Votre question

Iexplore.exe virus

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
11 Novembre 2009 16:58:54

Bonjour depuis peu jai des pages internet qui s'ouvrent dans le gestionnaires des taches j'ai beau les supprimer ou utiliser firefox elles reviennent. Cela me fais ramer voila mon rapport :

Logfile of random's system information tool 1.06 (written by random/random)
Run by fabien at 2009-11-11 16:50:51
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 165 GB (48%) free of 343 GB
Total RAM: 2047 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:50:53, on 11/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SFR\Kit\9props.exe
C:\documents and settings\fabien\local settings\application data\sgtauan.exe
C:\Program Files\Mumble\dbus-daemon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe
C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hotbar\bin\11.0.78.0\Srv.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\NCSoft\Launcher\NCLauncher.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hotbar\bin\11.0.78.0\Srv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Downloads\Software\RSIT.exe
C:\Downloads\Software\fabien.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe" -auto
O4 - HKCU\..\Run: [sgtauan] "c:\documents and settings\fabien\local settings\application data\sgtauan.exe" sgtauan
O4 - HKCU\..\Run: [Windows Workstation] C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Enregistrement de FIFA 09.lnk = C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_...
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaw...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

--
End of file - 13115 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
ShoppingReport - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll [2009-10-13 1185056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-05-26 1423360]
"QFan Help"=C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
"Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-16 16806400]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"HotbarSA"=C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe [2009-09-15 768816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-09-13 3883856]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2009-04-24 203416]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-04-21 955712]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2009-09-17 1933381]
"Octoshape Streaming Services"=C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727]
"fsm"= []
"PlayNC Launcher"= []
"WeatherDPA"=C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe [2009-09-15 353584]
"sgtauan"=c:\documents and settings\fabien\local settings\application data\sgtauan.exe [2009-11-09 446464]
"Windows Workstation"=C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe [2009-11-11 22528]

C:\Documents and Settings\fabien\Menu Démarrer\Programmes\Démarrage
Enregistrement de FIFA 09.lnk - C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
PowerReg Scheduler V3.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-05-07 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"MemCheckBoxInRunDlg"=1
"NoSMBalloonTip"=1
"NoDesktopCleanupWizard"=1
"NoWelcomeScreen"=1
"NoStrCmpLogical"=0
"NoInstrumentation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:p nkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:p nkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe:*:Enabled:call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0, Public Beta 4"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Conference\Conference.dll"="C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\fabien\Bureau\PES2008.exe"="C:\Documents and Settings\fabien\Bureau\PES2008.exe:*:Enabled:p ro Evolution Soccer 2008"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:p ro Evolution Soccer 2008"
"C:\Documents and Settings\fabien\Bureau\pes2009.exe"="C:\Documents and Settings\fabien\Bureau\pes2009.exe:*:Enabled:p ro Evolution Soccer 2009"
"C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe"="C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:p ro Evolution Soccer 2009"
"C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\PokerTH\pokerth.exe"="C:\Program Files\PokerTH\pokerth.exe:*:Enabled:p okerth"
"C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Downloads\Crack\pes2010.exe"="C:\Downloads\Crack\pes2010.exe:*:Enabled:p ro Evolution Soccer 2010"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{373807e3-30a9-11de-8417-002215493bfd}]
shell\AutoRun\command - G:\autorun.exe


======List of files/folders created in the last 1 months======

2009-11-11 10:55:51 ----RSH---- C:\vshost.exe
2009-11-11 09:46:14 ----D---- C:\WINDOWS\LastGood
2009-11-06 03:14:42 ----A---- C:\WINDOWS\system32\xfcodec.dll
2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\HotbarSA
2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2009-10-19 12:55:33 ----D---- C:\Documents and Settings\fabien\Application Data\WeatherDPA
2009-10-19 12:55:31 ----D---- C:\Program Files\Hotbar
2009-10-19 12:55:31 ----D---- C:\Documents and Settings\fabien\Application Data\Hotbar
2009-10-19 12:55:21 ----D---- C:\Program Files\ShoppingReport
2009-10-19 12:55:21 ----D---- C:\Documents and Settings\fabien\Application Data\ShoppingReport
2009-10-16 02:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-16 02:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-16 02:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-16 02:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-16 02:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-16 02:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-16 02:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-16 02:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-16 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-16 02:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$

======List of files/folders modified in the last 1 months======

2009-11-11 16:47:48 ----D---- C:\Documents and Settings\fabien\Application Data\Free Download Manager
2009-11-11 16:23:51 ----D---- C:\Documents and Settings\fabien\Application Data\Xfire
2009-11-11 14:26:22 ----D---- C:\Documents and Settings\fabien\Application Data\mIRC
2009-11-11 13:55:22 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-11-11 12:31:08 ----D---- C:\WINDOWS\Prefetch
2009-11-11 11:57:05 ----D---- C:\Program Files\mIRC
2009-11-11 11:00:44 ----D---- C:\Downloads
2009-11-11 09:46:24 ----HD---- C:\WINDOWS\inf
2009-11-11 09:46:15 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-11 09:46:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-11 09:46:14 ----D---- C:\WINDOWS
2009-11-11 09:06:57 ----D---- C:\Program Files\Xfire
2009-11-11 04:26:34 ----D---- C:\Program Files\Mozilla Firefox
2009-11-10 14:06:24 ----D---- C:\Documents and Settings\fabien\Application Data\Software Informer
2009-11-10 14:03:37 ----D---- C:\WINDOWS\Temp
2009-11-10 09:35:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-09 22:31:31 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-09 03:57:48 ----D---- C:\Documents and Settings\fabien\Application Data\Mumble
2009-11-05 05:03:06 ----D---- C:\WINDOWS\system32
2009-11-05 03:00:23 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-04 21:40:55 ----D---- C:\Documents and Settings\fabien\Application Data\teamspeak2
2009-11-02 00:10:29 ----D---- C:\Documents and Settings\fabien\Application Data\dvdcss
2009-10-30 22:22:29 ----D---- C:\Program Files\World of Warcraft
2009-10-30 22:21:50 ----SHD---- C:\Config.Msi
2009-10-30 22:21:45 ----SHD---- C:\WINDOWS\Installer
2009-10-30 22:21:19 ----D---- C:\Documents and Settings\All Users\Application Data\KONAMI
2009-10-30 22:17:29 ----D---- C:\Program Files\Lineage II
2009-10-30 22:17:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-30 04:35:17 ----D---- C:\Program Files\KONAMI
2009-10-26 13:01:45 ----A---- C:\WINDOWS\WORDPAD.INI
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-19 12:55:31 ----RD---- C:\Program Files
2009-10-16 02:08:41 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-16 02:05:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-16 02:05:04 ----D---- C:\WINDOWS\WinSxS
2009-10-16 02:03:26 ----A---- C:\WINDOWS\imsins.BAK
2009-10-16 02:03:22 ----D---- C:\Program Files\Internet Explorer
2009-10-16 02:00:21 ----D---- C:\WINDOWS\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-16 5632]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-12 281760]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-12 25888]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-16 4747776]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-24 38400]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-27 6280416]
R3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 a8ldp604;a8ldp604; C:\WINDOWS\system32\drivers\a8ldp604.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\catchme.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\NKG3F2.tmp []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-07 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-07 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-21 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-11 215104]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-25 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Au plaisir d'une réponse

Autres pages sur : iexplore exe virus

11 Novembre 2009 17:04:26

bonsoir......changer ...aller dans la section virus....il y a des helpers.....eux pourront vous aider.....
m
0
l
12 Novembre 2009 01:11:29

petit up
m
0
l
Contenus similaires
a c 327 8 Sécurité
12 Novembre 2009 01:29:59

Bonjour,

  • Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
  • Double-clique sur Navilog1.exe pour le lancer.
    (Sous Vista, clique droit sur Navilog1 et choisis Exécuter en tant qu'administrateur)
  • Appuie sur 1 puis valide avec Entrée pour choisir Français.
  • Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
  • Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
  • Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
  • Patiente jusqu'au message : *** Scan terminé le ..... ***
  • Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le rapport dans ta prochaine réponse.
  • Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\cleannavi.txt
    m
    0
    l
    12 Novembre 2009 05:28:14

    Merci de ta réponse et voici le rapport :

    Fix Navipromo version 4.0.5 commencé le 12/11/2009 2:14:19,34

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Processeur Intel Pentium III Xeon )
    BIOS : BIOS Date: 11/28/08 17:25:18 Ver: 08.00.14
    USER : fabien ( Administrator )
    BOOT : Normal boot




    C:\ (Local Disk) - NTFS - Total:335 Go (Free:161 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    G:\ (CD or DVD) - UDF - Total:5 Go (Free:0 Go)


    Recherche executée en mode normal

    Nettoyage exécuté au redémarrage de l'ordinateur


    C:\Program Files\Live-Player supprimé !
    c:\docume~1\alluse~1\menudm~1\progra~1\Live-Player supprimé !
    C:\Documents and Settings\fabien\applic~1\Live-Player supprimé !
    c:\docume~1\alluse~1\bureau\Live-Player.lnk supprimé !
    C:\WINDOWS\prefetch\fmltskrq*.pf supprimé !
    c:\docume~1\fabien\locals~1\applic~1\fmltskrq.exe supprimé !
    c:\docume~1\fabien\locals~1\applic~1\fmltskrq.dat supprimé !
    c:\docume~1\fabien\locals~1\applic~1\fmltskrq_nav.dat supprimé !
    c:\docume~1\fabien\locals~1\applic~1\fmltskrq_navps.dat supprimé !


    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\fabien\locals~1\Temp effectué !


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok




    *** Scan terminé 12/11/2009 5:24:31,76 ***
    m
    0
    l
    a c 327 8 Sécurité
    12 Novembre 2009 14:54:10

    Ok.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    m
    0
    l
    13 Novembre 2009 04:32:45

    Alors voila le log.txt

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by fabien at 2009-11-13 04:31:01
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 165 GB (48%) free of 343 GB
    Total RAM: 2047 MB (73% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 04:31:04, on 13/11/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe
    C:\Program Files\SFR\Kit\9props.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Mumble\mumble.exe
    C:\Program Files\Mumble\dbus-daemon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\Hotbar\bin\11.0.78.0\Srv.exe
    C:\PROGRA~1\FREEDO~1\fdm.exe
    C:\Program Files\Xfire\Xfire.exe
    C:\WINDOWS\explorer.exe
    C:\Downloads\Software\RSIT(1).exe
    C:\Downloads\Software\fabien.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
    O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
    O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
    O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
    O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
    O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
    O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
    O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe" -auto
    O4 - HKCU\..\Run: [Windows Workstation] C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
    O4 - Startup: Enregistrement de FIFA 09.lnk = C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
    O4 - Startup: PowerReg Scheduler V3.exe
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
    O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
    O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
    O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_...
    O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaw...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

    --
    End of file - 12074 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
    C:\WINDOWS\tasks\WGASetup.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
    ShoppingReport - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll [2009-10-13 1185056]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
    Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
    FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
    SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
    {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-05-26 1423360]
    "QFan Help"=C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
    "Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-16 16806400]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
    "HotbarSA"=C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe [2009-09-15 768816]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-09-13 3883856]
    "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2009-04-24 203416]
    "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
    "RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
    "Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-04-21 955712]
    "Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2009-09-17 1933381]
    "Octoshape Streaming Services"=C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
    "Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727]
    "fsm"= []
    "PlayNC Launcher"= []
    "WeatherDPA"=C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe [2009-09-15 353584]
    "Windows Workstation"=C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe [2009-11-12 22528]

    C:\Documents and Settings\fabien\Menu Démarrer\Programmes\Démarrage
    Enregistrement de FIFA 09.lnk - C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
    PowerReg Scheduler V3.exe
    Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="wbsys.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
    C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-05-07 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "MemCheckBoxInRunDlg"=1
    "NoSMBalloonTip"=1
    "NoDesktopCleanupWizard"=1
    "NoWelcomeScreen"=1
    "NoStrCmpLogical"=0
    "NoInstrumentation"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoResolveSearch"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
    "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:p nkBstrA"
    "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:p nkBstrB"
    "C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe:*:Enabled:call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170"
    "C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
    "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
    "C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
    "C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
    "C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
    "C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0, Public Beta 4"
    "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
    "C:\Program Files\Conference\Conference.dll"="C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference"
    "C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
    "C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
    "C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
    "C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe:*:Enabled:hl2"
    "C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe:*:Enabled:hl2"
    "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
    "C:\Documents and Settings\fabien\Bureau\PES2008.exe"="C:\Documents and Settings\fabien\Bureau\PES2008.exe:*:Enabled:p ro Evolution Soccer 2008"
    "C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:p ro Evolution Soccer 2008"
    "C:\Documents and Settings\fabien\Bureau\pes2009.exe"="C:\Documents and Settings\fabien\Bureau\pes2009.exe:*:Enabled:p ro Evolution Soccer 2009"
    "C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe"="C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
    "C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
    "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:p ro Evolution Soccer 2009"
    "C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
    "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
    "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
    "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
    "C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
    "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\Program Files\PokerTH\pokerth.exe"="C:\Program Files\PokerTH\pokerth.exe:*:Enabled:p okerth"
    "C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
    "C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
    "C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
    "C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Downloads\Crack\pes2010.exe"="C:\Downloads\Crack\pes2010.exe:*:Enabled:p ro Evolution Soccer 2010"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{373807e3-30a9-11de-8417-002215493bfd}]
    shell\AutoRun\command - G:\autorun.exe


    ======List of files/folders created in the last 1 months======

    2009-11-12 03:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
    2009-11-11 10:55:51 ----RSH---- C:\vshost.exe
    2009-11-06 03:14:42 ----A---- C:\WINDOWS\system32\xfcodec.dll
    2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\HotbarSA
    2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
    2009-10-19 12:55:33 ----D---- C:\Documents and Settings\fabien\Application Data\WeatherDPA
    2009-10-19 12:55:31 ----D---- C:\Program Files\Hotbar
    2009-10-19 12:55:31 ----D---- C:\Documents and Settings\fabien\Application Data\Hotbar
    2009-10-19 12:55:21 ----D---- C:\Program Files\ShoppingReport
    2009-10-19 12:55:21 ----D---- C:\Documents and Settings\fabien\Application Data\ShoppingReport
    2009-10-16 02:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
    2009-10-16 02:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
    2009-10-16 02:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
    2009-10-16 02:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
    2009-10-16 02:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
    2009-10-16 02:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
    2009-10-16 02:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
    2009-10-16 02:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
    2009-10-16 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
    2009-10-16 02:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$

    ======List of files/folders modified in the last 1 months======

    2009-11-13 04:28:41 ----D---- C:\Documents and Settings\fabien\Application Data\Free Download Manager
    2009-11-12 13:44:56 ----D---- C:\Documents and Settings\fabien\Application Data\Software Informer
    2009-11-12 13:44:36 ----D---- C:\Documents and Settings\fabien\Application Data\Xfire
    2009-11-12 13:42:13 ----D---- C:\WINDOWS\Temp
    2009-11-12 11:52:59 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-11-12 07:21:13 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
    2009-11-12 06:36:51 ----D---- C:\WINDOWS\Prefetch
    2009-11-12 05:24:38 ----D---- C:\WINDOWS\system32
    2009-11-12 05:24:38 ----D---- C:\Program Files\Navilog1
    2009-11-12 05:24:31 ----A---- C:\cleannavi.txt
    2009-11-12 05:24:10 ----RD---- C:\Program Files
    2009-11-12 05:23:54 ----D---- C:\WINDOWS
    2009-11-12 03:00:25 ----HD---- C:\WINDOWS\inf
    2009-11-12 03:00:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-11-11 14:26:22 ----D---- C:\Documents and Settings\fabien\Application Data\mIRC
    2009-11-11 11:57:05 ----D---- C:\Program Files\mIRC
    2009-11-11 11:00:44 ----D---- C:\Downloads
    2009-11-11 09:46:15 ----HD---- C:\WINDOWS\$hf_mig$
    2009-11-11 09:46:14 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-11-11 09:06:57 ----D---- C:\Program Files\Xfire
    2009-11-11 04:26:34 ----D---- C:\Program Files\Mozilla Firefox
    2009-11-09 22:31:36 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-11-09 03:57:48 ----D---- C:\Documents and Settings\fabien\Application Data\Mumble
    2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-11-05 03:00:26 ----A---- C:\WINDOWS\imsins.BAK
    2009-11-04 21:40:55 ----D---- C:\Documents and Settings\fabien\Application Data\teamspeak2
    2009-11-02 00:10:29 ----D---- C:\Documents and Settings\fabien\Application Data\dvdcss
    2009-10-30 22:22:29 ----D---- C:\Program Files\World of Warcraft
    2009-10-30 22:21:51 ----SHD---- C:\WINDOWS\Installer
    2009-10-30 22:21:50 ----SHD---- C:\Config.Msi
    2009-10-30 22:21:19 ----D---- C:\Documents and Settings\All Users\Application Data\KONAMI
    2009-10-30 22:17:29 ----D---- C:\Program Files\Lineage II
    2009-10-30 22:17:09 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-10-30 04:35:17 ----D---- C:\Program Files\KONAMI
    2009-10-26 13:01:45 ----A---- C:\WINDOWS\WORDPAD.INI
    2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
    2009-10-16 02:08:41 ----D---- C:\WINDOWS\Microsoft.NET
    2009-10-16 02:05:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-10-16 02:05:04 ----D---- C:\WINDOWS\WinSxS
    2009-10-16 02:03:22 ----D---- C:\Program Files\Internet Explorer
    2009-10-16 02:00:21 ----D---- C:\WINDOWS\system32\drivers

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-16 5632]
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-12 281760]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-12 25888]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-16 4747776]
    R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-24 38400]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-27 6280416]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    S3 ap6lh84x;ap6lh84x; C:\WINDOWS\system32\drivers\ap6lh84x.sys []
    S3 catchme;catchme; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\catchme.sys []
    S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
    S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\NKG3F2.tmp []
    S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
    S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
    S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
    S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
    S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
    S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-07 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-07 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
    R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908]
    R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-21 75064]
    R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-12 215104]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-25 654848]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------


    Et le info.txt


    info.txt logfile of random's system information tool 1.06 2009-04-12 18:57:54

    ======Uninstall list======

    -->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    -->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
    AI Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x40c
    AlienGUIse Theme Manager-->C:\PROGRA~1\ALIENG~1\thememgr.exe /uninstallwise
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x040c -removeonly
    AV Voice Changer Software DIAMOND 6.0-->C:\PROGRA~1\AVVCS6~1.0DI\UNWISE.EXE C:\PROGRA~1\AVVCS6~1.0DI\INSTALL.LOG
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    EVEREST Ultimate Edition v5.01-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
    Favorit-->"c:\documents and settings\fabien\local settings\application data\qemaoqs.exe" -uninstall
    GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
    Ghost Recon Advanced Warfighter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFC97089-04D6-42CE-A707-A343B4A7D2CD}\setup.exe" -l0x40c
    GRAW Patch 1.35-->"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\unins000.exe"
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    K-Lite Codec Pack 4.3.1 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    LimeWire 5.1.1-->"C:\Program Files\LimeWire\uninstall.exe"
    Lineage II-->C:\Program Files\InstallShield Installation Information\{430B1017-1B12-420C-8F27-05D0EC2995E0}\setup.exe -runfromtemp -l0x0009 -removeonly
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
    Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    PartyPoker-->"C:\Program Files\PartyGaming\PartyPoker\Uninstall.exe" "C:\Program Files\PartyGaming\PartyPoker\install.log"
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
    SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
    Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
    SopCast 3.0.1-->C:\Program Files\SopCast\uninst.exe
    TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
    Tom Clancy's H.A.W.X-->"C:\Program Files\InstallShield Installation Information\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}\setup.exe" -runfromtemp -l0x040c -removeonly
    TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
    Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
    VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Vuze Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
    Vuze-->C:\Program Files\Vuze\uninstall.exe
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
    Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"

    ======Security center information======

    AV: avast! antivirus 4.8.1335 [VPS 090411-0]

    ======System event log======

    Computer Name: A6-B767CBBC1F97
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service PnkBstrK.

    Record Number: 4553
    Source Name: Service Control Manager
    Time Written: 20090325034203.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: A6-B767CBBC1F97
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service PnkBstrB.

    Record Number: 4552
    Source Name: Service Control Manager
    Time Written: 20090325034157.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: A6-B767CBBC1F97
    Event Code: 7036
    Message: Le service PnkBstrB est entré dans l'état : en cours d'exécution.

    Record Number: 4551
    Source Name: Service Control Manager
    Time Written: 20090325034157.000000+060
    Event Type: Informations
    User:

    Computer Name: A6-B767CBBC1F97
    Event Code: 7035
    Message: Un contrôle Arrêter a correctement été envoyé au service PnkBstrB.

    Record Number: 4550
    Source Name: Service Control Manager
    Time Written: 20090325034154.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: A6-B767CBBC1F97
    Event Code: 7036
    Message: Le service PnkBstrB est entré dans l'état : arrêté.

    Record Number: 4549
    Source Name: Service Control Manager
    Time Written: 20090325034154.000000+060
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: A6-B767CBBC1F97
    Event Code: 100
    Message: msnmsgr (1432) Le moteur de base de données 5.01.2600.5512 est démarré.

    Record Number: 996
    Source Name: ESENT
    Time Written: 20090318140445.000000+060
    Event Type: Informations
    User:

    Computer Name: A6-B767CBBC1F97
    Event Code: 101
    Message: msnmsgr (1432) Le moteur de base de données est arrêté.

    Record Number: 995
    Source Name: ESENT
    Time Written: 20090318140439.000000+060
    Event Type: Informations
    User:

    Computer Name: A6-B767CBBC1F97
    Event Code: 103
    Message: msnmsgr (1432) \\.\C:\Documents and Settings\fabien\Local Settings\Application Data\Microsoft\Messenger\fight57@hotmail.fr\SharingMetadata\Working\database_9C74_AFF6_74AF_D176\dfsr.db: Le moteur de base de données a arrêté une instance (0).

    Record Number: 994
    Source Name: ESENT
    Time Written: 20090318140439.000000+060
    Event Type: Informations
    User:

    Computer Name: A6-B767CBBC1F97
    Event Code: 102
    Message: msnmsgr (1432) \\.\C:\Documents and Settings\fabien\Local Settings\Application Data\Microsoft\Messenger\fight57@hotmail.fr\SharingMetadata\Working\database_9C74_AFF6_74AF_D176\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

    Record Number: 993
    Source Name: ESENT
    Time Written: 20090318140333.000000+060
    Event Type: Informations
    User:

    Computer Name: A6-B767CBBC1F97
    Event Code: 100
    Message: msnmsgr (1432) Le moteur de base de données 5.01.2600.5512 est démarré.

    Record Number: 992
    Source Name: ESENT
    Time Written: 20090318140333.000000+060
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
    "PROCESSOR_REVISION"=1706
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP

    -----------------EOF-----------------
    m
    0
    l
    a c 327 8 Sécurité
    13 Novembre 2009 15:59:12

  • Désinstalle Vuze Toolbar.

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option L.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    m
    0
    l
    13 Novembre 2009 21:12:48

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_C | UNIQUEMENT XP/VISTA/7 =======
    .
    Mit à jour par C_XX le 12.11.2009 à 22:02
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 20:57:59, 13/11/2009 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Program Files\Ad-Remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: A6-B767CBBC1F97 | Utilisateur actuel: fabien
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .

    HKCU\Software\AppDataLow\AskBarDis
    HKCU\Software\AppDataLow\AskHomePage
    HKCU\Software\Ask.com
    HKCU\Software\AskToolbar
    HKCU\Software\Grand Virtual
    HKCU\Software\hotbarsa
    HKCU\Software\Live-Player
    HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
    HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}
    HKCU\Software\PartyGaming
    HKCU\Software\ShoppingReport
    HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
    HKLM\Software\Classes\CLSID\{06ADA938-0FB0-4BC0-B19B-0A38AB17F182}
    HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
    HKLM\Software\Classes\CntntCntr.CntntDic
    HKLM\Software\Classes\CntntCntr.CntntDic.1
    HKLM\Software\Classes\CntntCntr.CntntDisp
    HKLM\Software\Classes\CntntCntr.CntntDisp.1
    HKLM\Software\Classes\coresrv.coreservices
    HKLM\Software\Classes\coresrv.coreservices.1
    HKLM\Software\Classes\coresrv.lfgax
    HKLM\Software\Classes\coresrv.lfgax.1
    HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
    HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
    HKLM\Software\Classes\HbCoreSrv.DynamicProp
    HKLM\Software\Classes\HbCoreSrv.DynamicProp.1
    HKLM\Software\Classes\hbmain.commband
    HKLM\Software\Classes\hbmain.commband.1
    HKLM\Software\Classes\hbr.hbmain
    HKLM\Software\Classes\hbr.hbmain.1
    HKLM\Software\Classes\hostie.bho
    HKLM\Software\Classes\hostie.bho.1
    HKLM\Software\Classes\hostol.mailanim
    HKLM\Software\Classes\hostol.mailanim.1
    HKLM\Software\Classes\hostol.webmailsend
    HKLM\Software\Classes\hostol.webmailsend.1
    HKLM\Software\Classes\HotbarAx.Info
    HKLM\Software\Classes\HotbarAx.Info.1
    HKLM\Software\Classes\HotbarAX.UserProfiles
    HKLM\Software\Classes\HotbarAX.UserProfiles.1
    HKLM\Software\Classes\HotbarWeather.WeatherController
    HKLM\Software\Classes\HotbarWeather.WeatherController.1
    HKLM\Software\Classes\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
    HKLM\Software\Classes\shoppingreport.hbax
    HKLM\Software\Classes\shoppingreport.hbax.1
    HKLM\Software\Classes\shoppingreport.hbinfoband
    HKLM\Software\Classes\shoppingreport.hbinfoband.1
    HKLM\Software\Classes\shoppingreport.iebutton
    HKLM\Software\Classes\shoppingreport.iebutton.1
    HKLM\Software\Classes\shoppingreport.iebuttona
    HKLM\Software\Classes\shoppingreport.iebuttona.1
    HKLM\Software\Classes\shoppingreport.rprtctrl
    HKLM\Software\Classes\shoppingreport.rprtctrl.1
    HKLM\Software\Classes\srv.coreservices
    HKLM\Software\Classes\srv.coreservices.1
    HKLM\Software\Classes\toolbar.htmlmenuui
    HKLM\Software\Classes\toolbar.htmlmenuui.1
    HKLM\Software\Classes\toolbar.toolbarctl
    HKLM\Software\Classes\toolbar.toolbarctl.1
    HKLM\Software\Classes\TypeLib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
    HKLM\Software\Hotbar
    HKLM\Software\Live-Player
    HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
    HKLM\Software\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
    HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
    HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport
    HKLM\Software\ShoppingReport
    HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\\Hotbar 11.0.78.0
    HKLM\Software\Mozilla\Firefox\Extensions\\Hotbar@Hotbar.com
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WeatherDPA
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HotbarSA
    HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
    HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
    HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
    HKLM\Software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}
    HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
    HKLM\Software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
    HKLM\Software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}
    HKLM\Software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}
    HKLM\Software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}
    HKLM\Software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}
    HKLM\Software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}
    HKLM\Software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
    HKLM\Software\Classes\CLSID\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
    HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45AF-9462-B1C286708842}
    HKLM\Software\Classes\CLSID\{A3E67DAA-DA01-4da5-98BE-3088B554A11E}
    HKLM\Software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}
    HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    HKLM\Software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}
    HKLM\Software\Classes\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}
    HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4A31-AFFC-9B2933132116}
    HKLM\Software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}
    HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    HKLM\Software\Classes\CLSID\{D95C7240-0282-4c01-93F5-673BCA03DA86}
    HKLM\Software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}
    HKLM\Software\Classes\TypeLib\{03D7FF6E-9781-40B5-BB7F-94291A361604}
    HKLM\Software\Classes\TypeLib\{0729F461-8054-47DC-8D39-A31B61CC0119}
    HKLM\Software\Classes\TypeLib\{148E1447-C728-48FD-BEEC-A7D06C5FFF58}
    HKLM\Software\Classes\TypeLib\{76D54105-99EB-4ECB-95B2-A944F50CC566}
    HKLM\Software\Classes\TypeLib\{8292078F-F6E9-412B-8EB1-360C05C5ECE5}
    HKLM\Software\Classes\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}
    HKLM\Software\Classes\TypeLib\{C62A9E79-2B52-439B-AF57-2E60BB06E86C}
    HKLM\Software\Classes\TypeLib\{CDC73256-A88D-4642-844E-A8F20B76789C}
    HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
    HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
    HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
    HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
    HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
    HKLM\Software\Classes\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8}
    HKLM\Software\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
    HKLM\Software\Classes\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85}
    HKLM\Software\Classes\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7}
    HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
    HKLM\Software\Classes\Interface\{5A635A91-C303-45C9-8DB9-F759D98A3B9D}
    HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
    HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
    HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
    HKLM\Software\Classes\Interface\{7E335D04-2E6E-4D0E-A921-C3D9192E7121}
    HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
    HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
    HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
    HKLM\Software\Classes\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
    HKLM\Software\Classes\Interface\{99FDCA0C-7380-4E9C-8D99-5DC4750334EF}
    HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
    HKLM\Software\Classes\Interface\{A7213D71-47E1-4832-92D7-D61DFE9F231F}
    HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
    HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
    HKLM\Software\Classes\Interface\{B1D9F4B1-B9FF-463F-BF15-AB9CB26160F7}
    HKLM\Software\Classes\Interface\{B20D7ADD-989C-4BC0-A797-F6FE7998EFD7}
    HKLM\Software\Classes\Interface\{BFC20A15-B0AC-44CC-A25A-A7039014BA9F}
    HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
    HKLM\Software\Classes\Interface\{CF82F350-E1C4-4916-AC12-BA73DB60AFB7}
    HKLM\Software\Classes\Interface\{D1063603-F045-475F-AFBC-8CBA7D5797FB}
    HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
    HKLM\Software\Classes\Interface\{F019AEC4-4C95-46DE-A107-E302473E3B9A}
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    .
    C:\DOCUME~1\fabien\APPLIC~1\Hotbar ... ERREUR SUPPRESSION !!
    C:\DOCUME~1\fabien\APPLIC~1\Mozilla\Firefox\Profiles\98cegs9k.default\extensions\toolbar@ask.com
    C:\DOCUME~1\fabien\APPLIC~1\Mozilla\Firefox\Profiles\98cegs9k.default\searchplugins\ask.xml
    C:\DOCUME~1\fabien\APPLIC~1\Mozilla\Firefox\Profiles\98cegs9k.default\searchplugins\askcom.xml
    C:\DOCUME~1\fabien\APPLIC~1\WeatherDPA
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Poker
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Hotbar
    C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    C:\Program Files\Ask.com ... ERREUR SUPPRESSION !!
    C:\Program Files\Everest Poker
    C:\Program Files\Hotbar ... ERREUR SUPPRESSION !!
    C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    C:\Program Files\Mozilla FireFox\Plugins\npclntax_HotbarSA.dll
    C:\Program Files\PartyGaming
    C:\Program Files\ShoppingReport ... ERREUR SUPPRESSION !!
    C:\DOCUME~1\fabien\MENUDM~1\PROGRA~1\PartyPoker
    C:\DOCUME~1\fabien\APPLIC~1\Microsoft\Internet Explorer\Quick Launch\PartyPoker.lnk
    C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
    C:\DOCUME~1\fabien\Bureau\PartyPoker.lnk
    C:\DOCUME~1\ALLUSE~1\Bureau\Everest Poker.lnk
    C:\WINDOWS\Prefetch\HOTBARSA.EXE-172AADFE.pf
    C:\DOCUME~1\fabien\Cookies\fabien@ask[1].txt
    C:\DOCUME~1\fabien\Cookies\fabien@ask[2].txt
    C:\DOCUME~1\fabien\Cookies\fabien@ask[3].txt
    C:\DOCUME~1\fabien\Cookies\fabien@ask[4].txt
    C:\DOCUME~1\fabien\Cookies\fabien@ask[5].txt
    C:\DOCUME~1\fabien\Cookies\fabien@ask[6].txt
    C:\DOCUME~1\fabien\Cookies\fabien@ask[7].txt
    C:\DOCUME~1\fabien\Cookies\fabien@ask[8].txt
    C:\DOCUME~1\fabien\Cookies\fabien@fcg.casino770[2].txt
    C:\DOCUME~1\fabien\Cookies\fabien@fr.partypoker[1].txt
    C:\DOCUME~1\fabien\Cookies\fabien@hotbar[2].txt
    C:\DOCUME~1\fabien\Cookies\fabien@partygaming.122.2o7[1].txt
    C:\DOCUME~1\fabien\Cookies\fabien@partypoker[1].txt
    C:\DOCUME~1\fabien\Cookies\fabien@partypoker[2].txt
    C:\DOCUME~1\fabien\Cookies\fabien@partypoker[3].txt
    C:\DOCUME~1\fabien\Cookies\fabien@partypoker[4].txt
    C:\DOCUME~1\fabien\Cookies\fabien@rotator.adjuggler[1].txt
    C:\DOCUME~1\fabien\Cookies\fabien@search.conduit[2].txt
    C:\DOCUME~1\fabien\Cookies\fabien@simyo[1].txt
    C:\DOCUME~1\fabien\Cookies\fabien@www.casino770[2].txt
    C:\DOCUME~1\fabien\Cookies\fabien@www.everestpoker[1].txt

    (!) -- Fichiers temporaires supprimés.

    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version 3.0.14 [fr] *
    .
    Nom du profil: 98cegs9k.default (fabien)
    .
    (fabien, prefs.js) Browser.download.lastDir, C:\Documents and Settings\fabien\Mes documents\Mes images
    (fabien, prefs.js) Browser.search.defaultenginename, Bing
    (fabien, prefs.js) Browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
    (fabien, prefs.js) Browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
    .
    (fabien, prefs.js) EFFACE - Browser.search.defaultengine, Ask.com
    (fabien, prefs.js) EFFACE - Browser.search.order.1, Ask.com
    (fabien, prefs.js) EFFACE - Extensions.asktb.cbid, U9
    (fabien, prefs.js) EFFACE - Extensions.asktb.default-channel-url-mask, hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}&dm=lang
    (fabien, prefs.js) EFFACE - Extensions.asktb.fresh-install, false
    (fabien, prefs.js) EFFACE - Extensions.asktb.l, dis
    (fabien, prefs.js) EFFACE - Extensions.asktb.last-config-req, 1257909399037
    (fabien, prefs.js) EFFACE - Extensions.asktb.locale, fr_FR
    (fabien, prefs.js) EFFACE - Extensions.asktb.o, 15012
    (fabien, prefs.js) EFFACE - Extensions.asktb.overlay-reloaded-using-restart, true
    (fabien, prefs.js) EFFACE - Extensions.asktb.qsrc, 2871
    (fabien, prefs.js) EFFACE - Extensions.asktb.r, 4
    (fabien, prefs.js) EFFACE - Extensions.enabledItems, toolbar@ask.com:3.4.4.118,dvscontextmenuy@dvdvideosoft.com:1.0,fdm_ffext@freedownloadmanager.org:1.3.4,Hotbar@Hotbar.com:11.0.0.0,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,jqs@sun.com:1.0,firefox@tvunetworks.com:2,4,7,2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14
    (fabien, prefs.js) EFFACE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q={searchTerms}&crm=1
    .
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
    Start Page Redirect Cache_TIMESTAMP: NARY 6ca19e29b260ca01
    Start Page Redirect Cache AcceptLangs: fr-fr
    Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Search bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ============== Suspect (Cracks, Serials, ...) ==============
    .
    C:\Documents and Settings\fabien\Bureau\WLMUniversalPatcher-POUR-WLM8.5.exe
    C:\Documents and Settings\fabien\Mes documents\RCT2_patch_JeuxVideo.com_6205.zip
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\182.06_geforce_winxp_32bit_international_whql.exe
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_mise_a_jour_depuis_v1.6_multi-langues_247528.exe
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.2_multi-langues_184570.exe
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.3_multi-langues_193372.exe
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.4_multi-langues_197704.exe
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.5_multi-langues_211464.exe
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.6_variety_map_pack_multi-langues_245252.exe
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\cfg.rar
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\mumble_mumble_1.1.6_francais_43179.exe
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\Mumble-1.1.4.exe
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\pbsetup.exe
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\pbsetup.zip
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\ts2_client_rc2_2032.exe
    C:\Documents and Settings\fabien\Mes documents\Patch cod4\vlc-0.9.8a-win32.exe
    C:\Documents and Settings\fabien\Mes documents\psy 4\Rollercoaster Tycoon 2 + WW et TT\Rollercoaster Tycoon 2\Crack\rct2.exe
    C:\Documents and Settings\fabien\Mes documents\psy 4\Rollercoaster Tycoon 2 + WW et TT\Rollercoaster Tycoon 2\Crack\Readme.nfo
    C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW_patch1.1.rar
    C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW_patch1.2.rar
    C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.0.1017-PatchSetup.exe
    C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.2-1.3-PatchSetup.exe
    C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.2-1.3-PatchSetup.rar
    C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.2-1.4-PatchSetup.exe
    C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.2-PatchSetup.exe
    C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\crack cod5WoW.exe
    C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CRACKINETTE COD5.rar
    C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\Sony Vegas Pro 9.0\Sony Vegas Pro 9.0\Keygen\Keygen.exe
    C:\Documents and Settings\fabien\Mes documents\steam\DynPatch v2.exe
    C:\Documents and Settings\fabien\Mes documents\steam\UnDeadPatch.exe
    .
    ===================================
    .
    20482 Octet(s) - C:\Ad-Report-CLEAN[1].log
    .
    115 Fichier(s) - C:\DOCUME~1\fabien\LOCALS~1\Temp
    1 Fichier(s) - C:\WINDOWS\Temp
    .
    10 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
    3019 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
    Si cela peut t'aider mon virus pourrait venir de xifre a la base car quand je le lance ils ouvrent toutes mes pages d'amis et envoi un lien de telechargement.

    .
    Fin à: 21:08:08 | 13/11/2009 - CLEAN[1]
    .
    ============== E.O.F ==============
    .
    m
    0
    l
    a c 327 8 Sécurité
    13 Novembre 2009 21:17:07

  • Désinstalle Ad-Remover.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    m
    0
    l
    13 Novembre 2009 21:41:33

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 3164
    Windows 5.1.2600 Service Pack 3

    13/11/2009 21:40:02
    mbam-log-2009-11-13 (21-40-02).txt

    Type de recherche: Examen rapide
    Eléments examinés: 113760
    Temps écoulé: 9 minute(s), 46 second(s)

    Processus mémoire infecté(s): 1
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 13
    Fichier(s) infecté(s): 16

    Processus mémoire infecté(s):
    C:\Documents and Settings\fabien\Local Settings\Temp\vshost32.exe (Worm.IMStealer) -> Failed to unload process.

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows workstation (Worm.AutoRun) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe) Good: (Userinit.exe) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\res2 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Program Files\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\Hotbar\bin (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\Hotbar\bin\11.0.78.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\Bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\Bin\2.6.58 (Adware.ShopperReports) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Documents and Settings\fabien\Local Settings\Temp\vshost32.exe (Worm.IMStealer) -> Delete on reboot.
    C:\vshost.exe (Worm.IMStealer) -> Quarantined and deleted successfully.
    C:\Downloads\Speed-Downloading_setup.exe (Adware.NaviPromo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Local Settings\Temporary Internet Files\Content.IE5\JUQY5XYM\bu[1].exe (Worm.IMStealer) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Program Files\Hotbar\bin\11.0.78.0\CoreSrv.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\Hotbar\bin\11.0.78.0\Toolbar.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\fabien\Local Settings\Temp\scvhost.exe (Trojan.Downloader) -> Delete on reboot.
    m
    0
    l
    a c 327 8 Sécurité
    13 Novembre 2009 22:36:33

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Désinstalle Java 6 Update 5.

  • Mets à jour Java.

  • Refais un scan RSIT et poste le rapport log.
    m
    0
    l
    13 Novembre 2009 23:27:47

    Voila jai supprimer les fichiers et voila le log :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by fabien at 2009-11-13 23:26:56
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 166 GB (48%) free of 343 GB
    Total RAM: 2047 MB (70% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:26:57, on 13/11/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SFR\Kit\9props.exe
    C:\Program Files\Free Download Manager\fdm.exe
    C:\Program Files\Xfire\Xfire.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\mIRC\mirc.exe
    c:\program files\Mumble\dbus-daemon.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\Downloads\Software\RSIT.exe
    C:\Downloads\Software\fabien.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
    O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
    O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
    O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
    O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
    O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
    O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
    O4 - Startup: Enregistrement de FIFA 09.lnk = C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
    O4 - Startup: PowerReg Scheduler V3.exe
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
    O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
    O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_...
    O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaw...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

    --
    End of file - 10173 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\WGASetup.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
    FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
    SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-05-26 1423360]
    "QFan Help"=C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
    "Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-16 16806400]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-09-13 3883856]
    "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2009-04-24 203416]
    "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
    "RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
    "Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-04-21 955712]
    "Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2009-09-17 1933381]
    "Octoshape Streaming Services"=C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
    "Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727]
    "fsm"= []
    "PlayNC Launcher"= []

    C:\Documents and Settings\fabien\Menu Démarrer\Programmes\Démarrage
    Enregistrement de FIFA 09.lnk - C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
    PowerReg Scheduler V3.exe
    Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="wbsys.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
    C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-05-07 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "MemCheckBoxInRunDlg"=1
    "NoSMBalloonTip"=1
    "NoDesktopCleanupWizard"=1
    "NoWelcomeScreen"=1
    "NoStrCmpLogical"=0
    "NoInstrumentation"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoResolveSearch"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
    "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:p nkBstrA"
    "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:p nkBstrB"
    "C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe:*:Enabled:call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170"
    "C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
    "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
    "C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
    "C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
    "C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
    "C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0, Public Beta 4"
    "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
    "C:\Program Files\Conference\Conference.dll"="C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference"
    "C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
    "C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
    "C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
    "C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe:*:Enabled:hl2"
    "C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe:*:Enabled:hl2"
    "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
    "C:\Documents and Settings\fabien\Bureau\PES2008.exe"="C:\Documents and Settings\fabien\Bureau\PES2008.exe:*:Enabled:p ro Evolution Soccer 2008"
    "C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:p ro Evolution Soccer 2008"
    "C:\Documents and Settings\fabien\Bureau\pes2009.exe"="C:\Documents and Settings\fabien\Bureau\pes2009.exe:*:Enabled:p ro Evolution Soccer 2009"
    "C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe"="C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
    "C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
    "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:p ro Evolution Soccer 2009"
    "C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
    "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
    "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
    "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
    "C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
    "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\Program Files\PokerTH\pokerth.exe"="C:\Program Files\PokerTH\pokerth.exe:*:Enabled:p okerth"
    "C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
    "C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
    "C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
    "C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Downloads\Crack\pes2010.exe"="C:\Downloads\Crack\pes2010.exe:*:Enabled:p ro Evolution Soccer 2010"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{373807e3-30a9-11de-8417-002215493bfd}]
    shell\AutoRun\command - G:\autorun.exe


    ======List of files/folders created in the last 1 months======

    2009-11-13 21:26:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-11-13 20:57:58 ----D---- C:\Program Files\Ad-Remover
    2009-11-12 03:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
    2009-11-06 03:14:42 ----A---- C:\WINDOWS\system32\xfcodec.dll
    2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\HotbarSA
    2009-10-19 12:55:31 ----D---- C:\Documents and Settings\fabien\Application Data\Hotbar
    2009-10-16 02:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
    2009-10-16 02:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
    2009-10-16 02:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
    2009-10-16 02:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
    2009-10-16 02:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
    2009-10-16 02:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
    2009-10-16 02:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
    2009-10-16 02:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
    2009-10-16 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
    2009-10-16 02:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$

    ======List of files/folders modified in the last 1 months======

    2009-11-13 23:26:31 ----D---- C:\Documents and Settings\fabien\Application Data\Free Download Manager
    2009-11-13 22:45:06 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
    2009-11-13 22:36:16 ----D---- C:\Downloads
    2009-11-13 21:57:55 ----D---- C:\Documents and Settings\fabien\Application Data\mIRC
    2009-11-13 21:57:26 ----D---- C:\Program Files\mIRC
    2009-11-13 21:47:12 ----D---- C:\Documents and Settings\fabien\Application Data\Xfire
    2009-11-13 21:45:23 ----D---- C:\Documents and Settings\fabien\Application Data\Software Informer
    2009-11-13 21:44:40 ----D---- C:\WINDOWS\Temp
    2009-11-13 21:43:12 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-11-13 21:40:02 ----RD---- C:\Program Files
    2009-11-13 21:26:48 ----D---- C:\WINDOWS\system32\drivers
    2009-11-13 21:08:00 ----D---- C:\WINDOWS\Prefetch
    2009-11-13 21:04:55 ----SD---- C:\WINDOWS\Tasks
    2009-11-13 21:01:28 ----D---- C:\Program Files\Ask.com
    2009-11-13 21:01:27 ----SHD---- C:\WINDOWS\Installer
    2009-11-12 05:24:38 ----D---- C:\WINDOWS\system32
    2009-11-12 05:24:38 ----D---- C:\Program Files\Navilog1
    2009-11-12 05:24:31 ----A---- C:\cleannavi.txt
    2009-11-12 05:23:54 ----D---- C:\WINDOWS
    2009-11-12 03:00:25 ----HD---- C:\WINDOWS\inf
    2009-11-12 03:00:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-11-11 09:46:15 ----HD---- C:\WINDOWS\$hf_mig$
    2009-11-11 09:46:14 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-11-11 09:06:57 ----D---- C:\Program Files\Xfire
    2009-11-11 04:26:34 ----D---- C:\Program Files\Mozilla Firefox
    2009-11-09 22:31:36 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-11-09 03:57:48 ----D---- C:\Documents and Settings\fabien\Application Data\Mumble
    2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-11-05 03:00:26 ----A---- C:\WINDOWS\imsins.BAK
    2009-11-04 21:40:55 ----D---- C:\Documents and Settings\fabien\Application Data\teamspeak2
    2009-11-02 00:10:29 ----D---- C:\Documents and Settings\fabien\Application Data\dvdcss
    2009-10-30 22:22:29 ----D---- C:\Program Files\World of Warcraft
    2009-10-30 22:21:50 ----SHD---- C:\Config.Msi
    2009-10-30 22:21:19 ----D---- C:\Documents and Settings\All Users\Application Data\KONAMI
    2009-10-30 22:17:29 ----D---- C:\Program Files\Lineage II
    2009-10-30 22:17:09 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-10-30 04:35:17 ----D---- C:\Program Files\KONAMI
    2009-10-26 13:01:45 ----A---- C:\WINDOWS\WORDPAD.INI
    2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
    2009-10-16 02:08:41 ----D---- C:\WINDOWS\Microsoft.NET
    2009-10-16 02:05:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-10-16 02:05:04 ----D---- C:\WINDOWS\WinSxS
    2009-10-16 02:03:22 ----D---- C:\Program Files\Internet Explorer

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-16 5632]
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-12 281760]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-12 25888]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-16 4747776]
    R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-24 38400]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-27 6280416]
    R3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    S3 abs1m2d4;abs1m2d4; C:\WINDOWS\system32\drivers\abs1m2d4.sys []
    S3 catchme;catchme; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\catchme.sys []
    S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
    S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\NKG3F2.tmp []
    S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
    S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
    S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
    S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
    S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-07 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-07 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
    R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908]
    R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-21 75064]
    R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-13 215104]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-25 654848]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    m
    0
    l
    a c 327 8 Sécurité
    13 Novembre 2009 23:44:03

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Double-clique sur OTM.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    :files
    C:\Documents and Settings\All Users\Application Data\HotbarSA
    C:\Documents and Settings\fabien\Application Data\Hotbar
    C:\Program Files\Ask.com

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    m
    0
    l
    14 Novembre 2009 00:09:14

    Voila le rapport, par contre jai un petit soucis je n'arrive plus a rentrer dans mon lecteur C via le poste de travail.

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    ========== FILES ==========
    C:\Documents and Settings\All Users\Application Data\HotbarSA folder moved successfully.
    C:\Documents and Settings\fabien\Application Data\Hotbar\v3.5\Hotbar\static\1 folder moved successfully.
    C:\Documents and Settings\fabien\Application Data\Hotbar\v3.5\Hotbar\static folder moved successfully.
    C:\Documents and Settings\fabien\Application Data\Hotbar\v3.5\Hotbar folder moved successfully.
    C:\Documents and Settings\fabien\Application Data\Hotbar\v3.5 folder moved successfully.
    C:\Documents and Settings\fabien\Application Data\Hotbar folder moved successfully.
    C:\Program Files\Ask.com folder moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: fabien
    ->Temp folder emptied: 3291601 bytes
    ->Temporary Internet Files folder emptied: 784394487 bytes
    ->Java cache emptied: 26602936 bytes
    ->FireFox cache emptied: 78113740 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 6155252 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: pb

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 2351795 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    Windows Temp folder emptied: 16823 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 28621180 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 886,64 mb


    OTM by OldTimer - Version 3.1.1.0 log created on 11132009_235639

    Files moved on Reboot...

    Registry entries deleted on Reboot...
    m
    0
    l
    a c 327 8 Sécurité
    14 Novembre 2009 00:13:59

    Citation :
    jai un petit soucis je n'arrive plus a rentrer dans mon lecteur C via le poste de travail.

    --> Tu as un message d'erreur ?
    m
    0
    l
    14 Novembre 2009 00:24:24

    Oui celui ci : Windows ne trouve pas 'vsghost.exe' Verifiez que vous avez entré le nom correctement et essayez a nouveau. Pour rechercher un fichier, cliqué sur démarré puis rechercher.
    m
    0
    l
    a c 327 8 Sécurité
    14 Novembre 2009 00:42:49

  • Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix pour l'exécuter.
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    m
    0
    l
    17 Novembre 2009 14:43:49

    Désolé de la réponse tardive j'etais en déplacement.

    Comme demandé voila le rapport :

    ############################## | UsbFix V6.053 |

    User : fabien (Administrateurs) # A6-B767CBBC1F97
    Update on 14/11/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 14:39:53 | 17/11/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Processeur Intel Pentium III Xeon
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled

    C:\ -> Disque fixe local # 335,34 Go (162,56 Go free) # NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM
    G:\ -> Disque CD-ROM # 5,4 Go (0 Mo free) [PES2010] # UDF

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe 652
    C:\WINDOWS\system32\csrss.exe 708
    C:\WINDOWS\system32\winlogon.exe 732
    C:\WINDOWS\system32\services.exe 776
    C:\WINDOWS\system32\lsass.exe 788
    C:\WINDOWS\system32\svchost.exe 964
    C:\WINDOWS\system32\svchost.exe 1052
    C:\WINDOWS\System32\svchost.exe 1172
    C:\WINDOWS\system32\svchost.exe 1272
    C:\WINDOWS\system32\svchost.exe 1404
    C:\WINDOWS\system32\spoolsv.exe 1616
    C:\WINDOWS\system32\svchost.exe 1692
    C:\Program Files\Bonjour\mDNSResponder.exe 1736
    C:\Program Files\Java\jre6\bin\jqs.exe 1888
    C:\Program Files\CDBurnerXP\NMSAccessU.exe 1928
    C:\WINDOWS\system32\nvsvc32.exe 1948
    C:\WINDOWS\system32\WgaTray.exe 208
    C:\WINDOWS\Explorer.EXE 220
    C:\WINDOWS\system32\PnkBstrA.exe 268
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 476
    C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe 916
    C:\WINDOWS\system32\wbem\wmiapsrv.exe 508
    C:\WINDOWS\System32\alg.exe 584
    C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe 1324
    C:\WINDOWS\RTHDCPL.EXE 2448
    C:\WINDOWS\system32\RUNDLL32.EXE 2536
    C:\Program Files\Java\jre6\bin\jusched.exe 2580
    C:\WINDOWS\system32\ctfmon.exe 2868
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2724
    C:\Program Files\SFR\Kit\9props.exe 2792
    C:\Program Files\Xfire\Xfire.exe 3020
    C:\Program Files\Java\jre6\bin\jucheck.exe 1008
    C:\Program Files\Internet Explorer\iexplore.exe 1744
    C:\Program Files\Internet Explorer\iexplore.exe 2648
    C:\Program Files\Windows Live\Toolbar\wltuser.exe 2736
    C:\Program Files\Mumble\mumble.exe 3552
    C:\Program Files\Mumble\dbus-daemon.exe 3560
    C:\WINDOWS\system32\PnkBstrB.exe 3164
    C:\WINDOWS\Explorer.EXE 4080
    C:\Program Files\Windows Live\Contacts\wlcomm.exe 1044
    C:\Program Files\Internet Explorer\iexplore.exe 2148
    C:\Program Files\Internet Explorer\iexplore.exe 1040
    C:\PROGRA~1\FREEDO~1\fdm.exe 2108
    C:\WINDOWS\system32\wbem\wmiprvse.exe 2196

    ################## | Fichiers # Dossiers infectieux |

    C:\autorun.inf
    G:\autorun.inf

    ################## | Registre # Clés Run infectieuses |

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoResolveSearch"

    ################## | Registre # Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\{373807e3-30a9-11de-8417-002215493bfd}
    Shell\AutoRun\command =G:\autorun.exe

    HKCU\..\..\Explorer\MountPoints2\{9b01000f-067d-11de-8f44-806d6172696f}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL vshost.exe

    ################## | Suspect | http://www.virustotal.com |


    ################## | Cracks / Keygens / Serials |

    "C:\Documents and Settings\fabien\Mes documents\psy 4\Rollercoaster Tycoon 2 + WW et TT\Rollercoaster Tycoon 2\Crack\rct2.exe"
    11/05/2009 07:23 |Size 6785536 |Crc32 b0a582a2 |Md5 0b72f19dbb49b33d47542a56c3434bc8

    "C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\Sony Vegas Pro 9.0\Sony Vegas Pro 9.0\Keygen\Keygen.exe"
    23/05/2009 12:23 |Size 204800 |Crc32 ac0b884c |Md5 fd992237125ee6f616641d2e10f7f3d6

    "C:\Downloads\Boost_Windows_2009\Crack\bw.exe"
    15/12/2008 21:03 |Size 1777664 |Crc32 c3f1b45e |Md5 5d76a78c5f333864b1da8d0048040dd6

    "C:\Downloads\cod2\call_of_duty_2_by_britney\CRACK\CoD2SP_s.exe"
    03/11/2005 00:33 |Size 1751621 |Crc32 eb66ed20 |Md5 407907c3de73838227ed256338f2a8e9

    "C:\Downloads\Crack\pes2010.exe"
    19/10/2009 17:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07

    "G:\Crack\pes2010.exe"
    19/10/2009 16:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07

    "C:\Downloads\cod2\call_of_duty_2_by_britney\CRACK\patch multijoueur.ZIP"
    Contain : patch.exe 41636 DFLT-N 4% 40128 29-10-2005 15:08:18 81ffe60d

    "C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CRACKINETTE COD5.rar"
    -> contain : *crack cod5WoW.exe


    ################## | ! Fin du rapport # UsbFix V6.053 ! |

    m
    0
    l
    a c 327 8 Sécurité
    17 Novembre 2009 15:41:45

  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix présent sur ton Bureau pour le lancer.
  • Choisis l'option 2 (Suppression).
  • Ton Bureau disparaîtra et le PC redémarrera.
  • Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
  • Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
    m
    0
    l
    23 Novembre 2009 23:05:43

    Voila le rapport


    ############################## | UsbFix V6.053 |

    User : fabien (Administrateurs) # A6-B767CBBC1F97
    Update on 14/11/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 18:35:14 | 23/11/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Processeur Intel Pentium III Xeon
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled

    C:\ -> Disque fixe local # 335,34 Go (160,97 Go free) # NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM
    G:\ -> Disque CD-ROM

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe 652
    C:\WINDOWS\system32\csrss.exe 700
    C:\WINDOWS\system32\winlogon.exe 724
    C:\WINDOWS\system32\services.exe 768
    C:\WINDOWS\system32\lsass.exe 780
    C:\WINDOWS\system32\svchost.exe 956
    C:\WINDOWS\system32\svchost.exe 1024
    C:\WINDOWS\System32\svchost.exe 1120
    C:\WINDOWS\system32\svchost.exe 1200
    C:\WINDOWS\system32\svchost.exe 1272
    C:\WINDOWS\system32\logonui.exe 1364
    C:\WINDOWS\system32\spoolsv.exe 1544
    C:\WINDOWS\system32\svchost.exe 1676
    C:\Program Files\Bonjour\mDNSResponder.exe 1708
    C:\Program Files\Java\jre6\bin\jqs.exe 1860
    C:\Program Files\CDBurnerXP\NMSAccessU.exe 1912
    C:\WINDOWS\system32\nvsvc32.exe 1940
    C:\WINDOWS\system32\PnkBstrA.exe 1956
    C:\WINDOWS\system32\PnkBstrB.exe 1968
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2020
    C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe 448
    C:\WINDOWS\system32\wuauclt.exe 692
    C:\WINDOWS\system32\wbem\wmiapsrv.exe 1264
    C:\WINDOWS\System32\alg.exe 828
    C:\WINDOWS\system32\wbem\wmiprvse.exe 1564
    C:\WINDOWS\system32\wbem\wmiprvse.exe 1784
    C:\WINDOWS\system32\KB905474\wgasetup.exe 496
    C:\WINDOWS\system32\userinit.exe 508
    C:\WINDOWS\system32\WgaTray.exe 1900
    C:\WINDOWS\system32\KB905474\wgasetup.exe 560
    C:\WINDOWS\Explorer.EXE 140

    ################## | Fichiers # Dossiers infectieux |

    Supprimé ! C:\autorun.inf

    ################## | Registre # Clés Run infectieuses |

    Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoResolveSearch"

    ################## | Registre # Mountpoints2 |


    ################## | Listing des fichiers présent |

    [13/11/2009 21:08|--a------|20816] C:\Ad-Report-CLEAN[1].log
    [01/03/2009 16:41|--a------|0] C:\AUTOEXEC.BAT
    [01/03/2009 16:37|---hs----|212] C:\boot.ini
    [14/04/2008 13:00|-rahs----|4952] C:\Bootfont.bin
    [12/11/2009 05:24|--a------|1668] C:\cleannavi.txt
    [01/03/2009 16:41|--a------|0] C:\CONFIG.SYS
    [07/11/2007 08:00|--a------|17734] C:\eula.1028.txt
    [07/11/2007 08:00|--a------|17734] C:\eula.1031.txt
    [07/11/2007 08:00|--a------|10134] C:\eula.1033.txt
    [07/11/2007 08:00|--a------|17734] C:\eula.1036.txt
    [07/11/2007 08:00|--a------|17734] C:\eula.1040.txt
    [07/11/2007 08:00|--a------|118] C:\eula.1041.txt
    [07/11/2007 08:00|--a------|17734] C:\eula.1042.txt
    [07/11/2007 08:00|--a------|17734] C:\eula.2052.txt
    [07/11/2007 08:00|--a------|17734] C:\eula.3082.txt
    [07/11/2007 08:00|--a------|1110] C:\globdata.ini
    [07/11/2007 08:03|--a------|562688] C:\install.exe
    [07/11/2007 08:00|--a------|843] C:\install.ini
    [07/11/2007 08:03|--a------|76304] C:\install.res.1028.dll
    [07/11/2007 08:03|--a------|96272] C:\install.res.1031.dll
    [07/11/2007 08:03|--a------|91152] C:\install.res.1033.dll
    [07/11/2007 08:03|--a------|97296] C:\install.res.1036.dll
    [07/11/2007 08:03|--a------|95248] C:\install.res.1040.dll
    [07/11/2007 08:03|--a------|81424] C:\install.res.1041.dll
    [07/11/2007 08:03|--a------|79888] C:\install.res.1042.dll
    [07/11/2007 08:03|--a------|75792] C:\install.res.2052.dll
    [07/11/2007 08:03|--a------|96272] C:\install.res.3082.dll
    [01/03/2009 16:41|-rahs----|0] C:\IO.SYS
    [01/03/2009 16:41|-rahs----|0] C:\MSDOS.SYS
    [14/04/2008 13:00|-rahs----|47564] C:\NTDETECT.COM
    [14/04/2008 13:00|-rahs----|252240] C:\ntldr
    [29/02/2004 16:44|--a------|52576] C:\orange.bmp
    [?|?|?] C:\pagefile.sys
    [25/04/2009 21:29|--a------|104] C:\start
    [01/07/2009 16:40|--a------|4760] C:\sv_viol.log
    [23/11/2009 18:39|--a------|4164] C:\UsbFix.txt
    [07/11/2007 08:00|--a------|5686] C:\vcredist.bmp
    [07/11/2007 08:09|--a------|1442522] C:\VC_RED.cab
    [07/11/2007 08:12|--a------|232960] C:\VC_RED.MSI

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix.

    ################## | Suspect | http://www.virustotal.com |


    ################## | Cracks / Keygens / Serials |

    "C:\Documents and Settings\fabien\Mes documents\psy 4\Rollercoaster Tycoon 2 + WW et TT\Rollercoaster Tycoon 2\Crack\rct2.exe"
    11/05/2009 07:23 |Size 6785536 |Crc32 b0a582a2 |Md5 0b72f19dbb49b33d47542a56c3434bc8

    "C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\Sony Vegas Pro 9.0\Sony Vegas Pro 9.0\Keygen\Keygen.exe"
    23/05/2009 12:23 |Size 204800 |Crc32 ac0b884c |Md5 fd992237125ee6f616641d2e10f7f3d6

    "C:\Downloads\Boost_Windows_2009\Crack\bw.exe"
    15/12/2008 21:03 |Size 1777664 |Crc32 c3f1b45e |Md5 5d76a78c5f333864b1da8d0048040dd6

    "C:\Downloads\cod2\call_of_duty_2_by_britney\CRACK\CoD2SP_s.exe"
    03/11/2005 00:33 |Size 1751621 |Crc32 eb66ed20 |Md5 407907c3de73838227ed256338f2a8e9

    "C:\Downloads\Crack\pes2010.exe"
    19/10/2009 17:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07

    "C:\Downloads\cod2\call_of_duty_2_by_britney\CRACK\patch multijoueur.ZIP"
    Contain : patch.exe 41636 DFLT-N 4% 40128 29-10-2005 15:08:18 81ffe60d

    "C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CRACKINETTE COD5.rar"
    -> contain : *crack cod5WoW.exe


    ################## | Upload |

    Veuillez envoyer le fichier : C:\DOCUME~1\fabien\Bureau\UsbFix_Upload_Me_A6-B767CBBC1F97.zip : http://forum-aide-contre-virus.be/usbfix/choix_fichier....
    Merci pour votre contribution .

    ################## | ! Fin du rapport # UsbFix V6.053 ! |

    m
    0
    l
    a c 327 8 Sécurité
    24 Novembre 2009 02:43:14

  • Relance UsbFix et choisis l'option 5 pour le désinstaller.

    Plus de souci ?

    Pourquoi n'as-tu pas d'antivirus ?
    m
    0
    l
    1 Décembre 2009 14:04:49

    Non plus de soucis, pour l'antivirus jusqu'à maintenant le meilleure que j'ai testé c'est sans antivirus ^^.
    Mais si tu as une proposition je suis preneur
    m
    0
    l
    a c 327 8 Sécurité
    1 Décembre 2009 17:10:58

  • Installe AntiVir et mets-le à jour.
  • Double-clique sur l'icône d'AntiVir (Parapluie) dans la barre des tâches.
  • Dans AntiVir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages puis valide.
  • Fais un scan complet, clique sur Tout réparer si AntiVir trouve quelque chose et poste le rapport.

    Tutoriel : Scanner le(s) disque(s) dur(s)
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS