Se connecter / S'enregistrer
Votre question

ANtivirus Plus

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
15 Janvier 2010 18:46:47

Bonjour,

Alors voici mon problème "ANTIVIRUS PLUS" se trouve dans mon PC il m'est impossible de le supprimer .
J'ai lu que l'on pouvait essayer de le supprimé en mode sans échec le second problème est qu'il m'est impossible de démarrer mon PC en mode sans échec :fou:  !
Est ce que quelqu'un aurait la solution svp ! merci

Autres pages sur : antivirus

15 Janvier 2010 19:19:05

Bonjour!

Télécharge sur le bureau « RSIT »
* Double-clic dessus
(Avec VISTA > clic-droit et > Exécuter en tant qu'administrateur)
* Laisser « 1 month »
* Cliquer sur « Continue »
* À la fin du scan 2 rapports sont créés: « log.txt » et « info.txt »
* Copier/coller les deux rapports dans la réponse
** Note: les rapports se situent aussi dans « C:\rsit\log.txt » et « C:\rsit\info.txt »
Anonyme
15 Janvier 2010 19:31:35

info.txt logfile of random's system information tool 1.06 2009-01-15 19:32:02

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57-->MsiExec.exe /I{23170F69-40C1-2701-0457-000001000000}
Acer eDataSecurity Management 2.0.3077-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{4AD13F68-CADA-4C6B-9759-C33753F89908} /l1036
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDStbmngr.exe UNINSTALL 1
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer ePerformance Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F30-8000-9E72BC771887}\setup.exe" -l0x40c -removeonly
Acer WLAN 11g USB Dongle-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{0CB98AC0-D691-4B21-AD3D-95982517021D} /l1036
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player-->MsiExec.exe /X{54E4B63C-D252-454C-BE4F-468F102B331C}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
Audacity 1.3.9 (Unicode)-->"C:\Documents and Settings\Lejeune\Mes documents\marion photo\divers\Audacity 1.3 Beta (Unicode)\unins000.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
BzTarot 1.02-->"C:\Program Files\BzTarot\unins000.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
comsummer-1024x768-->MsiExec.exe /I{D27E6ABB-AF22-4618-838E-B4A3A1B02F98}
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
FFAwesomeBestShoppingTipsProgram-->C:\Program Files\Mozilla Firefox\extensions\AwesomeBestShoppingTipsProgram@AwesomeBestShoppingTipsProgram\uninstall.exe uninstall=awesomebestshoppingtipsprogramff
GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.38\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Kwanzy 1.0 build 131-->C:\Program Files\Kwanzy\uninstall.exe
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 4.18.3-->"C:\Program Files\LimeWire\uninstall.exe"
LoudMo Contextual Ad Assistant-->C:\WINDOWS\system32\y-W-MOG7b.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access 2003 Runtime-->MsiExec.exe /I{901C040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mirar-->mshta.exe http://remove.getmirar.com/
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913433)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.0.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0-->MsiExec.exe /I{428102E6-8A39-48B9-8389-847F5A44A600}
MSXML 4.0-->MsiExec.exe /I{54BB0384-1C33-488F-A95B-877E480D3EDC}
NTI Backup NOW! 4-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1036 BUN4
NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
OCA Client history tool install-->"C:\WINDOWS\$UninstallOCA-X86Fre-ENU$\spuninst\spuninst.exe"
OpenOffice.org 3.0-->MsiExec.exe /I{1572F66F-F9AD-4D45-B0D2-0F45A0D5A0F6}
Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe"
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Personal License Update Wizard for Windows Media Player-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\drmtool.inf,Uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.EXE" -uninstall
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Rami Royal-->MsiExec.exe /I{8C73244F-C76C-4F7A-AD14-10C041F60E13}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
TomCat Soft : Le Pendu-->"C:\Program Files\TomCat Soft\Le Pendu\unins000.exe"
TomTom HOME 2.6.3.1609-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======System event log======

Computer Name: ACER-DC6C4D74B4
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.

Record Number: 18346
Source Name: Service Control Manager
Time Written: 20091211122200.000000+060
Event Type: Informations
User:

Computer Name: ACER-DC6C4D74B4
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Google Software Updater.

Record Number: 18345
Source Name: Service Control Manager
Time Written: 20091211122200.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ACER-DC6C4D74B4
Event Code: 19
Message: Installation réussie : Windows a installé la mise à jour suivante : Definition Update for Windows Defender - KB915597 (Definition 1.71.700.0)

Record Number: 18344
Source Name: Windows Update Agent
Time Written: 20091211102627.000000+060
Event Type: Informations
User:

Computer Name: ACER-DC6C4D74B4
Event Code: 2000
Message: Windows Defender signature version has been updated.

Current Signature Version: 1.71.700.0

Previous Signature Version: 1.71.700.0

Update Source: User

Signature Type: AntiSpyware

Update Type: Delta

User: AUTORITE NT\SYSTEM

Current Engine Version: 1.1.5302.0

Previous Engine Version: 1.1.5302.0

Record Number: 18343
Source Name: WinDefend
Time Written: 20091211102620.000000+060
Event Type: Informations
User:

Computer Name: ACER-DC6C4D74B4
Event Code: 2000
Message: Windows Defender signature version has been updated.

Current Signature Version: 1.71.700.0

Previous Signature Version: 1.71.570.0

Update Source: User

Signature Type: AntiSpyware

Update Type: Delta

User: AUTORITE NT\SYSTEM

Current Engine Version: 1.1.5302.0

Previous Engine Version: 1.1.5302.0

Record Number: 18342
Source Name: WinDefend
Time Written: 20091211102616.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: ACER-DC6C4D74B4
Event Code: 5000
Message: EventType visualstudio8setup, P1 microsoft .net framework 3.5-kb958484, P2 1036, P3 1603, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10 0.

Record Number: 15044
Source Name: HotFixInstaller
Time Written: 20091004224425.000000+120
Event Type: erreur
User:

Computer Name: ACER-DC6C4D74B4
Event Code: 11729
Message: Produit : Microsoft .NET Framework 3.5 SP1 -- La configuration a échoué.

Record Number: 15043
Source Name: MsiInstaller
Time Written: 20091004224425.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ACER-DC6C4D74B4
Event Code: 1023
Message: Produit : Microsoft .NET Framework 3.5 SP1 - La mise à jour 'KB958484' n'a pas pu être installée. Code d'erreur 1603. Des informations supplémentaires sont disponibles dans le fichier journal C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 3.5-KB958484_20091004_204417250-Msi0.txt.

Record Number: 15042
Source Name: MsiInstaller
Time Written: 20091004224425.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: ACER-DC6C4D74B4
Event Code: 0
Message: Le service a géré avec succès PowerEvent.

Record Number: 15041
Source Name: AcerMemUsageCheckService
Time Written: 20091004161613.000000+120
Event Type: Informations
User:

Computer Name: ACER-DC6C4D74B4
Event Code: 0
Message: Le service a géré avec succès PowerEvent.

Record Number: 15040
Source Name: AcerMemUsageCheckService
Time Written: 20091004161605.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0604
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------



Logfile of random's system information tool 1.06 (written by random/random)
Run by Lejeune at 2009-01-15 19:31:30
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 50 GB (68%) free of 73 GB
Total RAM: 2815 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:58, on 15/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Lejeune\Bureau\RSIT.exe
C:\Program Files\trend micro\Lejeune.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://moteur.chat-land.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Mirar - {012EEB6D-1444-4A6A-8976-6C7A756612C0} - C:\WINDOWS\system32\f978.dll
O2 - BHO: gwprimawega - {146cabea-1007-d98f-47e0-71442ac2d3ec} - C:\WINDOWS\system32\03-ByyQ.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Antivirus Plus BHO - {C2B5AAB8-2183-4be7-81A6-F11493C45872} - C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Mirar - {012EEB6C-1444-4A6A-8976-6C7A756612C0} - C:\WINDOWS\system32\f978.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll", start 70700
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S8F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WhereSphere] C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe
O4 - HKCU\..\Run: [SfKg6wIPuS] C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll", start 70700
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AntiVirus Plus.lnk = C:\WINDOWS\system32\rundll32.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: AntiVirus Plus.lnk = C:\WINDOWS\system32\rundll32.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca0a468d679126) (gupdate1ca0a468d679126) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwanzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 10210 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{012EEB6D-1444-4A6A-8976-6C7A756612C0}]
Mirar - C:\WINDOWS\system32\f978.dll [2009-11-22 729088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{146cabea-1007-d98f-47e0-71442ac2d3ec}]
gwprimawega - C:\WINDOWS\system32\03-ByyQ.dll [2009-12-26 1191936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-13 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-21 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2B5AAB8-2183-4be7-81A6-F11493C45872}]
Antivirus Plus BHO - C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-13 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
{012EEB6C-1444-4A6A-8976-6C7A756612C0} - Mirar - C:\WINDOWS\system32\f978.dll [2009-11-22 729088]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"Acer Empowering Technology Monitor"=C:\WINDOWS\system32\SysMonitor.exe [2006-04-18 49152]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"AntiVirus Plus"=C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-21 39408]
"WhereSphere"=C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe [2009-12-20 827392]
"SfKg6wIPuS"=C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe [2009-11-22 258048]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"AntiVirus Plus"=C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-02-26 437160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
AntiVirus Plus.lnk - C:\WINDOWS\system32\rundll32.exe

C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\Démarrage
AntiVirus Plus.lnk - C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-07-18 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1be4f3d0-5259-11de-b91a-001e2a4bebd5}]
shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaaed366-d2a2-11dd-b853-001e2a4bebd5}]
shell\AutoRun\command - J:\InstallTomTomHOME.exe


======List of files/folders created in the last 1 months======

2010-01-14 20:33:49 ----D---- C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus
2010-01-14 20:33:44 ----A---- C:\WINDOWS\system32\y-W-MOG7b.exe
2010-01-13 22:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 22:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2009-12-28 18:02:30 ----D---- C:\Documents and Settings\Lejeune\Application Data\Audacity
2009-12-26 05:11:52 ----A---- C:\WINDOWS\system32\03-ByyQ.dll
2009-12-09 23:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 23:18:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 23:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 23:17:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 23:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-11-25 23:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 23:03:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-22 18:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2009-11-22 18:24:02 ----D---- C:\Program Files\Kwanzy
2009-11-22 18:24:02 ----D---- C:\Documents and Settings\All Users\Application Data\Kwanzy
2009-11-22 18:23:49 ----D---- C:\Documents and Settings\Lejeune\Application Data\WhereSphere
2009-11-22 18:23:48 ----A---- C:\WINDOWS\system32\f978.dll
2009-11-12 23:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-10-14 21:34:20 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-14 21:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-14 21:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-14 21:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-14 21:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-14 21:32:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-14 21:31:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-14 21:31:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-14 21:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB953295$
2009-10-14 21:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-03 10:06:22 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2009-09-16 21:38:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-09-16 12:06:24 ----D---- C:\Program Files\Microsoft
2009-09-09 22:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-09 06:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-09 06:14:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-09 06:14:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$
2009-08-28 17:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-08-13 11:29:23 ----D---- C:\Documents and Settings\Lejeune\Application Data\Download Manager
2009-08-12 23:13:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-12 23:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-12 23:13:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-12 23:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-12 23:13:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-12 23:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-12 23:13:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-12 23:13:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-12 23:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-06 05:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-08-05 21:46:12 ----D---- C:\dfa7adc192a258b9f0408b39cc6509d3
2009-08-05 21:43:32 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-05 21:43:28 ----D---- C:\Program Files\MSBuild
2009-08-05 21:43:27 ----D---- C:\WINDOWS\system32\en-US
2009-08-05 21:43:21 ----D---- C:\Program Files\Reference Assemblies
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-05 21:43:01 ----D---- C:\10b43c0ddf8b267179
2009-08-05 21:41:58 ----SHD---- C:\Config.Msi
2009-08-04 18:52:22 ----A---- C:\WINDOWS\system32\FM20.DLL
2009-07-26 22:11:08 ----D---- C:\Program Files\Windows Live Safety Center
2009-07-26 15:44:56 ----A---- C:\WINDOWS\system32\sirenacm.dll
2009-07-21 22:03:10 ----D---- C:\Documents and Settings\Lejeune\Application Data\Google
2009-07-21 22:01:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-07-21 22:01:14 ----D---- C:\Program Files\Google
2009-07-21 00:05:40 ----A---- C:\WINDOWS\system32\msxml4.dll
2009-07-15 23:02:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-15 23:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-15 23:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-11 14:03:03 ----HD---- C:\WINDOWS\PIF
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\pywintypes25.dll
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\pythoncom25.dll
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\python25.dll
2009-07-06 13:29:29 ----D---- C:\Documents and Settings\Lejeune\Application Data\Save
2009-06-12 00:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 00:08:28 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 00:07:30 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 00:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-06 06:33:18 ----D---- C:\WINDOWS\ie8updates
2009-06-06 06:31:31 ----HDC---- C:\WINDOWS\ie8
2009-06-06 06:16:00 ----D---- C:\Documents and Settings\Lejeune\Application Data\U3
2009-05-10 11:53:53 ----D---- C:\Program Files\Fichiers communs\Motorola Shared
2009-05-10 10:51:05 ----D---- C:\Program Files\TomTom International B.V
2009-05-06 16:57:25 ----D---- C:\WINDOWS\msdownld.tmp
2009-04-15 23:55:44 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-04-15 23:55:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-04-15 23:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-15 23:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-15 23:54:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-15 23:53:57 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-03-11 23:05:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 23:05:10 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-11 23:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-11 23:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-08 13:17:46 ----N---- C:\WINDOWS\system32\msrating.dll.mui
2009-03-08 13:17:30 ----N---- C:\WINDOWS\system32\mshta.exe.mui
2009-03-08 13:16:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
2009-03-08 13:15:48 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
2009-02-25 12:17:55 ----A---- C:\WINDOWS\ipool.INI
2009-02-25 12:16:13 ----D---- C:\Games
2009-02-25 12:10:56 ----D---- C:\Documents and Settings\Lejeune\Application Data\Help
2009-02-25 12:07:42 ----D---- C:\Program Files\TomCat Soft
2009-02-25 01:23:48 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-21 19:51:27 ----D---- C:\Program Files\BzTarot
2009-02-21 19:51:03 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe
2009-02-21 19:51:02 ----D---- C:\Program Files\Objectif Tarot
2009-02-19 10:31:36 ----D---- C:\Program Files\Webtarot
2009-02-19 10:15:02 ----D---- C:\Rummy Royal
2009-02-11 13:24:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-01-15 19:31:30 ----D---- C:\rsit
2009-01-15 19:31:30 ----D---- C:\Program Files\trend micro
2009-01-15 16:04:20 ----D---- C:\Documents and Settings\Lejeune\Application Data\Apple Computer
2009-01-15 16:04:15 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-15 16:04:01 ----D---- C:\Program Files\iPod
2009-01-15 16:03:59 ----D---- C:\Program Files\iTunes
2009-01-15 16:03:59 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-15 16:03:50 ----D---- C:\Program Files\Bonjour
2009-01-15 16:03:25 ----D---- C:\Program Files\QuickTime
2009-01-15 16:03:24 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-15 16:03:10 ----D---- C:\Program Files\Apple Software Update
2009-01-15 16:02:53 ----D---- C:\Program Files\Fichiers communs\Apple
2009-01-15 16:02:52 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-01-14 22:13:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-14 07:07:49 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 07:07:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-07 17:20:18 ----A---- C:\WINDOWS\system32\msdbg2.dll
2008-12-25 17:44:53 ----D---- C:\Documents and Settings\All Users\Application Data\TomTom
2008-12-25 17:44:17 ----D---- C:\Documents and Settings\Lejeune\Application Data\TomTom
2008-12-25 17:43:57 ----D---- C:\Program Files\TomTom HOME 2
2008-12-25 17:42:04 ----D---- C:\Program Files\TomTom DesktopSuite
2008-12-18 22:33:21 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\muweb.dll
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-17 16:35:48 ----D---- C:\Program Files\MSN Messenger
2008-12-17 16:27:57 ----D---- C:\Documents and Settings\Lejeune\Application Data\MSNInstaller
2008-12-17 14:52:52 ----D---- C:\Program Files\Microsoft Silverlight
2008-12-17 14:50:43 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 14:41:09 ----D---- C:\Program Files\Fichiers communs\Windows Live

======List of files/folders modified in the last 1 months======

2010-01-14 21:55:21 ----SHD---- C:\WINDOWS\Installer
2010-01-14 21:55:16 ----RSD---- C:\WINDOWS\assembly
2010-01-13 22:39:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-13 22:39:29 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-13 22:39:03 ----A---- C:\WINDOWS\imsins.BAK
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-28 23:57:07 ----D---- C:\Documents and Settings\Lejeune\Application Data\LimeWire
2009-12-24 09:26:48 ----SD---- C:\Documents and Settings\Lejeune\Application Data\Microsoft
2009-12-22 22:14:30 ----D---- C:\Program Files\MSECache
2009-12-09 23:18:07 ----D---- C:\Program Files\Internet Explorer
2009-12-04 06:39:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-25 23:03:38 ----D---- C:\WINDOWS\WinSxS
2009-11-22 18:27:10 ----D---- C:\WINDOWS\ehome
2009-11-04 19:12:59 ----D---- C:\WINDOWS\network diagnostic
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\wininet.dll
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\occache.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-10-29 08:42:27 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-10-28 16:07:15 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-28 15:40:47 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\httpapi.dll
2009-10-17 23:23:40 ----RSD---- C:\WINDOWS\Fonts
2009-10-17 23:23:24 ----D---- C:\Program Files\Microsoft Works
2009-10-17 23:22:34 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-15 17:32:12 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-10-15 17:32:12 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-10-15 05:56:16 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-13 11:33:37 ----A---- C:\WINDOWS\system32\oakley.dll
2009-10-12 17:03:39 ----SHD---- C:\RECYCLER
2009-10-12 14:39:22 ----A---- C:\WINDOWS\system32\rastls.dll
2009-10-12 14:39:22 ----A---- C:\WINDOWS\system32\raschap.dll
2009-09-16 12:06:18 ----D---- C:\Program Files\Windows Live
2009-09-11 15:18:20 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-09-04 22:04:39 ----A---- C:\WINDOWS\system32\msasn1.dll
2009-08-26 09:01:24 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-08-25 10:18:35 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-08-12 23:13:26 ----D---- C:\Program Files\Outlook Express
2009-08-06 18:24:26 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-08-06 18:24:18 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-08-06 18:24:18 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-08-06 18:24:10 ----A---- C:\WINDOWS\system32\wups2.dll
2009-08-06 18:24:10 ----A---- C:\WINDOWS\system32\wups.dll
2009-08-06 18:24:06 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-08-06 18:24:04 ----A---- C:\WINDOWS\system32\cdm.dll
2009-08-06 18:24:00 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-08-06 18:23:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-08-06 18:23:46 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-08-06 18:23:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-08-06 05:19:03 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-05 21:43:09 ----D---- C:\WINDOWS\system32\spool
2009-08-05 10:00:38 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-08-04 18:27:57 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-04 18:27:54 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-08-03 15:54:18 ----A---- C:\WINDOWS\ModemLog_SAMSUNG Mobile USB Modem.txt
2009-07-31 10:03:46 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-07-31 05:33:43 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-07-17 20:03:33 ----A---- C:\WINDOWS\system32\atl.dll
2009-07-17 17:16:51 ----A---- C:\WINDOWS\system32\query.dll
2009-07-13 22:43:24 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2009-07-13 22:43:24 ----A---- C:\WINDOWS\system32\wmp.dll
2009-07-11 14:03:03 ----D---- C:\Program Files\Windows Media Player
2009-07-10 15:08:44 ----SHD---- C:\System Volume Information
2009-07-10 15:08:44 ----D---- C:\WINDOWS\system32\Restore
2009-07-08 11:23:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-02 14:54:12 ----D---- C:\WINDOWS\system32\FxsTmp
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\wdigest.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\secur32.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\schannel.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-06-25 09:26:31 ----A---- C:\WINDOWS\system32\kerberos.dll
2009-06-22 07:47:13 ----A---- C:\WINDOWS\system32\jscript.dll
2009-06-19 14:26:56 ----D---- C:\WINDOWS\system32\Macromed
2009-06-15 11:44:50 ----A---- C:\WINDOWS\system32\telnet.exe
2009-06-15 11:44:49 ----A---- C:\WINDOWS\system32\tlntsess.exe
2009-06-10 15:14:28 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-06-10 08:21:22 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-06-10 07:15:17 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-06-03 20:10:33 ----A---- C:\WINDOWS\system32\quartz.dll
2009-05-20 03:56:52 ----A---- C:\WINDOWS\system32\WMVCore.dll
2009-05-10 11:54:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-07 16:33:02 ----A---- C:\WINDOWS\system32\localspl.dll
2009-04-16 05:46:59 ----D---- C:\WINDOWS\system32\wbem
2009-04-15 15:53:29 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-04-01 22:02:22 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2009-03-21 15:07:58 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-03-08 13:18:02 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-03-08 13:16:06 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-03-08 03:34:48 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2009-03-08 03:34:48 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-03-08 03:34:30 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-03-08 03:34:28 ----A---- C:\WINDOWS\system32\url.dll
2009-03-08 03:34:18 ----A---- C:\WINDOWS\system32\msrating.dll
2009-03-08 03:33:40 ----A---- C:\WINDOWS\system32\corpol.dll
2009-03-08 03:33:08 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-03-08 03:33:06 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-03-08 03:33:02 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-03-08 03:32:56 ----A---- C:\WINDOWS\system32\admparse.dll
2009-03-08 03:32:52 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-03-08 03:32:52 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-03-08 03:32:50 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-03-08 03:32:50 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-03-08 03:32:48 ----A---- C:\WINDOWS\system32\advpack.dll
2009-03-08 03:32:46 ----A---- C:\WINDOWS\system32\inseng.dll
2009-03-08 03:32:04 ----A---- C:\WINDOWS\system32\mstime.dll
2009-03-08 03:31:54 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-03-08 03:31:52 ----A---- C:\WINDOWS\system32\icardie.dll
2009-03-08 03:31:44 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-03-08 03:31:38 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-03-08 03:31:38 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-03-08 03:31:36 ----A---- C:\WINDOWS\system32\pngfilt.dll
2
Contenus similaires
Anonyme
15 Janvier 2010 19:38:55

Voila ce que tu ma demander de faire et merci de m'avoir repondu
Anonyme
15 Janvier 2010 19:47:55

Qu'est ce que je dois faire aprés s'il te plait ????
15 Janvier 2010 19:51:07

Le second rapport n'est pas complet, re-colle le ;) 
Il manque le bas ici
Anonyme
15 Janvier 2010 19:55:56

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lejeune at 2009-01-15 19:31:30
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 50 GB (68%) free of 73 GB
Total RAM: 2815 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:58, on 15/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Lejeune\Bureau\RSIT.exe
C:\Program Files\trend micro\Lejeune.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://moteur.chat-land.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Mirar - {012EEB6D-1444-4A6A-8976-6C7A756612C0} - C:\WINDOWS\system32\f978.dll
O2 - BHO: gwprimawega - {146cabea-1007-d98f-47e0-71442ac2d3ec} - C:\WINDOWS\system32\03-ByyQ.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Antivirus Plus BHO - {C2B5AAB8-2183-4be7-81A6-F11493C45872} - C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Mirar - {012EEB6C-1444-4A6A-8976-6C7A756612C0} - C:\WINDOWS\system32\f978.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll", start 70700
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S8F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WhereSphere] C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe
O4 - HKCU\..\Run: [SfKg6wIPuS] C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll", start 70700
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AntiVirus Plus.lnk = C:\WINDOWS\system32\rundll32.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: AntiVirus Plus.lnk = C:\WINDOWS\system32\rundll32.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca0a468d679126) (gupdate1ca0a468d679126) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwanzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 10210 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{012EEB6D-1444-4A6A-8976-6C7A756612C0}]
Mirar - C:\WINDOWS\system32\f978.dll [2009-11-22 729088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{146cabea-1007-d98f-47e0-71442ac2d3ec}]
gwprimawega - C:\WINDOWS\system32\03-ByyQ.dll [2009-12-26 1191936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-13 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-21 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2B5AAB8-2183-4be7-81A6-F11493C45872}]
Antivirus Plus BHO - C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-13 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
{012EEB6C-1444-4A6A-8976-6C7A756612C0} - Mirar - C:\WINDOWS\system32\f978.dll [2009-11-22 729088]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"Acer Empowering Technology Monitor"=C:\WINDOWS\system32\SysMonitor.exe [2006-04-18 49152]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"AntiVirus Plus"=C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-21 39408]
"WhereSphere"=C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe [2009-12-20 827392]
"SfKg6wIPuS"=C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe [2009-11-22 258048]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"AntiVirus Plus"=C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-02-26 437160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
AntiVirus Plus.lnk - C:\WINDOWS\system32\rundll32.exe

C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\Démarrage
AntiVirus Plus.lnk - C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-07-18 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1be4f3d0-5259-11de-b91a-001e2a4bebd5}]
shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaaed366-d2a2-11dd-b853-001e2a4bebd5}]
shell\AutoRun\command - J:\InstallTomTomHOME.exe


======List of files/folders created in the last 1 months======

2010-01-14 20:33:49 ----D---- C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus
2010-01-14 20:33:44 ----A---- C:\WINDOWS\system32\y-W-MOG7b.exe
2010-01-13 22:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 22:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2009-12-28 18:02:30 ----D---- C:\Documents and Settings\Lejeune\Application Data\Audacity
2009-12-26 05:11:52 ----A---- C:\WINDOWS\system32\03-ByyQ.dll
2009-12-09 23:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 23:18:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 23:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 23:17:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 23:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-11-25 23:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 23:03:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-22 18:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2009-11-22 18:24:02 ----D---- C:\Program Files\Kwanzy
2009-11-22 18:24:02 ----D---- C:\Documents and Settings\All Users\Application Data\Kwanzy
2009-11-22 18:23:49 ----D---- C:\Documents and Settings\Lejeune\Application Data\WhereSphere
2009-11-22 18:23:48 ----A---- C:\WINDOWS\system32\f978.dll
2009-11-12 23:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-10-14 21:34:20 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-14 21:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-14 21:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-14 21:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-14 21:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-14 21:32:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-14 21:31:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-14 21:31:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-14 21:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB953295$
2009-10-14 21:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-03 10:06:22 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2009-09-16 21:38:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-09-16 12:06:24 ----D---- C:\Program Files\Microsoft
2009-09-09 22:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-09 06:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-09 06:14:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-09 06:14:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$
2009-08-28 17:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-08-13 11:29:23 ----D---- C:\Documents and Settings\Lejeune\Application Data\Download Manager
2009-08-12 23:13:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-12 23:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-12 23:13:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-12 23:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-12 23:13:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-12 23:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-12 23:13:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-12 23:13:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-12 23:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-06 05:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-08-05 21:46:12 ----D---- C:\dfa7adc192a258b9f0408b39cc6509d3
2009-08-05 21:43:32 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-05 21:43:28 ----D---- C:\Program Files\MSBuild
2009-08-05 21:43:27 ----D---- C:\WINDOWS\system32\en-US
2009-08-05 21:43:21 ----D---- C:\Program Files\Reference Assemblies
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-05 21:43:01 ----D---- C:\10b43c0ddf8b267179
2009-08-05 21:41:58 ----SHD---- C:\Config.Msi
2009-08-04 18:52:22 ----A---- C:\WINDOWS\system32\FM20.DLL
2009-07-26 22:11:08 ----D---- C:\Program Files\Windows Live Safety Center
2009-07-26 15:44:56 ----A---- C:\WINDOWS\system32\sirenacm.dll
2009-07-21 22:03:10 ----D---- C:\Documents and Settings\Lejeune\Application Data\Google
2009-07-21 22:01:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-07-21 22:01:14 ----D---- C:\Program Files\Google
2009-07-21 00:05:40 ----A---- C:\WINDOWS\system32\msxml4.dll
2009-07-15 23:02:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-15 23:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-15 23:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-11 14:03:03 ----HD---- C:\WINDOWS\PIF
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\pywintypes25.dll
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\pythoncom25.dll
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\python25.dll
2009-07-06 13:29:29 ----D---- C:\Documents and Settings\Lejeune\Application Data\Save
2009-06-12 00:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 00:08:28 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 00:07:30 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 00:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-06 06:33:18 ----D---- C:\WINDOWS\ie8updates
2009-06-06 06:31:31 ----HDC---- C:\WINDOWS\ie8
2009-06-06 06:16:00 ----D---- C:\Documents and Settings\Lejeune\Application Data\U3
2009-05-10 11:53:53 ----D---- C:\Program Files\Fichiers communs\Motorola Shared
2009-05-10 10:51:05 ----D---- C:\Program Files\TomTom International B.V
2009-05-06 16:57:25 ----D---- C:\WINDOWS\msdownld.tmp
2009-04-15 23:55:44 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-04-15 23:55:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-04-15 23:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-15 23:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-15 23:54:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-15 23:53:57 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-03-11 23:05:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 23:05:10 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-11 23:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-11 23:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-08 13:17:46 ----N---- C:\WINDOWS\system32\msrating.dll.mui
2009-03-08 13:17:30 ----N---- C:\WINDOWS\system32\mshta.exe.mui
2009-03-08 13:16:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
2009-03-08 13:15:48 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
2009-02-25 12:17:55 ----A---- C:\WINDOWS\ipool.INI
2009-02-25 12:16:13 ----D---- C:\Games
2009-02-25 12:10:56 ----D---- C:\Documents and Settings\Lejeune\Application Data\Help
2009-02-25 12:07:42 ----D---- C:\Program Files\TomCat Soft
2009-02-25 01:23:48 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-21 19:51:27 ----D---- C:\Program Files\BzTarot
2009-02-21 19:51:03 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe
2009-02-21 19:51:02 ----D---- C:\Program Files\Objectif Tarot
2009-02-19 10:31:36 ----D---- C:\Program Files\Webtarot
2009-02-19 10:15:02 ----D---- C:\Rummy Royal
2009-02-11 13:24:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-01-15 19:31:30 ----D---- C:\rsit
2009-01-15 19:31:30 ----D---- C:\Program Files\trend micro
2009-01-15 16:04:20 ----D---- C:\Documents and Settings\Lejeune\Application Data\Apple Computer
2009-01-15 16:04:15 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-15 16:04:01 ----D---- C:\Program Files\iPod
2009-01-15 16:03:59 ----D---- C:\Program Files\iTunes
2009-01-15 16:03:59 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-15 16:03:50 ----D---- C:\Program Files\Bonjour
2009-01-15 16:03:25 ----D---- C:\Program Files\QuickTime
2009-01-15 16:03:24 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-15 16:03:10 ----D---- C:\Program Files\Apple Software Update
2009-01-15 16:02:53 ----D---- C:\Program Files\Fichiers communs\Apple
2009-01-15 16:02:52 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-01-14 22:13:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-14 07:07:49 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 07:07:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-07 17:20:18 ----A---- C:\WINDOWS\system32\msdbg2.dll
2008-12-25 17:44:53 ----D---- C:\Documents and Settings\All Users\Application Data\TomTom
2008-12-25 17:44:17 ----D---- C:\Documents and Settings\Lejeune\Application Data\TomTom
2008-12-25 17:43:57 ----D---- C:\Program Files\TomTom HOME 2
2008-12-25 17:42:04 ----D---- C:\Program Files\TomTom DesktopSuite
2008-12-18 22:33:21 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\muweb.dll
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-17 16:35:48 ----D---- C:\Program Files\MSN Messenger
2008-12-17 16:27:57 ----D---- C:\Documents and Settings\Lejeune\Application Data\MSNInstaller
2008-12-17 14:52:52 ----D---- C:\Program Files\Microsoft Silverlight
2008-12-17 14:50:43 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 14:41:09 ----D---- C:\Program Files\Fichiers communs\Windows Live

======List of files/folders modified in the last 1 months======

2010-01-14 21:55:21 ----SHD---- C:\WINDOWS\Installer
2010-01-14 21:55:16 ----RSD---- C:\WINDOWS\assembly
2010-01-13 22:39:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-13 22:39:29 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-13 22:39:03 ----A---- C:\WINDOWS\imsins.BAK
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-28 23:57:07 ----D---- C:\Documents and Settings\Lejeune\Application Data\LimeWire
2009-12-24 09:26:48 ----SD---- C:\Documents and Settings\Lejeune\Application Data\Microsoft
2009-12-22 22:14:30 ----D---- C:\Program Files\MSECache
2009-12-09 23:18:07 ----D---- C:\Program Files\Internet Explorer
2009-12-04 06:39:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-25 23:03:38 ----D---- C:\WINDOWS\WinSxS
2009-11-22 18:27:10 ----D---- C:\WINDOWS\ehome
2009-11-04 19:12:59 ----D---- C:\WINDOWS\network diagnostic
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\wininet.dll
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\occache.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-10-29 08:42:27 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-10-28 16:07:15 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-28 15:40:47 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\httpapi.dll
2009-10-17 23:23:40 ----RSD---- C:\WINDOWS\Fonts
2009-10-17 23:23:24 ----D---- C:\Program Files\Microsoft Works
2009-10-17 23:22:34 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-15 17:32:12 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-10-15 17:32:12 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-10-15 05:56:16 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-13 11:33:37 ----A---- C:\WINDOWS\system32\oakley.dll
2009-10-12 17:03:39 ----SHD---- C:\RECYCLER
2009-10-12 14:39:22 ----A---- C:\WINDOWS\system32\rastls.dll
2009-10-12 14:39:22 ----A---- C:\WINDOWS\system32\raschap.dll
2009-09-16 12:06:18 ----D---- C:\Program Files\Windows Live
2009-09-11 15:18:20 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-09-04 22:04:39 ----A---- C:\WINDOWS\system32\msasn1.dll
2009-08-26 09:01:24 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-08-25 10:18:35 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-08-12 23:13:26 ----D---- C:\Program Files\Outlook Express
2009-08-06 18:24:26 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-08-06 18:24:18 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-08-06 18:24:18 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-08-06 18:24:10 ----A---- C:\WINDOWS\system32\wups2.dll
2009-08-06 18:24:10 ----A---- C:\WINDOWS\system32\wups.dll
2009-08-06 18:24:06 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-08-06 18:24:04 ----A---- C:\WINDOWS\system32\cdm.dll
2009-08-06 18:24:00 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-08-06 18:23:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-08-06 18:23:46 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-08-06 18:23:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-08-06 05:19:03 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-05 21:43:09 ----D---- C:\WINDOWS\system32\spool
2009-08-05 10:00:38 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-08-04 18:27:57 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-04 18:27:54 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-08-03 15:54:18 ----A---- C:\WINDOWS\ModemLog_SAMSUNG Mobile USB Modem.txt
2009-07-31 10:03:46 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-07-31 05:33:43 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-07-17 20:03:33 ----A---- C:\WINDOWS\system32\atl.dll
2009-07-17 17:16:51 ----A---- C:\WINDOWS\system32\query.dll
2009-07-13 22:43:24 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2009-07-13 22:43:24 ----A---- C:\WINDOWS\system32\wmp.dll
2009-07-11 14:03:03 ----D---- C:\Program Files\Windows Media Player
2009-07-10 15:08:44 ----SHD---- C:\System Volume Information
2009-07-10 15:08:44 ----D---- C:\WINDOWS\system32\Restore
2009-07-08 11:23:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-02 14:54:12 ----D---- C:\WINDOWS\system32\FxsTmp
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\wdigest.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\secur32.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\schannel.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-06-25 09:26:31 ----A---- C:\WINDOWS\system32\kerberos.dll
2009-06-22 07:47:13 ----A---- C:\WINDOWS\system32\jscript.dll
2009-06-19 14:26:56 ----D---- C:\WINDOWS\system32\Macromed
2009-06-15 11:44:50 ----A---- C:\WINDOWS\system32\telnet.exe
2009-06-15 11:44:49 ----A---- C:\WINDOWS\system32\tlntsess.exe
2009-06-10 15:14:28 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-06-10 08:21:22 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-06-10 07:15:17 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-06-03 20:10:33 ----A---- C:\WINDOWS\system32\quartz.dll
2009-05-20 03:56:52 ----A---- C:\WINDOWS\system32\WMVCore.dll
2009-05-10 11:54:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-07 16:33:02 ----A---- C:\WINDOWS\system32\localspl.dll
2009-04-16 05:46:59 ----D---- C:\WINDOWS\system32\wbem
2009-04-15 15:53:29 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-04-01 22:02:22 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2009-03-21 15:07:58 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-03-08 13:18:02 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-03-08 13:16:06 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-03-08 03:34:48 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2009-03-08 03:34:48 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-03-08 03:34:30 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-03-08 03:34:28 ----A---- C:\WINDOWS\system32\url.dll
2009-03-08 03:34:18 ----A---- C:\WINDOWS\system32\msrating.dll
2009-03-08 03:33:40 ----A---- C:\WINDOWS\system32\corpol.dll
2009-03-08 03:33:08 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-03-08 03:33:06 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-03-08 03:33:02 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-03-08 03:32:56 ----A---- C:\WINDOWS\system32\admparse.dll
2009-03-08 03:32:52 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-03-08 03:32:52 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-03-08 03:32:50 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-03-08 03:32:50 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-03-08 03:32:48 ----A---- C:\WINDOWS\system32\advpack.dll
2009-03-08 03:32:46 ----A---- C:\WINDOWS\system32\inseng.dll
2009-03-08 03:32:04 ----A---- C:\WINDOWS\system32\mstime.dll
2009-03-08 03:31:54 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-03-08 03:31:52 ----A---- C:\WINDOWS\system32\icardie.dll
2009-03-08 03:31:44 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-03-08 03:31:38 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-03-08 03:31:38 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-03-08 03:31:36 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-03-08 03:31:26 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-03-08 03:31:18 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-03-08 03:31:02 ----A---- C:\WINDOWS\system32\mshta.exe
2009-03-08 03:22:46 ----A---- C:\WINDOWS\system32\ieui.dll
2009-03-08 03:22:38 ----A---- C:\WINDOWS\system32\msls31.dll
2009-03-08 03:11:12 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2009-03-06 15:20:52 ----A---- C:\WINDOWS\system32\pdh.dll
2009-02-20 18:10:47 ----A---- C:\WINDOWS\system32\extmgr.dll
2009-02-09 12:23:48 ----A---- C:\WINDOWS\system32\services.exe
2009-02-09 11:53:55 ----A---- C:\WINDOWS\system32\rpcss.dll
2009-02-09 11:53:55 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-02-09 11:53:55 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-02-06 11:39:08 ----A---- C:\WINDOWS\system32\sc.exe
2009-01-25 15:16:05 ----D---- C:\Documents and Settings\Lejeune\Application Data\Adobe
2009-01-15 19:31:30 ----RD---- C:\Program Files
2009-01-15 18:50:25 ----A---- C:\WINDOWS\win.ini
2009-01-15 18:33:03 ----SD---- C:\WINDOWS\Tasks
2009-01-15 18:31:57 ----D---- C:\Program Files\Mozilla Firefox
2009-01-15 18:30:22 ----D---- C:\WINDOWS\Registration
2009-01-15 18:30:17 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-15 18:30:01 ----AD---- C:\WINDOWS
2009-01-15 18:26:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-15 18:21:48 ----AD---- C:\VALUEADD
2009-01-15 18:12:55 ----HD---- C:\WINDOWS\inf
2009-01-15 06:57:00 ----D---- C:\WINDOWS\temp
2009-01-15 06:53:03 ----AD---- C:\WINDOWS\system32\drivers
2009-01-15 06:41:26 ----AD---- C:\WINDOWS\system32
2009-01-15 06:41:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-14 22:59:50 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-14 22:02:43 ----D---- C:\WINDOWS\Prefetch
2009-01-07 17:21:08 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-01-07 17:21:08 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-01-07 17:21:04 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-01-07 17:20:38 ----A---- C:\WINDOWS\system32\nlsdl.dll
2009-01-07 17:20:36 ----A---- C:\WINDOWS\system32\normaliz.dll
2009-01-07 17:20:36 ----A---- C:\WINDOWS\system32\idndl.dll
2008-12-17 16:37:32 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-17 14:52:05 ----D---- C:\WINDOWS\system32\DirectX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-07-18 1621504]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-06 4284928]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-09-08 6144]
R3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
R3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-07-10 244864]
R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S3 GEMPC430;Lecteur de cartes à puce GEMPLUS GemPC430 USB; C:\WINDOWS\system32\DRIVERS\grclass.sys [2001-08-23 82560]
S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2005-10-04 280064]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-05-11 28672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-07-18 401408]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-13 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-24 92008]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gupdate1ca0a468d679126;Service Google Update (gupdate1ca0a468d679126); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-21 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-21 190448]
S2 Kwanzy Service;Kwanzy Service; C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe [2009-11-26 46432]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------



Le voila dsl
15 Janvier 2010 19:58:09

Pas de soucis! Tu es pas mal infecté! :o 

Fais ça:

Télécharger sur le bureau Malwarebyte's Anti-Malware

* Double-clic sur « mbam-setup » pour lancer l'installation
* Installer simplement sans rien modifier
* Quand le programme lancé ==> onglet « Mise à jour » cliquer sur ==> « Recherche de mise à jour »
Onglet « Recherche » ==> cocher « Exécuter un examen complet »
* Clic « Rechercher »
* Cocher tous les disque dur
* Clic « Lancer l'examen »
* En fin de scan , si infection trouvée
==> Clic « Afficher résultat »
* Fermer vos applications en cours
* Vérifier si tout est coché et clic « Supprimer la sélection »

* un rapport s'ouvre le copier et le coller dans la réponse
Anonyme
15 Janvier 2010 19:59:49

ok c'est d'accord
Anonyme
15 Janvier 2010 20:04:23

Voila j'ai suivi tes instructions, je viens de lancer l'examen complet je t'envoi le rapport des que l'examen est terminer merci
Anonyme
15 Janvier 2010 20:51:42

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3570
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

15/01/2009 20:53:41
mbam-log-2009-01-15 (20-53-41).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Eléments examinés: 600481
Temps écoulé: 47 minute(s), 3 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 22
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 25

Processus mémoire infecté(s):
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe (Adware.WhereSphere) -> Unloaded process successfully.
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe (Trojan.Downloader) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\Mozilla Firefox\components\wsff.dll (Adware.WhereSphere) -> Delete on reboot.
C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll (Trojan.FakeAlert) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6b0da396-2dee-e4c6-d02b-575ff7159670} (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\kwanzy (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{012eeb6d-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{012eeb6d-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{012eeb6d-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{012eeb6d-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wheresphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WhereSphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Kwanzy Service (Adware.Kwanzy) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AwesomeBestShoppingTipsProgram (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RelatedPageInstall (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{146cabea-1007-d98f-47e0-71442ac2d3ec} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{146cabea-1007-d98f-47e0-71442ac2d3ec} (Adware.BHO) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wheresphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sfkg6wipus (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus plus (Rogue.AntivirusPlus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus plus (Rogue.AntivirusPlus) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AntiVirus Plus (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\AntiVirus Plus (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\WhereSphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus (Rogue.AntiVirusPlus) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Program Files\Mozilla Firefox\components\wsff.dll (Adware.WhereSphere) -> Delete on reboot.
C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Mes documents\util\SMSMoveX800.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Mes documents\util\SMSMoveZ510.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Mes documents\util\SMSMoveD500.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy\kwanzy.exe (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f978.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AntiVirus Plus\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AntiVirus Plus\EULA.url (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\AntiVirus Plus\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\AntiVirus Plus\EULA.url (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\config.cfg (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\WhereSphere.exe (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\WSUninstall.exe (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\avp.ico (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Program Files\mozilla firefox\searchPlugins\kwanzy129.xml (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Program Files\mozilla firefox\searchPlugins\kwanzy131.xml (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Bureau\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\Démarrage\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\03-ByyQ.dll (Adware.BHO) -> Quarantined and deleted successfully.
15 Janvier 2010 20:58:42

Ok! Tu peux refaire un RSIT?
Anonyme
15 Janvier 2010 21:02:45

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lejeune at 2010-01-15 21:01:49
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 50 GB (68%) free of 73 GB
Total RAM: 2815 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:01:58, on 15/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Lejeune\Bureau\RSIT.exe
C:\Program Files\trend micro\Lejeune.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://moteur.chat-land.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S8F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca0a468d679126) (gupdate1ca0a468d679126) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 8756 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-13 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-21 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-13 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"Acer Empowering Technology Monitor"=C:\WINDOWS\system32\SysMonitor.exe [2006-04-18 49152]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-21 39408]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-02-26 437160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-07-18 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1be4f3d0-5259-11de-b91a-001e2a4bebd5}]
shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaaed366-d2a2-11dd-b853-001e2a4bebd5}]
shell\AutoRun\command - J:\InstallTomTomHOME.exe


======List of files/folders created in the last 1 months======

2010-01-14 20:33:44 ----A---- C:\WINDOWS\system32\y-W-MOG7b.exe
2010-01-13 22:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 22:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2009-12-28 18:02:30 ----D---- C:\Documents and Settings\Lejeune\Application Data\Audacity

======List of files/folders modified in the last 1 months======

2010-01-15 21:01:51 ----D---- C:\Program Files\trend micro
2010-01-15 21:01:31 ----D---- C:\WINDOWS\temp
2010-01-15 21:01:28 ----SD---- C:\WINDOWS\Tasks
2010-01-14 21:55:21 ----SHD---- C:\WINDOWS\Installer
2010-01-14 21:55:21 ----SHD---- C:\Config.Msi
2010-01-14 21:55:16 ----RSD---- C:\WINDOWS\assembly
2010-01-13 22:39:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-13 22:39:29 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-13 22:39:03 ----A---- C:\WINDOWS\imsins.BAK
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-28 23:57:07 ----D---- C:\Documents and Settings\Lejeune\Application Data\LimeWire
2009-12-24 09:26:48 ----SD---- C:\Documents and Settings\Lejeune\Application Data\Microsoft
2009-12-22 22:14:30 ----D---- C:\Program Files\MSECache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-07-18 1621504]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-06 4284928]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-09-08 6144]
R3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
R3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-07-10 244864]
R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S3 GEMPC430;Lecteur de cartes à puce GEMPLUS GemPC430 USB; C:\WINDOWS\system32\DRIVERS\grclass.sys [2001-08-23 82560]
S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2005-10-04 280064]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-05-11 28672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-07-18 401408]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-13 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-24 92008]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gupdate1ca0a468d679126;Service Google Update (gupdate1ca0a468d679126); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-21 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-21 190448]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------




Il y a que celui ci qui a apparu lorsque j'ai refait le RSIT
15 Janvier 2010 21:07:30

Télécharger sur le bureau « OTMoveIt.exe »

* Copier ce texte

:Processes
explorer.exe

:Files
C:\WINDOWS\system32\y-W-MOG7b.exe

:Commands
[emptytemp]
[start explorer]
[Reboot]


* Double-clic sur OTMoveIt.exe

* Dans le cadre de Gauche « Paste Instructions for Items to be Moved » ==> clic-droit ==> coller
* Clic « MoveIt! »
* si redémarrage demandé==> Clic : « YES »
* Un rapport dans ==> C:\_OTMoveIt\MovedFiles\date du jour à copier/coller dans la réponse (format du type => mmjjaaaa_hhmmss.log)

===

Redémarre et dis si tu as encore des soucis ;) 
Anonyme
15 Janvier 2010 21:15:47

J'ai fais tout ce que tu m'as dit jusqu'a si redemarrage demandé clic Yes mais apres je ne comprend pas : Un rapport dans ==> C:\_OTMoveIt\MovedFiles\date du jour à copier/coller dans la réponse (format du type => mmjjaaaa_hhmmss.log)

Par contre apparement tout est redevenu normal !
15 Janvier 2010 21:17:03

Laisse tomber :lol:  ça voulait dire de poster le rapport et j'indiquais où il se trouvait!

===

1/ Pour supprimer les utilitaires téléchargés:

* Télécharge ToolsCleaner2 sur ton bureau
* Double-clique sur « Toolscleaner.exe »
* Clique sur « restauration » pour créer un point de restauration.
* Puis clique sur « recherche »
* Quand la recherche sera terminée, clique sur « suppression ».
* A la fin (il y aura des indications dans le cadre en-dessous), clique sur « quitter » et poste le rapport qui se trouve dans « C:\Tcleaner.txt »
* Clique droit sur son icône => « supprimer »


2/ Pour supprimer les fichiers temporaires (à utiliser régulièrement!):

Télécharge sur le bureau « ATF-Cleaner »
* Double-clic dessus
* Sous l'onglet « Main », choisis« Select All »
* Clique sur le bouton « Empty Selected »
* Patiente le temps du nettoyage, puis « Ok »
** Note: Le prochain démarrage du PC sera un peu plus long, le prefetch ayant été vidé

-----

3/ Désactiver et réactiver la restauration système:

- sous xp:

* Clique-Droit sur Poste de Travail
* Clique « Propriétés »
* Clique « Restauration du système »
* Cocher : « Désactiver la restauration système sur tous les lecteurs »
* Valider en cliquant sur « OK »
-> Redémarrer le pc
* Et même manoeuvre en décochant pour rétablir la restauration
* Puis Menu Démarrer ==> Tous les programmes ==> Accessoires ==> Outils système ==> Restauration système
* Clique « Créer un nouveau point de restauration »
** note => le nom donné n’a aucune importance

- sous vista:

* Clique sur Démarrer
* Clique-droit sur « Ordinateur »
* Clique « Propriétés »
* Clique « Protection du système »
* Décocher : « C »
* Valider en cliquant sur « OK »
-> Redémarrer le pc
* Et même manoeuvre en recochant pour rétablir la restauration
* Puis de même et cliquer « créer » pour établir un nouveau point de restauration

-----

4/ Garder malwarebytes' et penser à faire des scans réguliers avec ce dernier!
=> Tuto malwarebytes'

-----

5/ Un dossier sur les infections à lire si ça t'interesse => Lien

-----

6/ Problème résolu?

Alors penser à mettre le sujet en résolu en éditant ton titre! :clin: 
Anonyme
15 Janvier 2010 21:20:46

BOn et bien merci beaucoup pour ton aide cela ma été tres utile .
Je penserais a toi si j'ai d'autre probleme du genre :wahoo:  !!
Dans tous les cas merci beaucoup et a bientot !! :hello: 
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS