Se connecter / S'enregistrer
Votre question

TR/crypt.ZPACK.Gen et autres virus (Resolu)

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Novembre 2009 21:41:11

Bonjour à tous,

J'ai plusieurs virus sur mon PC (c'est pas le H1N1 mais presque!!) : HTLM/infected Webpage.GEn - TR/crypt.ZPACK.Gen - TR/crypt.CFI.Gen et TR/BHO.abbq.

J'ai suivi les conseils du forum en téléchargeant RSIT dont voici les rapports :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Françoise at 2009-11-26 20:52:30
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 32 GB (41%) free of 78 GB
Total RAM: 511 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:53:46, on 26/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\sol.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Françoise\Local Settings\Temporary Internet Files\Content.IE5\IFWNTEFL\RSIT[1].exe
C:\Program Files\trend micro\Françoise.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.duxet.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {059814A2-E0A0-4D05-AA80-EA70F4C7D30f} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll (file missing)
O2 - BHO: (no name) - {0E452D64-1DA5-413C-A937-3704F48C1967} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {19FB2527-478A-4BC0-9948-12DFAFAE4A8d} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {213796D5-5430-459A-BDF0-7A7150A5F17f} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {22B35DE2-11B8-4836-85A3-1AD81009F3C7} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {308871DC-3BE9-4280-A542-14BE1C7FE3Db} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {3137E80F-DB66-4DE9-8162-9564E30CA499} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {47229EB1-D6F4-449D-8154-79D9D94F83A8} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {49CD79A7-537F-42B8-BC11-F350AC21037e} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {52759141-0718-4AE3-A3E0-E4410B7B7064} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {533DFC70-43C9-4C9E-8853-7188E90CAF93} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {533E5D81-F7B0-4AC2-872A-389412394BD0} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {56C5CB59-2C9D-4B36-B1D6-E4DF55F4A0D7} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {56D58BE8-250B-40D1-B2E0-C1CB5D15B707} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {5E0A8A50-F64A-4DFF-9EF3-734899D5AD22} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {738B2214-17A8-4468-BA17-DEE5A78D9699} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {7A0CA2B3-E88A-405B-9716-DF73148DFE9c} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {997D017B-09EC-416C-98CA-6FE572DA6BE0} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: (no name) - {AB0C0AB6-853D-4C1E-92AD-7C0FEF939859} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: (no name) - {B58EF0E9-8D02-4665-A778-4FD4ABB13AC4} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Mirar - {C08A398F-2CD5-4328-815C-46AE1E461DCC} - C:\WINDOWS\system32\win7078.dll (file missing)
O2 - BHO: (no name) - {C18CE77E-4DEA-4EDC-83D2-C34CD32DF883} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: (no name) - {CC5A88C5-D484-4394-983C-5CD08E12E349} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {D30411FA-CCEE-4FA0-B285-8248875CA769} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {DE73E8C4-0099-4E2A-9731-FC78745FF61f} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {E2E4D7DF-487E-4CBD-9D07-583AA567630b} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {F0271766-18B9-4350-81EC-5017337F3408} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
O2 - BHO: (no name) - {F145B3E6-58C0-4369-B355-BD0B8BFB6DF0} - C:\WINDOWS\System32\dbnmpntw32.dll
O2 - BHO: (no name) - {FB2C0EC3-73B3-4661-8092-3B9246864CA4} - C:\WINDOWS\System32\dbnmpntw32.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Mirar - {C08A398E-2CD5-4328-815C-46AE1E461DCC} - C:\WINDOWS\system32\win7078.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll (file missing)
O4 - HKLM\..\Run: [NI.UWFX5V_0001_0725] "C:\Documents and Settings\Françoise\Local Settings\Temporary Internet Files\Content.IE5\CXEJU30D\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\Françoise\Local Settings\Temporary Internet Files\Content.IE5\4TMN85YR\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SGPUpdater] C:\Program Files\Search Guard PlusU\sgpUpdaters.exe
O4 - HKLM\..\Run: [FBSearch] C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0....
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie....
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {775879E2-7309-4619-BB02-AADE41F4B690} (CPlayFirstdreamControl Object) - http://m.boonty.com/webgames/DreamChronicles/dreamweb.1...
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\System32\datime32.dll
O20 - Winlogon Notify: 582b824b700 - C:\WINDOWS\System32\datime32.dll
O21 - SSODL: syshelps - {ADB124D0-178F-436C-A928-2E5C64147F13} - syshelps.dll (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Service Google Update (gupdate1c9c0fd38142cf8) (gupdate1c9c0fd38142cf8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe

--
End of file - 14907 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{00827DDD-2E75-4614-AAD1-6572CA91AB81}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\SOFTWARE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{059814A2-E0A0-4D05-AA80-EA70F4C7D30f}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
MediaBar - C:\Program Files\BearShareTb\BearShareDx.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E452D64-1DA5-413C-A937-3704F48C1967}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19FB2527-478A-4BC0-9948-12DFAFAE4A8d}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{213796D5-5430-459A-BDF0-7A7150A5F17f}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22B35DE2-11B8-4836-85A3-1AD81009F3C7}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-03-06 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-04-19 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{308871DC-3BE9-4280-A542-14BE1C7FE3Db}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3137E80F-DB66-4DE9-8162-9564E30CA499}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47229EB1-D6F4-449D-8154-79D9D94F83A8}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49CD79A7-537F-42B8-BC11-F350AC21037e}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{52759141-0718-4AE3-A3E0-E4410B7B7064}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{533DFC70-43C9-4C9E-8853-7188E90CAF93}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{533E5D81-F7B0-4AC2-872A-389412394BD0}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56C5CB59-2C9D-4B36-B1D6-E4DF55F4A0D7}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56D58BE8-250B-40D1-B2E0-C1CB5D15B707}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5E0A8A50-F64A-4DFF-9EF3-734899D5AD22}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{738B2214-17A8-4468-BA17-DEE5A78D9699}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A0CA2B3-E88A-405B-9716-DF73148DFE9c}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
ST - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{997D017B-09EC-416C-98CA-6FE572DA6BE0}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-26 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB0C0AB6-853D-4C1E-92AD-7C0FEF939859}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-02 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B58EF0E9-8D02-4665-A778-4FD4ABB13AC4}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
MSNToolBandBHO - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08A398F-2CD5-4328-815C-46AE1E461DCC}]
Mirar - C:\WINDOWS\system32\win7078.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C18CE77E-4DEA-4EDC-83D2-C34CD32DF883}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-26 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC5A88C5-D484-4394-983C-5CD08E12E349}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D30411FA-CCEE-4FA0-B285-8248875CA769}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE73E8C4-0099-4E2A-9731-FC78745FF61f}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2E4D7DF-487E-4CBD-9D07-583AA567630b}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0271766-18B9-4350-81EC-5017337F3408}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}]
Search Assistant - C:\Program Files\SGPSA\BHO.dll [2009-07-10 732672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F145B3E6-58C0-4369-B355-BD0B8BFB6DF0}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB2C0EC3-73B3-4661-8092-3B9246864CA4}]
C:\WINDOWS\System32\dbnmpntw32.dll [2009-11-21 187904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624]
{C08A398E-2CD5-4328-815C-46AE1E461DCC} - Mirar - C:\WINDOWS\system32\win7078.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-26 256112]
{0974BA1E-64EC-11DE-B2A5-E43756D89593} - MediaBar - C:\Program Files\BearShareTb\BearShareDx.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NI.UWFX5V_0001_0725"=C:\Documents and Settings\Françoise\Local Settings\Temporary Internet Files\Content.IE5\CXEJU30D\WinFixer2005ScannerInstallFRA[1].exe []
"NI.UWFX5V_0001_LP"=C:\Documents and Settings\Françoise\Local Settings\Temporary Internet Files\Content.IE5\4TMN85YR\WinFixer2005ScannerInstallFRA[1].exe []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-04-19 198160]
"SGPUpdater"=C:\Program Files\Search Guard PlusU\sgpUpdaters.exe [2009-05-15 67456]
"FBSearch"=C:\Program Files\Search Guard Plus\SearchGuardPlus.exe [2009-05-04 194432]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 172544]
"DWQueuedReporting"=C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-03-13 39264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-03-02 68856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-16 63712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-18 1848648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\copy bin slow 16]
C:\Documents and Settings\All Users\Application Data\Send acid copy bin\Axis safe.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2008-02-13 564496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-02-13 2196240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Portfolio]
C:\Program Files\Microsoft Works\WksSb.exe [2000-07-12 311350]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Microsoft Works\WkDetect.exe [2000-08-04 28739]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnlivesearch]
C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe [2008-10-26 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UWFX5V]
C:\Documents and Settings\Cyril\Bureau\Installations\WinFixer2005ScannerInstallFRA.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UWFX5V_0001_0802]
C:\Documents and Settings\Françoise\Local Settings\Temporary Internet Files\Content.IE5\KZE3ELA5\WFI_FRA[1].exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2006-06-15 229376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\Search Settings\SearchSettings.exe [2008-06-12 991584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-03-06 24095528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-03-02 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-04-19 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorksFUD]
C:\Program Files\Microsoft Works\wkfud.exe [2000-07-12 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2004-10-12 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Contrôleur de calendrier Ulead.lnk]
C:\PROGRA~1\ULEADS~1\ULEADP~1.0SE\CalCheck.exe [2002-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2008-12-09 66864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MaxiMemo.lnk]
C:\PROGRA~1\MaxiMemo\MaxiMemo.exe [2007-02-26 828928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~4\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PHOTOfunSTUDIO -viewer-.lnk]
C:\PROGRA~1\PANASO~1\PHOTOF~1\PHAUTO~1.EXE [2007-11-16 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Rappels du Calendrier Microsoft Works.lnk]
C:\PROGRA~1\FICHIE~1\MICROS~1\WORKSS~1\wkcalrem.exe [2000-07-12 24633]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Supervision de Photo Loader.lnk]
C:\PROGRA~1\CASIO\PHOTOL~1\Plauto.exe [2002-08-22 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Françoise^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk]
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Boonty Games"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\System32\datime32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\582b824b700]
C:\WINDOWS\System32\datime32.dll [2009-11-21 119296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
syshelps - {ADB124D0-178F-436C-A928-2E5C64147F13} - syshelps.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Manon\Mes documents\Ma musique\LimeWire\LimeWire.exe"="C:\Documents and Settings\Manon\Mes documents\Ma musique\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Shell"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

======List of files/folders created in the last 1 months======

2009-11-26 20:52:35 ----D---- C:\Program Files\trend micro
2009-11-26 20:52:30 ----D---- C:\rsit
2009-11-25 19:25:36 ----ASH---- C:\WINDOWS\system32\6.tmp
2009-11-24 22:42:02 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-24 22:41:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-22 13:52:57 ----ASH---- C:\WINDOWS\system32\2.tmp
2009-11-22 10:13:07 ----D---- C:\Documents and Settings\Françoise\Application Data\BearShareTb
2009-11-21 20:26:06 ----A---- C:\WINDOWS\GnuHashes.ini
2009-11-21 20:08:52 ----D---- C:\Documents and Settings\Françoise\Application Data\WinRAR
2009-11-21 20:08:31 ----SHD---- C:\WINDOWS\system32\SysWoW32
2009-11-21 20:07:03 ----SH---- C:\WINDOWS\system32\unrar.exe
2009-11-21 20:07:03 ----D---- C:\WINDOWS\system32\1780081964
2009-11-21 20:06:37 ----ASH---- C:\WINDOWS\system32\EB.tmp
2009-11-21 20:06:37 ----A---- C:\WINDOWS\system32\dbnmpntw32.dll
2009-11-21 20:06:35 ----A---- C:\WINDOWS\system32\datime32.dll
2009-11-21 20:06:33 ----A---- C:\WINDOWS\system32\aJqCP.vbs
2009-11-21 19:42:13 ----D---- C:\Program Files\MOVAVI
2009-11-21 19:42:12 ----D---- C:\Program Files\HighMAT CD Writing Wizard
2009-11-21 19:42:12 ----D---- C:\Program Files\ConvertMovie 5.0
2009-11-21 19:39:09 ----D---- C:\Program Files\PremiereAdvertisingPlatform
2009-11-21 19:38:42 ----D---- C:\Program Files\Fichiers communs\xing shared
2009-11-21 19:38:32 ----D---- C:\Program Files\Search Settings
2009-11-21 19:38:30 ----D---- C:\Program Files\SupremoAdsForYou
2009-11-21 19:38:30 ----D---- C:\Program Files\Sensual Poker 5000 freeware
2009-11-21 19:38:30 ----D---- C:\Documents and Settings\Françoise\Application Data\Search Settings
2009-11-21 19:38:28 ----D---- C:\Program Files\Red Kawa
2009-11-21 19:38:26 ----D---- C:\Program Files\Bonjour
2009-11-21 19:38:22 ----D---- C:\Program Files\Search Guard Plus
2009-11-21 19:37:55 ----HD---- C:\WINDOWS\$NtUninstallwmp11$
2009-11-21 19:37:18 ----HD---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-11-21 15:25:32 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-11-21 15:25:10 ----A---- C:\WINDOWS\imsins.BAK
2009-11-21 13:50:12 ----D---- C:\Documents and Settings\Françoise\Application Data\LimeWire
2009-11-21 13:31:13 ----D---- C:\Documents and Settings\Françoise\Application Data\PC Suite
2009-11-21 13:28:08 ----A---- C:\WINDOWS\OEWABLog.txt
2009-11-20 23:04:03 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-20 22:26:50 ----D---- C:\Documents and Settings\Françoise\Application Data\Macromedia
2009-11-20 22:26:48 ----D---- C:\Documents and Settings\Françoise\Application Data\Adobe
2009-11-20 22:10:39 ----D---- C:\Documents and Settings\Françoise\Application Data\Apple Computer
2009-11-20 21:01:24 ----D---- C:\Documents and Settings\Françoise\Application Data\Real
2009-11-20 21:01:23 ----D---- C:\Documents and Settings\Françoise\Application Data\Identities
2009-11-20 20:46:02 ----D---- C:\Documents and Settings\Françoise\Application Data\Google
2009-11-20 20:38:18 ----ASH---- C:\Documents and Settings\Françoise\Application Data\desktop.ini
2009-11-20 20:38:14 ----SD---- C:\Documents and Settings\Françoise\Application Data\Microsoft
2009-11-05 20:29:18 ----D---- C:\WINDOWS\tmp

======List of files/folders modified in the last 1 months======

2009-11-26 20:52:35 ----RD---- C:\Program Files
2009-11-26 20:52:32 ----D---- C:\WINDOWS\Prefetch
2009-11-26 20:48:07 ----D---- C:\WINDOWS\Temp
2009-11-26 20:43:39 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-26 19:39:28 ----SD---- C:\WINDOWS\Tasks
2009-11-26 19:37:38 ----SH---- C:\boot.ini
2009-11-26 19:37:38 ----A---- C:\WINDOWS\win.ini
2009-11-26 19:37:38 ----A---- C:\WINDOWS\system.ini
2009-11-26 19:35:47 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-25 22:02:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-25 19:52:09 ----SHD---- C:\WINDOWS\Installer
2009-11-25 19:52:09 ----D---- C:\Config.Msi
2009-11-25 19:25:37 ----D---- C:\WINDOWS\system32
2009-11-25 03:11:27 ----D---- C:\WINDOWS
2009-11-24 22:42:08 ----HD---- C:\WINDOWS\inf
2009-11-24 22:41:47 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-24 22:40:02 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-24 22:39:46 ----D---- C:\WINDOWS\WinSxS
2009-11-22 09:50:17 ----D---- C:\Program Files\LimeWire
2009-11-21 20:05:40 ----D---- C:\WINDOWS\Debug
2009-11-21 19:49:16 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-21 19:44:41 ----D---- C:\WINDOWS\system32\config
2009-11-21 19:44:10 ----D---- C:\WINDOWS\system32\wbem
2009-11-21 19:44:09 ----D---- C:\WINDOWS\Registration
2009-11-21 19:40:26 ----D---- C:\WINDOWS\system32\URTTemp
2009-11-21 19:39:09 ----D---- C:\Program Files\Panda Security
2009-11-21 19:39:07 ----D---- C:\WINDOWS\system32\drivers
2009-11-21 19:39:00 ----D---- C:\Program Files\Fichiers communs\Labtec
2009-11-21 19:38:47 ----D---- C:\Program Files\Fichiers communs\Real
2009-11-21 19:38:29 ----D---- C:\Program Files\Windows Live
2009-11-21 19:38:10 ----D---- C:\Program Files\Windows Media Player
2009-11-21 19:38:07 ----D---- C:\Program Files\Windows Media Connect 2
2009-11-21 16:18:32 ----D---- C:\WINDOWS\Help
2009-11-21 14:54:08 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-21 12:34:53 ----D---- C:\WINDOWS\Microsoft.NET
2009-11-21 12:34:52 ----RSD---- C:\WINDOWS\assembly
2009-11-21 12:13:16 ----D---- C:\WINDOWS\Minidump
2009-11-21 11:28:36 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-21 11:18:25 ----D---- C:\Program Files\Fichiers communs
2009-11-21 11:07:31 ----D---- C:\Program Files\Microsoft Office
2009-11-21 11:07:30 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-11-21 10:43:37 ----D---- C:\Program Files\Logitech
2009-11-21 10:41:11 ----D---- C:\Program Files\Java
2009-11-21 10:20:45 ----D---- C:\Program Files\Google
2009-11-20 21:01:22 ----D---- C:\Program Files\Everest Poker
2009-11-20 21:00:22 ----D---- C:\Program Files\Internet Explorer
2009-11-20 21:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-11-20 21:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-11-20 21:00:13 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-11-20 21:00:10 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-11-20 20:59:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-11-20 20:59:47 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-11-20 20:59:37 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-11-20 20:59:30 ----D---- C:\Program Files\Adobe
2009-11-20 20:58:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-11-20 20:44:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-20 20:38:11 ----D---- C:\Documents and Settings
2009-11-05 09:36:22 ----A---- C:\WINDOWS\system32\MRT.exe
2009-10-28 16:07:15 ----N---- C:\WINDOWS\system32\tzchange.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-18 55656]
R3 ac97intc;Service d'installation du pilote audio Intel(r) 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys [2001-08-23 908000]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-02-05 25624]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-05-15 9856]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
R3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-29 167424]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Pilote de communications modem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2008-02-05 689176]
S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2008-02-06 628760]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2008-02-06 41752]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-09-06 47360]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2008-02-06 13848]
S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2008-02-06 2570520]
S3 QV2KUX;Appareil photo numérique Casio; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SQTECH905C;DaulCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2004-08-04 29400]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2008-02-05 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-02-05 150040]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1c9c0fd38142cf8;Service Google Update (gupdate1c9c0fd38142cf8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-19 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-17 194032]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2008-02-05 141848]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-11 57344]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 AdobeActiveFileMonitor;Adobe Active File Monitor; C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-12 98304]
S4 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2009-11-26 20:54:01

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
-->MsiExec.exe /I{5B782FFA-6A95-480D-8E0A-0954A14693D6}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee for PENTAX 2.0-->MsiExec.exe /I{D8320DD6-FE47-41DE-B116-4158B7AE3F37}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
Adobe Photoshop Elements 3.0-->MsiExec.exe /I{851C67EF-068A-4060-9EF5-2E3DDCD68382}
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Adobe® Photoshop® Album Edition Découverte 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
AnglaisFacile.com - Planet English-->"C:\Program Files\AnglaisFacile.com\Planet English\uninstall.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft PhotoImpression 3.0-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\ArcSoft\PhotoImpression\Uninst.isu"
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
AXIS Media Control Embedded-->rundll32 "C:\Program Files\Axis Communications\AXIS Media Control Embedded\AxisMediaControlEmb.dll",UninstallMe
Azada : Ancient Magic-->"C:\Program Files\Azada - Ancient Magic\Uninstall.exe"
Barre d'outils MSN-->C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\mtbs.exe c
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Bookworm Deluxe-->"C:\Program Files\orange\jeux\Bookworm Deluxe\Uninstall.exe" "C:\Program Files\orange\jeux\Bookworm Deluxe\install.log"
BoontyBox 2.1-->"C:\WINDOWS\unins000.exe"
Canon iP3600 series Printer Driver-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series /L0x000c
Canon MP Drivers 7.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D335AC77-6F59-46D6-9082-F74A9F7E0FC3}\Setup.exe" -l0x40c -Uninstall
Canon MP Navigator 1.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8653730A-683D-4C42-BB18-6471291D5DEA}\setup.exe" /SUUninstall
Canon ScanGear Starter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\setup.exe" -l0x40c anything
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
CDex extraction audio-->"C:\Program Files\CDex_150\uninstall.exe"
Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\11.70.1196\LgDrvInst.exe" -remove -instdir"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.70" /clone_wait /hide_progress
ConvertMovie 5.0-->C:\Program Files\ConvertMovie 5.0\uninst.exe
Copy Utility-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\EPSON\Copy Utility\Uninst.isu"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
CyberGestion-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C964A549-C74A-11D3-B88A-00A0C9379093}\setup.exe"
Dracula 3: La Voie du Dragon-->"C:\Program Files\Dracula 3 - La Voie du Dragon\Uninstall.exe"
Dream Chronicles 2: The Eternal Maze-->"C:\Program Files\Dream Chronicles 2 - The Eternal Maze\Uninstall.exe"
Easy GIF Animator 4.61-->"C:\My Documents\Easy GIF Animator\unins000.exe"
EPSON Photo Print-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\EPSON\Photo Print\Uninst.isu"
EPSON Smart Panel-->C:\Program Files\EPSON\Smart Panel\SPUninst.exe
EPSON TWAIN 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\setup.exe" UNINSTALL
Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall
Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Fairies (gratuit) (remove only)-->"C:\Program Files\Fairies\Uninstall.exe"
Favorit-->"c:\documents and settings\françoise\local settings\application data\vdlsa.exe" -uninstall
Fight for Kisses 1.0-->"C:\Program Files\Fight for Kisses\uninstall.exe"
FoneSync-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\FoneSync\Uninst.isu" -c"C:\Program Files\FoneSync\UninstSupport.dll"
Free Ipod Video Converter V 2.6-->"C:\Program Files\Ipod Video Converter\unins000.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.33\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Video Player-->"C:\Program Files\Google\Google Video Player\Uninstall.exe"
Google Earth-->MsiExec.exe /X{3A05B900-A3E7-11DE-A9B7-005056806466}
Hidden Secrets: The Nightmare-->"C:\Program Files\Hidden Secrets - The Nightmare\Uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Inkjet Printer/Scanner Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
Installation de Microsoft Works Suite 2001-->C:\Program Files\Microsoft Works Suite 2001\Setup\Launcher.exe D:\
InterVideo WinDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL
Intuitive MX 1.3-->"C:\Program Files\Intuitive MX\unins000.exe"
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150010}
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Le Comte de Monte Cristo-->"C:\Program Files\Le Comte de Monte Cristo\Uninstall.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech QuickCam-->MsiExec.exe /X{6444D9D9-CD6C-4464-B970-55C606C944DC}
Logitech Updater-->MsiExec.exe /I{53735ECE-E461-4FD0-B742-23A352436D3A}
MaxiMemo 1.00-->"C:\Program Files\MaxiMemo\unins000.exe"
MediaBar-->C:\Program Files\BearShareTb\uninstall.exe
Messenger Plus! 3 & Sponsor-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
Messenger Plus! Live-->"C:\Documents and Settings\Manon\Mes documents\Fichier Téléchargements\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money 2001-->MsiExec.exe /I{D085A1B6-90A4-11D3-82B7-00C04FA309DE}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spu

Autres pages sur : crypt zpack gen virus resolu

a c 267 8 Sécurité
26 Novembre 2009 21:44:12

Bonjour,

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option S.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-SCAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    26 Novembre 2009 21:50:41

    Encore moi,

    Mon PC a bugé après les rapports de RSTI. Je vous saurais gré de m'aider à lutter contre l'infection ( c'est d'actualité!!)
    Merci et à bientôt.
    Contenus similaires
    a c 267 8 Sécurité
    26 Novembre 2009 21:55:14

    Comment ça il a bogué ?
    26 Novembre 2009 22:04:09

    Destrio5 a dit :
    Bonjour,

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option S.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.


  • Salut Destrio5,

    Je te remercie et je vais suivre tes instructions. A bientôt.
    27 Novembre 2009 00:57:55

    Re, Voici le rapport AD-R :

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_D | UNIQUEMENT XP/VISTA/7 =======
    .
    Mit à jour par C_XX le 25.11.2009 à 18:47
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 22:08:36, 26/11/2009 | Mode Normal | Option: SCAN
    Exécuté de: C:\Program Files\Ad-Remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: RUCHE-A69D65ECC | Utilisateur actuel: Fran‡oise
    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    Je suis partie deux heures. Quand je me suis remise à l'ordi, il y avait un écran bleu avec un long message me sgnalant un problème avec Windows. Il allait que je redémarre le PC et si le message réaparaissait, je devais utiliser le Mode sans échec pour réparer des composants ou en supprimer, je ne sais plus très bien.
    Le PC a redémarré sans anicroches mais il bugue.
    a c 267 8 Sécurité
    27 Novembre 2009 01:07:15

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    27 Novembre 2009 10:47:44

    Voici le rapport de MBAM.

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 3241
    Windows 5.1.2600 Service Pack 3

    27/11/2009 10:24:46
    mbam-log-2009-11-27 (10-24-45).txt

    Type de recherche: Examen rapide
    Eléments examinés: 181263
    Temps écoulé: 39 minute(s), 59 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 2
    Clé(s) du Registre infectée(s): 36
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 4
    Dossier(s) infecté(s): 6
    Fichier(s) infecté(s): 13

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\datime32.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\6.tmp (Trojan.Agent) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\582b824b700 (Trojan.Agent) -> Delete on reboot.
    HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{175816a5-219e-4079-b2f9-53c501c409ba} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{1c1793e0-1034-4cac-837d-aa545f6961bf} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{5d16197a-1eaa-45af-b29a-69f1aa055e87} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{8a61a950-c325-4f44-ba64-273180ff3464} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b53d4cd4-406d-43cc-8244-7893d72236dd} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b671426c-5c1a-48ac-9652-bc9402b1c404} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b9bb3219-f84c-4060-966b-4a1e73e24226} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{f786cb18-3809-4e49-bc99-9a66da47db8b} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{71efe583-62fe-4419-9918-ca3b683f7b36} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{31a59636-0fa3-4a56-954d-db7ad02840d8} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3fa917b9-df69-477f-9e4f-b60d929de79f} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ed8525ea-2bfc-4440-bd8a-20efb9d5e541} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-0000-0000-0000-000020040000} (Trojan.Dialer) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupremoAdsForYou (Adware.PlayMP3z) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PlayMP3 (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PremiereAdvertisingPlatform (Adware.PlayMP3z) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c08a398f-2cd5-4328-815c-46ae1e461dcc} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c08a398f-2cd5-4328-815c-46ae1e461dcc} (Trojan.BHO) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: c:\windows\system32\datime32.dll -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: system32\datime32.dll -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\PopSwatr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\PopSwatr\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    C:\Program Files\PremiereAdvertisingPlatform (Adware.PlayMP3z) -> Quarantined and deleted successfully.
    C:\Program Files\SupremoAdsForYou (Adware.PlayMP3z) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Documents and Settings\Francoise\Local Settings\Application Data\vdlsa_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Francoise\Local Settings\Application Data\vdlsa_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Francoise\Local Settings\Application Data\vdlsa.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\datime32.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\6.tmp (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\EB.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\PopSwatr\History\notallow (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\PlayMP3z\PlayMP3.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    C:\Program Files\PlayMP3z\uninstall.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    C:\Program Files\PremiereAdvertisingPlatform\uninstall.exe (Adware.PlayMP3z) -> Quarantined and deleted successfully.
    C:\Program Files\SupremoAdsForYou\uninstall.exe (Adware.PlayMP3z) -> Quarantined and deleted successfully.
    C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.


    Qu'est-ce que je fais des fichiers en quarantaine ?
    a c 267 8 Sécurité
    27 Novembre 2009 14:49:47

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Refais un scan RSIT et poste le rapport log.
    27 Novembre 2009 17:07:35

    Salut Destrio5,

    Voici le rapport log de RSIT. Je te remercie.

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Françoise at 2009-11-27 17:02:48
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 32 GB (41%) free of 78 GB
    Total RAM: 511 MB (54% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:03:03, on 27/11/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
    C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Documents and Settings\Françoise\Bureau\RSIT.exe
    C:\Program Files\trend micro\Françoise.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.duxet.com/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - SOFTWARE - (no file)
    O2 - BHO: (no name) - {059814A2-E0A0-4D05-AA80-EA70F4C7D30f} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll (file missing)
    O2 - BHO: (no name) - {0E452D64-1DA5-413C-A937-3704F48C1967} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {19FB2527-478A-4BC0-9948-12DFAFAE4A8d} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {213796D5-5430-459A-BDF0-7A7150A5F17f} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {22B35DE2-11B8-4836-85A3-1AD81009F3C7} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {308871DC-3BE9-4280-A542-14BE1C7FE3Db} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {3137E80F-DB66-4DE9-8162-9564E30CA499} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {47229EB1-D6F4-449D-8154-79D9D94F83A8} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {49CD79A7-537F-42B8-BC11-F350AC21037e} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {52759141-0718-4AE3-A3E0-E4410B7B7064} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {533DFC70-43C9-4C9E-8853-7188E90CAF93} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {533E5D81-F7B0-4AC2-872A-389412394BD0} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {56C5CB59-2C9D-4B36-B1D6-E4DF55F4A0D7} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {56D58BE8-250B-40D1-B2E0-C1CB5D15B707} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {5E0A8A50-F64A-4DFF-9EF3-734899D5AD22} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {738B2214-17A8-4468-BA17-DEE5A78D9699} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {7A0CA2B3-E88A-405B-9716-DF73148DFE9c} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: (no name) - {997D017B-09EC-416C-98CA-6FE572DA6BE0} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: (no name) - {AB0C0AB6-853D-4C1E-92AD-7C0FEF939859} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
    O2 - BHO: (no name) - {B58EF0E9-8D02-4665-A778-4FD4ABB13AC4} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O2 - BHO: (no name) - {C18CE77E-4DEA-4EDC-83D2-C34CD32DF883} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: (no name) - {CC5A88C5-D484-4394-983C-5CD08E12E349} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {D30411FA-CCEE-4FA0-B285-8248875CA769} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: (no name) - {DE73E8C4-0099-4E2A-9731-FC78745FF61f} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {E2E4D7DF-487E-4CBD-9D07-583AA567630b} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: (no name) - {F0271766-18B9-4350-81EC-5017337F3408} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
    O2 - BHO: (no name) - {F145B3E6-58C0-4369-B355-BD0B8BFB6DF0} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O2 - BHO: (no name) - {FB2C0EC3-73B3-4661-8092-3B9246864CA4} - C:\WINDOWS\System32\dbnmpntw32.dll (file missing)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Mirar - {C08A398E-2CD5-4328-815C-46AE1E461DCC} - C:\WINDOWS\system32\win7078.dll (file missing)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll (file missing)
    O4 - HKLM\..\Run: [NI.UWFX5V_0001_0725] "C:\Documents and Settings\Françoise\Local Settings\Temporary Internet Files\Content.IE5\CXEJU30D\WinFixer2005ScannerInstallFRA[1].exe"
    O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\Françoise\Local Settings\Temporary Internet Files\Content.IE5\4TMN85YR\WinFixer2005ScannerInstallFRA[1].exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SGPUpdater] C:\Program Files\Search Guard PlusU\sgpUpdaters.exe
    O4 - HKLM\..\Run: [FBSearch] C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-1757981266-764733703-682003330-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Daniel')
    O4 - HKUS\S-1-5-21-1757981266-764733703-682003330-1009\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Daniel')
    O4 - HKUS\S-1-5-21-1757981266-764733703-682003330-1009\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Daniel')
    O4 - HKUS\S-1-5-21-1757981266-764733703-682003330-1009\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'Daniel')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0....
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie....
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {775879E2-7309-4619-BB02-AADE41F4B690} (CPlayFirstdreamControl Object) - http://m.boonty.com/webgames/DreamChronicles/dreamweb.1...
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1...
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O21 - SSODL: syshelps - {ADB124D0-178F-436C-A928-2E5C64147F13} - syshelps.dll (file missing)
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: Service Google Update (gupdate1c9c0fd38142cf8) (gupdate1c9c0fd38142cf8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe

    --
    End of file - 15484 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Google Software Updater.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{00827DDD-2E75-4614-AAD1-6572CA91AB81}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\SOFTWARE]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{059814A2-E0A0-4D05-AA80-EA70F4C7D30f}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
    MediaBar - C:\Program Files\BearShareTb\BearShareDx.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E452D64-1DA5-413C-A937-3704F48C1967}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19FB2527-478A-4BC0-9948-12DFAFAE4A8d}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{213796D5-5430-459A-BDF0-7A7150A5F17f}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22B35DE2-11B8-4836-85A3-1AD81009F3C7}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-03-06 1088296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-04-19 312928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{308871DC-3BE9-4280-A542-14BE1C7FE3Db}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3137E80F-DB66-4DE9-8162-9564E30CA499}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47229EB1-D6F4-449D-8154-79D9D94F83A8}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49CD79A7-537F-42B8-BC11-F350AC21037e}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{52759141-0718-4AE3-A3E0-E4410B7B7064}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{533DFC70-43C9-4C9E-8853-7188E90CAF93}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{533E5D81-F7B0-4AC2-872A-389412394BD0}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56C5CB59-2C9D-4B36-B1D6-E4DF55F4A0D7}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56D58BE8-250B-40D1-B2E0-C1CB5D15B707}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5E0A8A50-F64A-4DFF-9EF3-734899D5AD22}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{738B2214-17A8-4468-BA17-DEE5A78D9699}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A0CA2B3-E88A-405B-9716-DF73148DFE9c}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
    ST - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{997D017B-09EC-416C-98CA-6FE572DA6BE0}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-26 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB0C0AB6-853D-4C1E-92AD-7C0FEF939859}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-02 762864]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B58EF0E9-8D02-4665-A778-4FD4ABB13AC4}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
    MSNToolBandBHO - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C18CE77E-4DEA-4EDC-83D2-C34CD32DF883}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-26 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC5A88C5-D484-4394-983C-5CD08E12E349}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D30411FA-CCEE-4FA0-B285-8248875CA769}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE73E8C4-0099-4E2A-9731-FC78745FF61f}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2E4D7DF-487E-4CBD-9D07-583AA567630b}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
    SearchSettings Class - C:\Program Files\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0271766-18B9-4350-81EC-5017337F3408}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}]
    Search Assistant - C:\Program Files\SGPSA\BHO.dll [2009-07-10 732672]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F145B3E6-58C0-4369-B355-BD0B8BFB6DF0}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB2C0EC3-73B3-4661-8092-3B9246864CA4}]
    C:\WINDOWS\System32\dbnmpntw32.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624]
    {C08A398E-2CD5-4328-815C-46AE1E461DCC} - Mirar - C:\WINDOWS\system32\win7078.dll []
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-26 256112]
    {0974BA1E-64EC-11DE-B2A5-E43756D89593} - MediaBar - C:\Program Files\BearShareTb\BearShareDx.dll []

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NI.UWFX5V_0001_0725"=C:\Documents and Settings\Françoise\Local Settings\Temporary Internet Files\Content.IE5\CXEJU30D\WinFixer2005ScannerInstallFRA[1].exe []
    "NI.UWFX5V_0001_LP"=C:\Documents and Settings\Françoise\Local Settings\Temporary Internet Files\Content.IE5\4TMN85YR\WinFixer2005ScannerInstallFRA[1].exe []
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-04-19 198160]
    "SGPUpdater"=C:\Program Files\Search Guard PlusU\sgpUpdaters.exe [2009-05-15 67456]
    "FBSearch"=C:\Program Files\Search Guard Plus\SearchGuardPlus.exe [2009-05-04 194432]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
    "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
    "MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 172544]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-03-02 68856]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-16 63712]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
    bthprops.cpl,,BluetoothAuthenticationAgent []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
    C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-18 1848648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
    C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\copy bin slow 16]
    C:\Documents and Settings\All Users\Application Data\Send acid copy bin\Axis safe.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2008-02-13 564496]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
    C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-02-13 2196240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Portfolio]
    C:\Program Files\Microsoft Works\WksSb.exe [2000-07-12 311350]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
    C:\Program Files\Microsoft Works\WkDetect.exe [2000-08-04 28739]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnlivesearch]
    C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe [2008-10-26 49152]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
    C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UWFX5V]
    C:\Documents and Settings\Cyril\Bureau\Installations\WinFixer2005ScannerInstallFRA.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UWFX5V_0001_0802]
    C:\Documents and Settings\Françoise\Local Settings\Temporary Internet Files\Content.IE5\KZE3ELA5\WFI_FRA[1].exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2006-06-15 229376]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
    C:\Program Files\Search Settings\SearchSettings.exe [2008-06-12 991584]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    C:\Program Files\Skype\Phone\Skype.exe [2009-03-06 24095528]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-03-02 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-04-19 198160]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorksFUD]
    C:\Program Files\Microsoft Works\wkfud.exe [2000-07-12 24576]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
    C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2004-10-12 113664]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Contrôleur de calendrier Ulead.lnk]
    C:\PROGRA~1\ULEADS~1\ULEADP~1.0SE\CalCheck.exe [2002-05-03 69632]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2008-12-09 66864]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MaxiMemo.lnk]
    C:\PROGRA~1\MaxiMemo\MaxiMemo.exe [2007-02-26 828928]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    C:\PROGRA~1\MICROS~4\Office\OSA9.EXE [2000-01-21 65588]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PHOTOfunSTUDIO -viewer-.lnk]
    C:\PROGRA~1\PANASO~1\PHOTOF~1\PHAUTO~1.EXE [2007-11-16 40960]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Rappels du Calendrier Microsoft Works.lnk]
    C:\PROGRA~1\FICHIE~1\MICROS~1\WORKSS~1\wkcalrem.exe [2000-07-12 24633]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Supervision de Photo Loader.lnk]
    C:\PROGRA~1\CASIO\PHOTOL~1\Plauto.exe [2002-08-22 217088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Françoise^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk]
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Boonty Games"=3

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
    syshelps - {ADB124D0-178F-436C-A928-2E5C64147F13} - syshelps.dll []

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Documents and Settings\Manon\Mes documents\Ma musique\LimeWire\LimeWire.exe"="C:\Documents and Settings\Manon\Mes documents\Ma musique\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
    "C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Shell"
    "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

    ======List of files/folders created in the last 1 months======

    2009-11-27 10:33:46 ----D---- C:\Documents and Settings\Françoise\Application Data\Malwarebytes
    2009-11-27 09:38:51 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-11-27 09:38:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-11-26 22:06:43 ----D---- C:\Program Files\Ad-Remover
    2009-11-26 20:52:35 ----D---- C:\Program Files\trend micro
    2009-11-26 20:52:30 ----D---- C:\rsit
    2009-11-24 22:42:02 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
    2009-11-24 22:41:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
    2009-11-22 10:13:07 ----D---- C:\Documents and Settings\Françoise\Application Data\BearShareTb
    2009-11-21 20:08:52 ----D---- C:\Documents and Settings\Françoise\Application Data\WinRAR
    2009-11-21 20:08:31 ----SHD---- C:\WINDOWS\system32\SysWoW32
    2009-11-21 20:07:03 ----SH---- C:\WINDOWS\system32\unrar.exe
    2009-11-21 20:07:03 ----D---- C:\WINDOWS\system32\1780081964
    2009-11-21 20:06:33 ----A---- C:\WINDOWS\system32\aJqCP.vbs
    2009-11-21 19:42:13 ----D---- C:\Program Files\MOVAVI
    2009-11-21 19:42:12 ----D---- C:\Program Files\HighMAT CD Writing Wizard
    2009-11-21 19:42:12 ----D---- C:\Program Files\ConvertMovie 5.0
    2009-11-21 19:38:42 ----D---- C:\Program Files\Fichiers communs\xing shared
    2009-11-21 19:38:32 ----D---- C:\Program Files\Search Settings
    2009-11-21 19:38:30 ----D---- C:\Program Files\Sensual Poker 5000 freeware
    2009-11-21 19:38:30 ----D---- C:\Documents and Settings\Françoise\Application Data\Search Settings
    2009-11-21 19:38:28 ----D---- C:\Program Files\Red Kawa
    2009-11-21 19:38:26 ----D---- C:\Program Files\Bonjour
    2009-11-21 19:38:22 ----D---- C:\Program Files\Search Guard Plus
    2009-11-21 19:37:55 ----HD---- C:\WINDOWS\$NtUninstallwmp11$
    2009-11-21 19:37:18 ----HD---- C:\WINDOWS\$NtUninstallWMFDist11$
    2009-11-21 15:25:32 ----N---- C:\WINDOWS\system32\spmsg.dll
    2009-11-21 15:25:10 ----A---- C:\WINDOWS\imsins.BAK
    2009-11-21 13:50:12 ----D---- C:\Documents and Settings\Françoise\Application Data\LimeWire
    2009-11-21 13:31:13 ----D---- C:\Documents and Settings\Françoise\Application Data\PC Suite
    2009-11-21 13:28:08 ----A---- C:\WINDOWS\OEWABLog.txt
    2009-11-20 23:04:03 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
    2009-11-20 22:26:50 ----D---- C:\Documents and Settings\Françoise\Application Data\Macromedia
    2009-11-20 22:26:48 ----D---- C:\Documents and Settings\Françoise\Application Data\Adobe
    2009-11-20 22:10:39 ----D---- C:\Documents and Settings\Françoise\Application Data\Apple Computer
    2009-11-20 21:01:24 ----D---- C:\Documents and Settings\Françoise\Application Data\Real
    2009-11-20 21:01:23 ----D---- C:\Documents and Settings\Françoise\Application Data\Identities
    2009-11-20 20:46:02 ----D---- C:\Documents and Settings\Françoise\Application Data\Google
    2009-11-20 20:38:18 ----ASH---- C:\Documents and Settings\Françoise\Application Data\desktop.ini
    2009-11-20 20:38:14 ----SD---- C:\Documents and Settings\Françoise\Application Data\Microsoft
    2009-11-05 20:29:18 ----D---- C:\WINDOWS\tmp

    ======List of files/folders modified in the last 1 months======

    2009-11-27 17:02:52 ----D---- C:\WINDOWS\Prefetch
    2009-11-27 15:53:39 ----SH---- C:\boot.ini
    2009-11-27 15:53:39 ----A---- C:\WINDOWS\win.ini
    2009-11-27 15:53:39 ----A---- C:\WINDOWS\system.ini
    2009-11-27 15:53:09 ----D---- C:\WINDOWS\Temp
    2009-11-27 15:47:38 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-11-27 15:45:59 ----SD---- C:\WINDOWS\Tasks
    2009-11-27 14:56:45 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-11-27 11:50:37 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
    2009-11-27 10:30:14 ----D---- C:\WINDOWS\system32
    2009-11-27 10:24:45 ----RD---- C:\Program Files
    2009-11-27 10:24:45 ----D---- C:\WINDOWS
    2009-11-27 09:38:55 ----D---- C:\WINDOWS\system32\drivers
    2009-11-27 00:39:36 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-11-27 00:21:30 ----D---- C:\WINDOWS\Minidump
    2009-11-25 19:52:09 ----SHD---- C:\WINDOWS\Installer
    2009-11-25 19:52:09 ----D---- C:\Config.Msi
    2009-11-24 22:42:08 ----HD---- C:\WINDOWS\inf
    2009-11-24 22:41:47 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-11-24 22:40:02 ----HD---- C:\WINDOWS\$hf_mig$
    2009-11-24 22:39:46 ----D---- C:\WINDOWS\WinSxS
    2009-11-22 09:50:17 ----D---- C:\Program Files\LimeWire
    2009-11-21 20:05:40 ----D---- C:\WINDOWS\Debug
    2009-11-21 19:49:16 ----D---- C:\WINDOWS\system32\CatRoot
    2009-11-21 19:44:41 ----D---- C:\WINDOWS\system32\config
    2009-11-21 19:44:10 ----D---- C:\WINDOWS\system32\wbem
    2009-11-21 19:44:09 ----D---- C:\WINDOWS\Registration
    2009-11-21 19:40:26 ----D---- C:\WINDOWS\system32\URTTemp
    2009-11-21 19:39:09 ----D---- C:\Program Files\Panda Security
    2009-11-21 19:39:00 ----D---- C:\Program Files\Fichiers communs\Labtec
    2009-11-21 19:38:47 ----D---- C:\Program Files\Fichiers communs\Real
    2009-11-21 19:38:29 ----D---- C:\Program Files\Windows Live
    2009-11-21 19:38:10 ----D---- C:\Program Files\Windows Media Player
    2009-11-21 19:38:07 ----D---- C:\Program Files\Windows Media Connect 2
    2009-11-21 16:18:32 ----D---- C:\WINDOWS\Help
    2009-11-21 14:54:08 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-11-21 12:34:53 ----D---- C:\WINDOWS\Microsoft.NET
    2009-11-21 12:34:52 ----RSD---- C:\WINDOWS\assembly
    2009-11-21 11:28:36 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-11-21 11:18:25 ----D---- C:\Program Files\Fichiers communs
    2009-11-21 11:07:31 ----D---- C:\Program Files\Microsoft Office
    2009-11-21 11:07:30 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-11-21 10:43:37 ----D---- C:\Program Files\Logitech
    2009-11-21 10:41:11 ----D---- C:\Program Files\Java
    2009-11-21 10:20:45 ----D---- C:\Program Files\Google
    2009-11-20 21:01:22 ----D---- C:\Program Files\Everest Poker
    2009-11-20 21:00:22 ----D---- C:\Program Files\Internet Explorer
    2009-11-20 21:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
    2009-11-20 21:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
    2009-11-20 21:00:13 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
    2009-11-20 21:00:10 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
    2009-11-20 20:59:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
    2009-11-20 20:59:47 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-11-20 20:59:37 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-11-20 20:59:30 ----D---- C:\Program Files\Adobe
    2009-11-20 20:58:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
    2009-11-20 20:44:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-11-20 20:38:11 ----D---- C:\Documents and Settings
    2009-11-05 09:36:22 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-10-28 16:07:15 ----N---- C:\WINDOWS\system32\tzchange.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-18 55656]
    R3 ac97intc;Service d'installation du pilote audio Intel(r) 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys [2001-08-23 908000]
    R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-02-05 25624]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-05-15 9856]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
    R3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-29 167424]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
    S3 BTHMODEM;Pilote de communications modem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
    S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
    S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
    S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
    S3 catchme;catchme; \??\C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2008-02-05 689176]
    S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2008-02-06 628760]
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2008-02-06 41752]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
    S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
    S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
    S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-09-06 47360]
    S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2008-02-06 13848]
    S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
    S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2008-02-06 2570520]
    S3 QV2KUX;Appareil photo numérique Casio; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
    S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
    S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SQTECH905C;DaulCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2004-08-04 29400]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
    R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2008-02-05 186904]
    R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-02-05 150040]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
    R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S2 gupdate1c9c0fd38142cf8;Service Google Update (gupdate1c9c0fd38142cf8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-19 133104]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-17 194032]
    S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
    S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2008-02-05 141848]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-11 57344]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 ServiceLayer;ServiceLayer; C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S4 AdobeActiveFileMonitor;Adobe Active File Monitor; C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-12 98304]
    S4 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []
    S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------


    a c 267 8 Sécurité
    27 Novembre 2009 17:35:44

    Tu peux réessayer la manip' avec Ad-Remover ?
    27 Novembre 2009 21:46:21

    Voici le rapport AD-remover :

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_D | UNIQUEMENT XP/VISTA/7 =======
    .
    Mit à jour par C_XX le 25.11.2009 à 18:47
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 20:53:40, 27/11/2009 | Mode Normal | Option: SCAN
    Exécuté de: C:\Program Files\Ad-Remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: RUCHE-A69D65ECC | Utilisateur actuel: Fran‡oise
    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    .
    C:\DOCUME~1\FRANOI~1\APPLIC~1\Search Settings
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Poker
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Poker 770
    C:\Program Files\Everest Poker
    C:\Program Files\Fast Browser Search
    C:\Program Files\GamesBar
    C:\Program Files\Search Guard Plus
    C:\Program Files\Search Guard PlusU
    C:\Program Files\Search Settings
    C:\Program Files\SGPSA
    C:\WINDOWS\gvcasinos.ini
    C:\Windows\Installer\c06ef3.msi
    C:\DOCUME~1\FRANOI~1\Bureau\Fran‡oise\Jeux\Poker 770\casino.exe
    C:\DOCUME~1\FRANOI~1\Bureau\Fran‡oise\Jeux\Poker 770\replace.exe
    C:\DOCUME~1\ALLUSE~1\Bureau\Everest Poker.lnk
    C:\DOCUME~1\ALLUSE~1\Bureau\Poker 770.lnk
    .
    HKCU\software\FBSearch
    HKCU\software\microsoft\internet explorer\searchscopes\{D28E0F4B-0440-4B98-BDBB-D88FDFF95158}
    HKCU\software\Search Settings
    HKLM\Software\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
    HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    HKLM\Software\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    HKLM\software\classes\SearchSettings.BHO
    HKLM\software\classes\SearchSettings.BHO.1
    HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
    HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
    HKLM\software\Dealio
    HKLM\software\GamesBarSetup
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A9467B4-C085-11DD-BC92-869555D89593}
    HKLM\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin
    HKLM\software\microsoft\shared tools\msconfig\startupreg\SearchSettings
    HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\FBSearch
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SGPUpdater
    HKLM\software\microsoft\windows\currentversion\uninstall\Everest Poker
    HKLM\software\microsoft\windows\currentversion\uninstall\Poker 770
    HKLM\software\microsoft\windows\currentversion\uninstall\Search Guard Plus
    HKLM\software\microsoft\windows\currentversion\uninstall\Search Guard Plus Updater
    HKLM\software\Poker 770
    HKLM\software\Search Settings
    HKLM\software\Titan Poker
    HKLM\software\Trymedia Systems
    HKU\.default\software\Fun Web Products
    HKU\s-1-5-18\software\Fun Web Products
    HKU\s-1-5-19\software\Fun Web Products
    HKU\s-1-5-20\software\Fun Web Products
    HKU\s-1-5-21-1757981266-764733703-682003330-1004\software\FBSearch
    HKU\s-1-5-21-1757981266-764733703-682003330-1004\software\Search Settings
    .
    ============== Scan additionnel ==============
    .
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8
    Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
    Start Page Redirect Cache_TIMESTAMP: NARY 8a24fe26286aca01
    Start Page Redirect Cache AcceptLangs: fr
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://www.duxet.com/
    Search Bar: hxxp://www.mirarsearch.com/?useie5=1&q=
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: hxxp://www.fastbrowsersearch.com/new-tab/?v=18&tid=0
    .
    ============== Suspect (Cracks, Serials, ...) ==============
    .
    C:\Documents and Settings\Cyril\Local Settings\Temp\Patch_MSN_Messenger.EXE
    .
    ===================================
    .
    520 Octet(s) - C:\Ad-Report-SCAN[1].log
    520 Octet(s) - C:\Ad-Report-SCAN[2].log
    4707 Octet(s) - C:\Ad-Report-SCAN[3].log
    .
    83 Fichier(s) - C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp
    331 Fichier(s) - C:\WINDOWS\Temp
    .
    3 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
    0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
    .
    Fin à: 21:13:59 | 27/11/2009 - SCAN[3]
    .
    ============== E.O.F ==============
    .
    Je n'ai plus de fenêtres intempestives. Merci beaucoup. Mais peut-être il y a encore quelques manip. à faire ?
    28 Novembre 2009 14:09:18

    Destrio5 a dit :
    Tu peux réessayer la manip' avec Ad-Remover ?


    Salut,

    Je tiens à te remercier tout particulièrement et à te féliciter pour ta patience, ta disponibilité et ta compétence.

    J'ai encore un petit problème : sur cette page mon PC affiche en bas à gauche "erreur sur la page" et quand j'ecris ce message, les mots mettent bcp de temps à s'afficher. Cela à chaque fois que je vais dans "répondre".
    As-tu une réponse?
    a c 267 8 Sécurité
    28 Novembre 2009 14:44:32

  • Fais l'option L d'Ad-Remover et poste le rapport.
    29 Novembre 2009 15:06:39

    Voici le rapport demandé :

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_D | UNIQUEMENT XP/VISTA/7 =======
    .
    Mit à jour par C_XX le 25.11.2009 à 18:47
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 14:12:45, 29/11/2009 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Program Files\Ad-Remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: RUCHE-A69D65ECC | Utilisateur actuel: Fran‡oise
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    C:\DOCUME~1\FRANOI~1\APPLIC~1\Search Settings
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Poker
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Poker 770
    C:\Program Files\Everest Poker
    C:\Program Files\Fast Browser Search
    C:\Program Files\GamesBar
    C:\Program Files\Search Guard Plus
    C:\Program Files\Search Guard PlusU
    C:\Program Files\Search Settings
    C:\Program Files\SGPSA
    C:\WINDOWS\gvcasinos.ini
    C:\Windows\Installer\c06ef3.msi
    C:\DOCUME~1\FRANOI~1\Bureau\Fran‡oise\Jeux\Poker 770\casino.exe
    C:\DOCUME~1\FRANOI~1\Bureau\Fran‡oise\Jeux\Poker 770\replace.exe
    C:\DOCUME~1\ALLUSE~1\Bureau\Everest Poker.lnk
    C:\DOCUME~1\ALLUSE~1\Bureau\Poker 770.lnk
    .
    HKCU\software\FBSearch
    HKCU\software\microsoft\internet explorer\searchscopes\{D28E0F4B-0440-4B98-BDBB-D88FDFF95158}
    HKCU\software\Search Settings
    HKLM\Software\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
    HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    HKLM\Software\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    HKLM\software\classes\SearchSettings.BHO
    HKLM\software\classes\SearchSettings.BHO.1
    HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
    HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
    HKLM\software\Dealio
    HKLM\software\GamesBarSetup
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A9467B4-C085-11DD-BC92-869555D89593}
    HKLM\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin
    HKLM\software\microsoft\shared tools\msconfig\startupreg\SearchSettings
    HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\FBSearch
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SGPUpdater
    HKLM\software\microsoft\windows\currentversion\uninstall\Everest Poker
    HKLM\software\microsoft\windows\currentversion\uninstall\Poker 770
    HKLM\software\microsoft\windows\currentversion\uninstall\Search Guard Plus
    HKLM\software\microsoft\windows\currentversion\uninstall\Search Guard Plus Updater
    HKLM\software\Poker 770
    HKLM\software\Search Settings
    HKLM\software\Titan Poker
    HKLM\software\Trymedia Systems
    HKU\.default\software\Fun Web Products
    HKU\s-1-5-19\software\Fun Web Products
    HKU\s-1-5-20\software\Fun Web Products

    (!) -- Fichiers temporaires supprimés.

    .
    ============== Scan additionnel ==============
    .
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Start Page: hxxp://fr.msn.com/
    Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
    Start Page Redirect Cache_TIMESTAMP: NARY 8a24fe26286aca01
    Start Page Redirect Cache AcceptLangs: fr
    Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Search Bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ============== Suspect (Cracks, Serials, ...) ==============
    .
    C:\Documents and Settings\Cyril\Local Settings\Temp\Patch_MSN_Messenger.EXE
    .
    ===================================
    .
    4622 Octet(s) - C:\Ad-Report-CLEAN[1].log
    520 Octet(s) - C:\Ad-Report-SCAN[1].log
    520 Octet(s) - C:\Ad-Report-SCAN[2].log
    5037 Octet(s) - C:\Ad-Report-SCAN[3].log
    .
    9 Fichier(s) - C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp
    320 Fichier(s) - C:\WINDOWS\Temp
    .
    20 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
    118 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
    .
    Fin à: 14:40:28 | 29/11/2009 - CLEAN[1]
    .
    ============== E.O.F ==============
    .
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS