\Program Files\Steganos Secure FileSharing 6
    2009-12-25 17:18:20 ----D---- C:\Program Files\AnalogX
    2009-12-25 16:12:25 ----D---- C:\Users\Thibault\AppData\Roaming\BITS
    2009-12-25 16:11:54 ----D---- C:\profiles
    2009-12-25 16:11:43 ----D---- C:\Program Files\FlashGet Network
    2009-12-21 19:35:27 ----D---- C:\Program Files\LogMeIn Hamachi

    ======List of files/folders modified in the last 1 months======

    2010-01-20 17:50:55 ----D---- C:\Windows\Prefetch
    2010-01-20 17:50:52 ----D---- C:\Windows\Temp
    2010-01-20 17:44:23 ----D---- C:\Program Files\Mozilla Firefox
    2010-01-20 17:43:44 ----D---- C:\Windows\SMINST
    2010-01-19 21:25:08 ----D---- C:\ProgramData
    2010-01-19 21:25:07 ----D---- C:\Program Files
    2010-01-19 19:43:41 ----D---- C:\Program Files\Dofus
    2010-01-19 17:39:55 ----D---- C:\Windows\system32\drivers
    2010-01-19 17:39:55 ----D---- C:\Windows\registration
    2010-01-19 17:37:57 ----D---- C:\Windows\System32
    2010-01-18 18:19:12 ----SHD---- C:\Windows\Installer
    2010-01-18 18:15:39 ----D---- C:\Nexon
    2010-01-18 18:11:18 ----SHD---- C:\System Volume Information
    2010-01-18 18:10:58 ----D---- C:\Program Files\Postal2STP
    2010-01-17 18:32:11 ----SD---- C:\Users\Thibault\AppData\Roaming\Microsoft
    2010-01-17 17:50:34 ----D---- C:\Windows\winsxs
    2010-01-17 14:39:10 ----D---- C:\Windows\system32\config
    2010-01-17 14:38:58 ----D---- C:\Windows\Tasks
    2010-01-17 14:38:58 ----D---- C:\Windows\system32\spool
    2010-01-17 14:38:58 ----D---- C:\Windows\system32\Msdtc
    2010-01-17 14:38:58 ----D---- C:\Windows\system32\catroot2
    2010-01-17 14:38:58 ----D---- C:\Windows\inf
    2010-01-17 14:38:58 ----D---- C:\Windows
    2010-01-17 14:38:57 ----D---- C:\Windows\system32\wbem
    2010-01-17 14:14:07 ----D---- C:\Windows\system32\catroot
    2010-01-14 17:52:25 ----D---- C:\Program Files\Windows Mail
    2010-01-14 17:47:51 ----D---- C:\Windows\Debug
    2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
    2010-01-10 11:18:28 ----D---- C:\Program Files\Common Files\Steam
    2010-01-09 10:00:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2010-01-08 20:59:36 ----D---- C:\Program Files\MessengerDiscovery
    2010-01-08 17:24:08 ----D---- C:\Program Files\Warcraft III
    2010-01-08 17:14:47 ----A---- C:\Windows\system32\PnkBstrB.exe
    2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
    2010-01-04 18:26:34 ----SD---- C:\Windows\Downloaded Program Files
    2009-12-29 20:57:15 ----D---- C:\Windows\Minidump
    2009-12-29 14:00:30 ----D---- C:\Users\Thibault\AppData\Roaming\Azureus
    2009-12-25 16:38:11 ----D---- C:\Downloads
    2009-12-21 14:54:35 ----D---- C:\Program Files\Vuze
    2009-12-21 11:31:36 ----D---- C:\Users\Thibault\AppData\Roaming\Tropico 3

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
    R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
    R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-11 1793880]
    R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624]
    R3 netr73;Linksys Compact Wireless-G USB Adapter Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2006-12-29 247808]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-03 1065384]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-08 7745696]
    R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
    S1 samuucjx;samuucjx; \??\C:\Windows\system32\drivers\samuucjx.sys [2010-01-15 30784]
    S2 zntport;NTPort Library Driver; \??\C:\Windows\system32\zntport.sys []
    S3 a6soikkp;a6soikkp; C:\Windows\system32\drivers\a6soikkp.sys []
    S3 a6wgs9wt;a6wgs9wt; C:\Windows\system32\drivers\a6wgs9wt.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
    S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976]
    S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
    S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
    S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2009-11-07 32768]
    S3 UMPass;Pilote Microsoft UMPass; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-19 7680]
    S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
    S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
    S3 WINIO;WINIO; \??\C:\Program Files\Speed Gear\winio.sys []
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
    S3 xnacc;Contrôleur XBOX 360 pour le service de pilote Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2008-01-19 521216]
    S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 56448]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
    R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
    R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-05-24 61440]
    R2 LexBceS;LexBce Server; C:\Windows\System32\LEXBCES.EXE [2002-10-14 303104]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-04-13 73728]
    R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904]
    R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-08 207392]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-11-30 75064]
    R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 600912]
    R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
    S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]
    S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-04-16 69120]
    S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-01 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-05-11 887544]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-01-09 321320]
    S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-05-03 74656]
    S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
    S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]

    -----------------EOF-----------------
    a c 304 8 Sécurité
    20 Janvier 2010 22:16:39

    La version 5 d'Avast est disponible :
    http://www.avast.com/fr-fr/free-antivirus-download

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Clique droit sur ComboFix.exe (le .exe n'est pas forcément visible) et choisis Exécuter en tant qu'administrateur.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    21 Janvier 2010 17:30:16

    voila:

    ComboFix 10-01-20.06 - Thibault 21/01/2010 16:56:53.1.2 - x86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2046.1235 [GMT 1:00]
    Lancé depuis: c:\users\Thibault\Desktop\jeux\ComboFix.exe
    SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
    c:\$recycle.bin\S-1-5-21-2964595397-2802631840-765058528-500
    c:\$recycle.bin\S-1-5-21-3262500307-1501631122-3583349578-500
    c:\$recycle.bin\S-1-5-21-3656986813-3539166821-1700283384-500
    C:\install.exe
    c:\program files\FlashGet Network
    c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
    c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
    c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
    c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
    c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
    c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
    c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
    c:\program files\FlashGet Network\FlashGet universal\transaction.log
    c:\program files\Java\jre6\bin\jucheck.exe
    c:\program files\QUAD Utilities
    c:\users\Thibault\AppData\Roaming\BITS
    c:\users\Thibault\AppData\Roaming\BITS\BITS.ini
    c:\users\Thibault\AppData\Roaming\BITS\DHTTable.dat
    c:\users\Thibault\AppData\Roaming\BITS\ProxyList.ini
    c:\windows\system32\winio.vxd

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_Boonty Games


    ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-21 au 2010-01-21 ))))))))))))))))))))))))))))))))))))
    .

    2010-01-19 19:54 . 2010-01-20 16:50 -------- d-----w- C:\Ad-Remover
    2010-01-19 16:30 . 2010-01-19 16:30 -------- d-----w- c:\users\Thibault\AppData\Roaming\Malwarebytes
    2010-01-19 16:30 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-01-19 16:30 . 2010-01-19 16:30 -------- d-----w- c:\programdata\Malwarebytes
    2010-01-19 16:30 . 2010-01-19 16:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-01-19 16:30 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-01-18 16:40 . 2010-01-20 16:50 -------- d-----w- c:\program files\trend micro
    2010-01-18 16:40 . 2010-01-18 16:40 -------- d-----w- C:\rsit
    2010-01-17 20:34 . 2010-01-17 20:39 -------- d-----w- c:\program files\Navilog1
    2010-01-17 20:32 . 2010-01-17 20:32 -------- d--h--w- c:\program files\winlogon
    2010-01-17 16:50 . 2010-01-17 16:50 -------- d-----w- c:\program files\Mumble
    2010-01-17 16:49 . 2010-01-17 19:01 -------- d-----w- c:\users\Thibault\AppData\Roaming\Mumble
    2010-01-17 13:12 . 2010-01-17 13:15 -------- dc-h--w- c:\programdata\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
    2010-01-17 13:12 . 2010-01-17 13:14 -------- d-----w- c:\programdata\Lavasoft
    2010-01-17 13:12 . 2010-01-17 13:12 -------- d-----w- c:\program files\Lavasoft
    2010-01-17 13:06 . 2010-01-17 13:25 -------- d-----w- c:\program files\CleanUp!
    2010-01-15 22:11 . 2010-01-15 22:11 30784 ----a-w- c:\windows\system32\drivers\samuucjx.sys
    2010-01-15 22:11 . 2010-01-15 22:11 -------- d-----w- c:\windows\system32\MpEngineStore
    2010-01-13 17:28 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
    2010-01-13 17:28 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
    2009-12-29 19:38 . 2010-01-20 17:26 -------- d-----w- c:\program files\Steam
    2009-12-29 12:18 . 2009-12-29 12:18 -------- d-----w- c:\program files\Teleport Pro
    2009-12-26 14:01 . 2009-12-26 14:51 -------- d-----w- c:\users\Thibault\AppData\Roaming\SQLyog
    2009-12-26 14:01 . 2009-12-26 14:01 -------- d-----w- c:\program files\SQLyog Enterprise Trial
    2009-12-26 13:40 . 2009-12-26 13:40 -------- d-----w- c:\program files\IntelliTamper
    2009-12-26 12:46 . 2009-07-10 11:33 1589248 ----a-w- c:\windows\system32\libmysql_d.dll
    2009-12-26 12:46 . 2009-12-26 22:18 -------- d-----w- c:\program files\PremiumSoft
    2009-12-26 12:42 . 2009-12-26 14:54 -------- d-----w- C:\wamp
    2009-12-25 17:02 . 2009-12-25 17:03 -------- d-----w- c:\program files\JAP
    2009-12-25 16:41 . 2009-12-25 16:48 -------- d-----w- c:\users\Thibault\AppData\Roaming\Hide IP NG
    2009-12-25 16:31 . 2009-12-25 16:31 -------- d-----w- c:\program files\Steganos Secure FileSharing 6
    2009-12-25 16:18 . 2009-12-25 16:18 -------- d-----w- c:\program files\AnalogX
    2009-12-25 15:11 . 2009-12-25 15:11 -------- d-----w- C:\profiles

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-01-19 18:43 . 2008-09-24 14:03 -------- d-----w- c:\program files\Dofus
    2010-01-18 17:10 . 2009-08-07 12:06 -------- d-----w- c:\program files\Postal2STP
    2010-01-17 13:21 . 2009-01-04 16:40 2032 ----a-w- c:\users\Thibault\AppData\Local\d3d9caps.dat
    2010-01-14 16:52 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
    2010-01-14 10:12 . 2009-10-03 11:17 181120 ------w- c:\windows\system32\MpSigStub.exe
    2010-01-10 10:18 . 2007-12-25 10:21 -------- d-----w- c:\program files\Common Files\Steam
    2010-01-09 09:00 . 2007-12-27 17:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2010-01-08 19:59 . 2008-10-16 15:51 -------- d-----w- c:\program files\MessengerDiscovery
    2010-01-08 16:24 . 2009-03-23 17:44 -------- d-----w- c:\program files\Warcraft III
    2010-01-08 16:15 . 2009-09-12 13:24 139016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
    2010-01-08 16:14 . 2009-09-12 13:24 189488 ----a-w- c:\windows\system32\PnkBstrB.exe
    2009-12-29 13:34 . 2009-12-29 13:34 197 ----a-w- c:\windows\tmp.tmp.tmp
    2009-12-29 13:00 . 2009-02-14 09:58 -------- d-----w- c:\users\Thibault\AppData\Roaming\Azureus
    2009-12-21 18:35 . 2009-12-21 18:35 -------- d-----w- c:\program files\LogMeIn Hamachi
    2009-12-21 13:54 . 2009-02-14 09:58 -------- d-----w- c:\program files\Vuze
    2009-12-21 10:31 . 2009-12-12 08:59 -------- d-----w- c:\users\Thibault\AppData\Roaming\Tropico 3
    2009-12-15 17:06 . 2007-01-01 11:40 678718 ----a-w- c:\windows\system32\perfh00C.dat
    2009-12-15 17:06 . 2007-01-01 11:40 127798 ----a-w- c:\windows\system32\perfc00C.dat
    2009-12-12 19:14 . 2009-12-12 19:14 -------- d-----w- c:\program files\NCSoft
    2009-12-12 19:14 . 2007-01-01 03:32 -------- d--h--w- c:\program files\InstallShield Installation Information
    2009-12-12 19:13 . 2009-06-26 14:58 -------- d-----w- c:\users\Thibault\AppData\Roaming\GetRightToGo
    2009-12-12 08:54 . 2009-12-12 08:54 -------- d-----w- c:\program files\Kalypso
    2009-12-10 18:51 . 2009-12-10 19:26 1728740339 ----a-w- c:\users\Public\Tropico 3.zip
    2009-12-06 19:03 . 2007-12-25 11:24 -------- d-----w- c:\program files\Messenger Plus! Live
    2009-12-06 09:15 . 2009-12-06 09:00 -------- d-----w- c:\users\Thibault\AppData\Roaming\Dofus 2
    2009-12-06 09:13 . 2009-12-06 09:13 -------- d-----w- c:\users\Thibault\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    2009-12-06 09:00 . 2009-12-06 09:00 -------- d-----w- c:\users\Thibault\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    2009-12-06 09:00 . 2009-12-06 09:00 -------- d-----w- c:\users\Thibault\AppData\Roaming\app
    2009-12-06 09:00 . 2009-12-06 09:00 -------- d-----w- c:\users\Thibault\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    2009-12-05 19:51 . 2009-12-05 19:50 -------- d-----w- c:\program files\Dofus 2
    2009-12-04 20:17 . 2007-01-01 03:45 -------- d-----w- c:\program files\Java
    2009-11-30 19:10 . 2009-09-12 13:24 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
    2009-11-30 17:22 . 2009-09-12 13:24 138056 ----a-w- c:\users\Thibault\AppData\Roaming\PnkBstrK.sys
    2009-11-30 17:21 . 2009-11-30 17:21 2395944 ----a-w- c:\windows\system32\pbsvc_heroes.exe
    2009-11-30 17:15 . 2009-04-14 14:45 -------- d-----w- c:\program files\EA GAMES
    2009-11-29 19:28 . 2009-07-01 14:43 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
    2009-11-29 19:28 . 2009-07-01 14:43 -------- d-----w- c:\program files\AGEIA Technologies
    2009-11-29 19:27 . 2009-11-29 19:19 -------- d-----w- c:\program files\SAW.The.Video.Game-KaOs
    2009-11-24 23:54 . 2009-08-07 16:06 1280480 ----a-w- c:\windows\system32\aswBoot.exe
    2009-11-24 23:50 . 2009-08-07 16:06 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2009-11-24 23:50 . 2009-08-07 16:06 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2009-11-24 23:49 . 2009-08-07 16:06 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2009-11-24 23:49 . 2009-08-07 16:06 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2009-11-24 23:48 . 2009-08-07 16:06 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2009-11-24 23:47 . 2009-08-07 16:06 97480 ----a-w- c:\windows\system32\AvastSS.scr
    2009-11-23 17:30 . 2009-01-02 13:02 90856 ----a-w- c:\users\Thibault\AppData\Local\GDIPFONTCACHEV1.DAT
    2009-11-17 16:53 . 2007-12-25 10:02 91840 ----a-w- c:\users\Supermoi\AppData\Local\GDIPFONTCACHEV1.DAT
    2009-11-09 12:31 . 2009-12-12 07:35 24064 ----a-w- c:\windows\system32\nshhttp.dll
    2009-11-09 12:30 . 2009-12-12 07:35 30720 ----a-w- c:\windows\system32\httpapi.dll
    2009-11-09 10:36 . 2009-12-12 07:35 411648 ----a-w- c:\windows\system32\drivers\http.sys
    2009-11-07 00:40 . 2009-11-07 00:40 32768 ----a-w- c:\windows\system32\drivers\taphss.sys
    2009-10-29 09:17 . 2009-11-25 13:49 2048 ----a-w- c:\windows\system32\tzres.dll
    2009-10-27 14:11 . 2009-12-10 18:43 834048 ----a-w- c:\windows\system32\wininet.dll
    2009-10-27 13:16 . 2009-12-10 18:43 78336 ----a-w- c:\windows\system32\ieencode.dll
    2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
    2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
    2007-01-01 12:01 . 2007-01-01 11:42 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-21 39408]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-08 13683232]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-08 92704]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
    "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
    "KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
    "OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
    "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 71176]
    "SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "NvSvc"="c:\windows\system32\nvsvc.dll" [2009-03-08 641568]
    "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
    "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
    "SystrayORAHSS"="c:\program files\Orange\Systray\SystrayApp.exe" [2007-09-25 94208]
    "ORAHSSSessionManager"="c:\program files\Orange\SessionManager\SessionManager.exe" [2007-09-25 102400]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]

    c:\users\Thibault\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    ashDisp - Raccourci.lnk - c:\program files\Alwil Software\Avast4\ashDisp.exe [2009-8-7 81000]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):b2,02,c8,60,52,44,ca,01

    R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [07/08/2009 17:06 114768]
    R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [07/08/2009 17:06 20560]
    R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [07/08/2009 17:06 53328]
    R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29/10/2009 12:27 1074568]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [27/12/2007 18:22 600912]
    R3 netr73;Linksys Compact Wireless-G USB Adapter Driver for Vista;c:\windows\System32\drivers\netr73.sys [29/12/2006 01:49 247808]
    S1 samuucjx;samuucjx;c:\windows\System32\drivers\samuucjx.sys [15/01/2010 23:11 30784]
    S3 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [20/06/2008 21:43 21504]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [26/03/2008 17:29 28224]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2009-04-13 13:08 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Contenu du dossier 'Tâches planifiées'

    2010-01-21 c:\windows\Tasks\User_Feed_Synchronization-{A072B724-1895-4BC5-9A2A-3F81BDAE87E2}.job
    - c:\windows\system32\msfeedssync.exe [2008-06-20 07:33]
    .
    .
    ------- Examen supplémentaire -------
    .
    IE: Add to &Teleport - c:\program files\Teleport Pro\teleport.htm
    IE: Télécharger tout avec FlashGet - c:\program files\FlashGet\jc_all.htm
    Trusted Zone: laredoute.fr\www
    Trusted Zone: paypal.fr\www
    DPF: {5C051655-FCD5-4969-9182-770EA5AA5565}
    DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
    DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8}
    FF - ProfilePath - c:\users\Thibault\AppData\Roaming\Mozilla\Firefox\Profiles\vloaix6d.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
    FF - component: c:\users\Thibault\AppData\Roaming\Mozilla\Firefox\Profiles\vloaix6d.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\programdata\NexonEU\NGM\npNxGameeu.dll
    FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll
    FF - plugin: c:\users\Thibault\AppData\Roaming\Mozilla\Firefox\Profiles\vloaix6d.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-PlayNC Launcher - (no file)
    HKLM-Run-{fc61cf35-9015-2adf-5bac-c510f741fd93} - c:\windows\system32\wivkrfqhzvboopcq.dll
    HKLM-Run-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    HKLM-Run-Lexmark X74-X75 - c:\program files\Lexmark X74-X75\lxbbbmgr.exe
    ActiveSetup-{ADF9B913-9AC8-9032-7400-095C6B2A74D2} - c:\program files\winlogon\server.exe
    AddRemove-adsl TV - c:\program files\adsltv\Uninstal.exe
    AddRemove-Dev-C++ - c:\dev-cpp\uninstall.exe
    AddRemove-PhotoFiltre - c:\program files\PhotoFiltre\Uninst.exe
    AddRemove-ROTWK Map Pack3 - c:\users\Thibault\AppData\Roaming\My The Lord of the Rings



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-01-21 17:16
    Windows 6.0.6002 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll sfsync04.sys >>UNKNOWN [0x84E1C1F8]<<
    kernel: MBR read successfully
    detected MBR rootkit hooks:
    \Driver\Disk -> CLASSPNP.SYS @ 0x881c6d24
    \Driver\ACPI -> acpi.sys @ 0x80745d68
    \Driver\atapi -> 0x84e1b1f8
    IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
    user & kernel MBR OK

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-2964595397-2802631840-765058528-1000\Software\SecuROM\License information*]
    "datasecu"=hex:84,02,2a,c9,08,90,c0,10,5b,d0,24,d4,a8,92,8f,05,42,13,e1,f0,92,
    8c,80,bb,27,e2,76,f9,05,de,43,e0,b0,55,a3,b4,2f,ad,00,e2,fb,cd,68,67,f2,27,\
    "rkeysecu"=hex:7d,79,8f,5f,2a,ca,d8,14,9b,02,cb,a6,e0,84,90,b2

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:00000000
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'Explorer.exe'(11164)
    c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\system32\nvvsvc.exe
    c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    c:\windows\system32\rundll32.exe
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\windows\System32\LEXBCES.EXE
    c:\windows\System32\LEXPPS.EXE
    c:\windows\system32\conime.exe
    c:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    c:\program files\Common Files\LightScribe\LSSrvc.exe
    c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    c:\windows\system32\PnkBstrA.exe
    c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    c:\windows\system32\WUDFHost.exe
    c:\program files\Alwil Software\Avast4\ashMaiSv.exe
    c:\program files\Alwil Software\Avast4\ashWebSv.exe
    c:\windows\RtHDVCpl.exe
    c:\windows\System32\rundll32.exe
    c:\windows\system32\schtasks.exe
    c:\windows\ehome\ehmsas.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    c:\hp\kbd\kbd.exe
    c:\windows\system32\vssvc.exe
    c:\windows\servicing\TrustedInstaller.exe
    .
    **************************************************************************
    .
    Heure de fin: 2010-01-21 17:28:52 - La machine a redémarré
    ComboFix-quarantined-files.txt 2010-01-21 16:28

    Avant-CF: 64 399 933 440 octets libres
    Après-CF: 70 910 992 384 octets libres

    - - End Of File - - 5CBFEFF3CA4133ADD699A39D9F337D35
    a c 304 8 Sécurité
    21 Janvier 2010 20:38:46

    Tu peux faire un scan avec la nouvelle version d'Avast ?
    21 Janvier 2010 21:10:15

    Oui, il a trouver deux fois le virus trouver par l'autre version.
    21 Janvier 2010 21:46:37

    Je l'ai mis dans la quarantaine, et avast ne le trouve plus en scan maintenant, je supprime le virus de la zone de quarantaine, ou c'est risqué ?
    22 Janvier 2010 17:20:29

    le virus se lance au démarrage de mon ordi, et je dois toujours démarrer avec l'outil de démarrage systéme car le virus le fais redémarrer pour protéger les données .
    a c 304 8 Sécurité
    22 Janvier 2010 20:35:38

    Ok, je suis occupé en ce moment. Je te réponds un peu plus tard.
    a c 304 8 Sécurité
    24 Janvier 2010 02:33:06

    Marque et modèle du PC ?
    24 Janvier 2010 13:19:05

    jai détruit le virus, et avast le trouve plus maintenant
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS