Votre question

Pc lent, fenetre qui s'ouvre et virus pffffff [resolu]

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
14 Septembre 2009 16:07:33

bonjour a tous,

bon j ai encore des soucis avec mon ordi pffff
debut juillet on a du changer le disque dur, et la semaine derniere j ai du le ramener car on ne pouvait plus aller sur internet et direct apres il buggait pffffffff

dc en gros mes problemes sont:
- pc lent
- des fenetres qui s'ouvrent tous le temps
- et des messages d alerte d antivir comme quoi tel virus essaye de rentrer

merci pour votre aide

Autres pages sur : lent fenetre ouvre virus pffffff resolu

a c 296 8 Sécurité
14 Septembre 2009 16:43:54

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    14 Septembre 2009 17:25:38

    alors voici ce que tu m a demande:

    info.txt logfile of random's system information tool 1.06 2009-09-14 17:19:57

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
    Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x040c -removeonly
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
    Foxit Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
    GIMP 2.6.4-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LogMeIn-->MsiExec.exe /I{7F831576-6246-42C7-B523-55B3F96509CC}
    Ma-Config.com-->MsiExec.exe /X{6C4D4FC0-467B-4BD7-8D11-50E49B2770D2}
    Media Access Startup-->"C:\Program Files\Media Access Startup\1.6.0.940\unins000.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB973874)-->"C:\WINDOWS\ie8updates\KB973874-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
    MobileMe Control Panel-->MsiExec.exe /I{CADBCBBA-6CDD-4119-B5ED-4AE075B153E7}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Motorola SM56 Data Fax Modem-->rundll32.exe sm56co.dll,SM56UnInstaller
    Mozilla Firefox (3.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Nero 9-->C:\Program Files\Fichiers communs\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
    Power Manager 1.10.2-->"C:\Program Files\Power Manager\unins000.exe"
    QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
    Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c REMOVE -removeonly
    SAGEM F@st 800-840-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x40c
    Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Sukoku 1.0 build 117-->C:\Program Files\Sukoku\uninstall.exe
    SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
    Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{406A5ABF-CA65-4E11-95C7-52228FE48F58} /l1036
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Wanadoo Messager-->C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG
    Wanadoo-->C:\PROGRA~1\Wanadoo\Shell.exe desinstall.shl
    Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
    Wireless LAN Client Installation Program-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12AC9C3C-0FE7-4307-B9C0-B19B2E7DD3CC}\setup.exe" -l0x9 -removeonly
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

    ======Security center information======

    AV: AntiVir Desktop

    ======System event log======

    Computer Name: SANDRINE-D8A4FE
    Event Code: 7036
    Message: Le service Acquisition d'image Windows (WIA) est entré dans l'état : en cours d'exécution.

    Record Number: 3609
    Source Name: Service Control Manager
    Time Written: 20090817120944.000000+120
    Event Type: Informations
    User:

    Computer Name: SANDRINE-D8A4FE
    Event Code: 7036
    Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.

    Record Number: 3608
    Source Name: Service Control Manager
    Time Written: 20090817120923.000000+120
    Event Type: Informations
    User:

    Computer Name: SANDRINE-D8A4FE
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Google Software Updater.

    Record Number: 3607
    Source Name: Service Control Manager
    Time Written: 20090817120923.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: SANDRINE-D8A4FE
    Event Code: 7036
    Message: Le service Configuration automatique sans fil est entré dans l'état : en cours d'exécution.

    Record Number: 3606
    Source Name: Service Control Manager
    Time Written: 20090816212722.000000+120
    Event Type: Informations
    User:

    Computer Name: SANDRINE-D8A4FE
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Configuration automatique sans fil.

    Record Number: 3605
    Source Name: Service Control Manager
    Time Written: 20090816212722.000000+120
    Event Type: Informations
    User: SANDRINE-D8A4FE\Sandrine

    =====Application event log=====

    Computer Name: SANDRINE-D8A4FE
    Event Code: 11728
    Message: Produit : Microsoft Office PowerPoint Viewer 2007 (French) -- La configuration s'est terminée correctement.

    Record Number: 1341
    Source Name: MsiInstaller
    Time Written: 20090903164218.000000+120
    Event Type: Informations
    User: SANDRINE-D8A4FE\Sandrine

    Computer Name: SANDRINE-D8A4FE
    Event Code: 1022
    Message: Produit : Microsoft Office PowerPoint Viewer 2007 (French) - La mise à jour 'Security Update for 2007 Microsoft Office System (KB969618)' a été installée.

    Record Number: 1340
    Source Name: MsiInstaller
    Time Written: 20090903164218.000000+120
    Event Type: Informations
    User: SANDRINE-D8A4FE\Sandrine

    Computer Name: SANDRINE-D8A4FE
    Event Code: 1000
    Message: Application défaillante iexplore.exe, version 8.0.6001.18702, module défaillant hpieaddon.dll, version 1.6.0.940, adresse de défaillance 0x0000466c.

    Record Number: 1339
    Source Name: Application Error
    Time Written: 20090903162731.000000+120
    Event Type: erreur
    User:

    Computer Name: SANDRINE-D8A4FE
    Event Code: 11728
    Message: Produit : Microsoft Office PowerPoint Viewer 2007 (French) -- La configuration s'est terminée correctement.

    Record Number: 1338
    Source Name: MsiInstaller
    Time Written: 20090903162200.000000+120
    Event Type: Informations
    User: SANDRINE-D8A4FE\Sandrine

    Computer Name: SANDRINE-D8A4FE
    Event Code: 1022
    Message: Produit : Microsoft Office PowerPoint Viewer 2007 (French) - La mise à jour 'Microsoft Office PowerPoint Viewer Service Pack 2 (SP2)' a été installée.

    Record Number: 1337
    Source Name: MsiInstaller
    Time Written: 20090903162200.000000+120
    Event Type: Informations
    User: SANDRINE-D8A4FE\Sandrine

    =====Security event log=====

    Computer Name: SANDRINE-D8A4FE
    Event Code: 538
    Message: Fermeture de la session utilisateur :

    Utilisateur : Sandrine

    Domaine : SANDRINE-D8A4FE

    Id. de la session : (0x0,0xA01A1)

    Type de session : 2


    Record Number: 10998
    Source Name: Security
    Time Written: 20090904164952.000000+120
    Event Type: Succès de l'audit
    User: SANDRINE-D8A4FE\Sandrine

    Computer Name: SANDRINE-D8A4FE
    Event Code: 576
    Message: Privilèges spéciaux assignés à la nouvelle session :

    Utilisateur :

    Domaine :

    Id. de la session : (0x0,0xA01A1)

    Privilèges : SeChangeNotifyPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege

    Record Number: 10997
    Source Name: Security
    Time Written: 20090904164952.000000+120
    Event Type: Succès de l'audit
    User: SANDRINE-D8A4FE\Sandrine

    Computer Name: SANDRINE-D8A4FE
    Event Code: 528
    Message: Ouverture de session réseau réussie :

    Utilisateur : Sandrine

    Domaine : SANDRINE-D8A4FE

    Id. de la session : (0x0,0xA01A1)

    Type de session : 2

    Processus de session : Advapi

    Package d'authentification : Negotiate

    Station de travail : SANDRINE-D8A4FE

    GUID d'ouv. de session : -

    Record Number: 10996
    Source Name: Security
    Time Written: 20090904164952.000000+120
    Event Type: Succès de l'audit
    User: SANDRINE-D8A4FE\Sandrine

    Computer Name: SANDRINE-D8A4FE
    Event Code: 680
    Message: Tentative d'ouverture de session par : MICROSOFT_AUTHENTICATION_PACKAGE_V1_0

    Compte d'ouverture de session : Sandrine

    Station de travail source : SANDRINE-D8A4FE

    Code erreur : 0x0


    Record Number: 10995
    Source Name: Security
    Time Written: 20090904164952.000000+120
    Event Type: Succès de l'audit
    User: AUTORITE NT\SYSTEM

    Computer Name: SANDRINE-D8A4FE
    Event Code: 538
    Message: Fermeture de la session utilisateur :

    Utilisateur : Sandrine

    Domaine : SANDRINE-D8A4FE

    Id. de la session : (0x0,0x9FF2E)

    Type de session : 2


    Record Number: 10994
    Source Name: Security
    Time Written: 20090904164951.000000+120
    Event Type: Succès de l'audit
    User: SANDRINE-D8A4FE\Sandrine

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\DivX Shared\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
    "PROCESSOR_REVISION"=0d08
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

    -----------------EOF-----------------


    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Sandrine at 2009-09-14 17:19:40
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 142 GB (93%) free of 153 GB
    Total RAM: 894 MB (43% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:19:54, on 14/09/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\LogMeIn\x86\RaMaint.exe
    C:\Program Files\LogMeIn\x86\LogMeIn.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\All Users\Application Data\Sukoku\sukoku117.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
    C:\Program Files\Power Manager\PM.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\Wanadoo\CnxMon.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Sukoku\sukoku.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Wanadoo\EspaceWanadoo.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\SearchFilterHost.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Documents and Settings\Sandrine\Local Settings\Temporary Internet Files\Content.IE5\RF0QA7NH\RSIT[1].exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\trend micro\Sandrine.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.6.0.940\HPIEAddOn.dll (file missing)
    O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.1.1010\ssd.dll (file missing)
    O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
    O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.touslesdrivers.com/fichiers/maconfig/MaConfi...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{359CE61C-CDD2-4CAD-828E-AD4BB33B0B63}: NameServer = 80.10.246.130 81.253.149.10
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: Sukoku Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Sukoku\sukoku117.exe

    --
    End of file - 9886 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{586604F4-8ACA-4EA8-ABDF-A25C554B4FD3}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
    Media Access Startup - C:\Program Files\Media Access Startup\1.6.0.940\HPIEAddOn.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
    NP Helper Class - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll [2009-08-31 196608]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-10 761840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-10 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
    System Search Dispatcher - C:\Program Files\System Search Dispatcher\1.4.1.1010\ssd.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-05-17 77824]
    "LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-07-24 63048]
    "PowerManager"=C:\Program Files\Power Manager\PM.exe [2005-12-14 159744]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
    "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-20 177472]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
    "WooCnxMon"=C:\PROGRA~1\Wanadoo\CnxMon.exe [2004-10-13 24576]
    "WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe [2004-10-13 24576]
    "WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\TaskbarIcon.exe [2004-10-13 49152]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-18 39408]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
    C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
    C:\WINDOWS\sm56hlpr.exe [2005-07-06 544768]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-06-22 46080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
    C:\WINDOWS\system32\LMIinit.dll [2009-09-08 87352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=95000000

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
    "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{67bb8122-7638-11de-bca2-4d6564696130}]
    shell\AutoRun\command - E:\yhh.bat
    shell\open\command - E:\yhh.bat


    ======List of files/folders created in the last 1 months======

    2009-09-14 17:19:41 ----D---- C:\Program Files\trend micro
    2009-09-14 17:19:40 ----D---- C:\rsit
    2009-09-10 16:46:57 ----D---- C:\Program Files\Avira
    2009-09-10 16:46:57 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-09-09 22:57:50 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
    2009-09-09 22:57:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-09-08 09:59:19 ----A---- C:\WINDOWS\imsins.BAK
    2009-09-08 09:58:58 ----D---- C:\Program Files\Microsoft Silverlight
    2009-09-04 16:18:46 ----D---- C:\Documents and Settings\Sandrine\Application Data\Yahoo!
    2009-09-04 16:18:44 ----D---- C:\Program Files\Yahoo!
    2009-09-04 16:18:42 ----D---- C:\Program Files\CCleaner
    2009-09-02 18:19:10 ----A---- C:\WINDOWS\system32\ffJmpWeb.dll
    2009-09-02 18:19:09 ----D---- C:\Program Files\Wanadoo Messager
    2009-09-01 21:15:17 ----D---- C:\Program Files\Sukoku
    2009-09-01 21:15:17 ----D---- C:\Documents and Settings\All Users\Application Data\Sukoku
    2009-09-01 21:15:02 ----D---- C:\Program Files\Media Access Startup
    2009-09-01 21:14:51 ----D---- C:\Program Files\Internet Saving Optimizer
    2009-09-01 21:14:25 ----D---- C:\Program Files\DoubleD
    2009-08-21 22:05:01 ----D---- C:\Program Files\iPod

    ======List of files/folders modified in the last 1 months======

    2009-09-14 17:19:47 ----D---- C:\WINDOWS\Prefetch
    2009-09-14 17:19:41 ----RD---- C:\Program Files
    2009-09-14 15:26:56 ----D---- C:\Program Files\Wanadoo
    2009-09-14 13:37:33 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-09-14 13:37:29 ----D---- C:\WINDOWS\Temp
    2009-09-14 13:37:10 ----D---- C:\Program Files\LogMeIn
    2009-09-13 22:38:34 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-09-11 23:19:08 ----SHD---- C:\WINDOWS\Installer
    2009-09-11 23:19:08 ----D---- C:\Config.Msi
    2009-09-11 23:19:07 ----D---- C:\WINDOWS\WinSxS
    2009-09-11 13:44:06 ----D---- C:\WINDOWS
    2009-09-10 16:47:12 ----D---- C:\WINDOWS\system32\drivers
    2009-09-10 16:47:11 ----HD---- C:\WINDOWS\inf
    2009-09-09 22:57:58 ----D---- C:\WINDOWS\Debug
    2009-09-09 22:57:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-09-09 22:57:52 ----D---- C:\WINDOWS\system32
    2009-09-09 22:57:46 ----HD---- C:\WINDOWS\$hf_mig$
    2009-09-09 22:57:29 ----D---- C:\WINDOWS\ie8updates
    2009-09-08 09:59:18 ----D---- C:\Program Files\Internet Explorer
    2009-09-08 09:58:20 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll
    2009-09-08 09:58:19 ----A---- C:\WINDOWS\system32\LMIport.dll
    2009-09-08 09:58:19 ----A---- C:\WINDOWS\system32\lmimirr2.dll
    2009-09-08 09:58:19 ----A---- C:\WINDOWS\system32\lmimirr.dll
    2009-09-08 09:58:19 ----A---- C:\WINDOWS\system32\LMIinit.dll
    2009-09-07 18:22:20 ----A---- C:\WINDOWS\win.ini
    2009-09-07 14:41:54 ----D---- C:\Program Files\Mozilla Firefox
    2009-09-04 17:17:41 ----D---- C:\WINDOWS\system32\Restore
    2009-09-04 16:24:12 ----D---- C:\WINDOWS\system32\LogFiles
    2009-09-02 18:27:07 ----D---- C:\Documents and Settings\Sandrine\Application Data\Help
    2009-09-02 13:09:59 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-08-31 20:28:47 ----D---- C:\WINDOWS\system32\1036
    2009-08-31 20:28:42 ----D---- C:\WINDOWS\system32\3com_dmi
    2009-08-28 23:38:20 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-08-23 23:21:39 ----D---- C:\Program Files\iTunes
    2009-08-21 22:05:00 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-08-21 22:03:29 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-08-21 15:37:52 ----D---- C:\Documents and Settings\Sandrine\Application Data\Apple Computer
    2009-08-21 15:35:19 ----D---- C:\Documents and Settings\All Users\Application Data\Apple

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
    R1 WINIO;WINIO; \??\C:\WINDOWS\system32\WinIo.sys []
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
    R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
    R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
    R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2004-03-02 127065]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-05-18 2319680]
    R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-02-13 1503840]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-22 1198592]
    R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-04-28 45056]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
    R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2005-07-06 925572]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-06-04 162176]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
    S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-03-02 50007]
    S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys []
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 DUBE100B;D-Link DUB-E100 USB 2.0 Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\DUBE100B.sys [2006-05-26 18560]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
    S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
    S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\Sandrine\LOCALS~1\Temp\mc22.tmp []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-22 368640]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2009-09-08 116032]
    R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-07-24 63040]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
    R2 Sukoku Service;Sukoku Service; C:\Documents and Settings\All Users\Application Data\Sukoku\sukoku117.exe [2009-09-02 54760]
    R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-18 182768]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    Contenus similaires
    a c 296 8 Sécurité
    14 Septembre 2009 18:17:14

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    14 Septembre 2009 18:48:24

    voila :


    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 2795
    Windows 5.1.2600 Service Pack 3

    14/09/2009 18:46:48
    mbam-log-2009-09-14 (18-46-48).txt

    Type de recherche: Examen rapide
    Eléments examinés: 100677
    Temps écoulé: 11 minute(s), 34 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 2
    Clé(s) du Registre infectée(s): 29
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 3
    Dossier(s) infecté(s): 22
    Fichier(s) infecté(s): 426

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll (Adware.DoubleD) -> Delete on reboot.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPCommon.dll (Adware.DoubleD) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\Program Files\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> Delete on reboot.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630 (Adware.DoubleD) -> Delete on reboot.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940 (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> Delete on reboot.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630 (Adware.DoubleD) -> Delete on reboot.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940 (Adware.DoubleD) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll (Adware.DoubleD) -> Delete on reboot.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\adwpx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPCommon.dll (Adware.DoubleD) -> Delete on reboot.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Saving Optimizer\3.7.1.4630\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\HPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\hppx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\MAHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Program Files\Media Access Startup\1.6.0.940\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090901-211530.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090901-211605.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090901-211633.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090901-223213.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090901-230335.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-161612.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-161754.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-161826.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-161930.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-162711.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-162738.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-165101.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-165259.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-165431.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-182659.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-182701.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-182732.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-183101.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-183618.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-184226.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-184330.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-184340.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-184647.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-184832.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-185515.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-185639.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-185733.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090903-185748.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-103045.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-103547.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-104236.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-104257.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-104326.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-111839.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-111958.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-112002.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-112136.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-121104.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-142436.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-142508.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-143109.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-143142.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-143152.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-143248.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-143421.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-143424.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-143424.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-181823.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-181925.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-182147.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-182156.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-182206.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-182403.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-182407.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-182413.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183043.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183054.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183104.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183112.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183143.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183220.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183303.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183311.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183346.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183356.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183552.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183625.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183637.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-183644.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-184017.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-184023.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-184029.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-184130.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090904-184159.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-144111.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-144153.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090907-144242.595.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-095144.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-095516.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-095519.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-095551.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-095640.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-095724.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-100747.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-104111.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-144241.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-144625.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-144745.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-145150.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-151033.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-151443.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-152125.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-152505.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-152954.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-154512.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-155459.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-160258.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-161122.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-162253.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-162612.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-162843.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-175914.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-180454.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-180811.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-181430.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-181506.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-181835.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-183321.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-203216.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-203222.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-204842.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090908-204939.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-093805.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-094036.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-094305.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-115839.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-115945.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-120436.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-120454.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-120644.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-120712.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-120749.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-125128.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-125523.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-130756.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-131653.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-133827.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-135000.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-210601.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-210607.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-211015.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-215216.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-215306.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-220119.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-220514.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090909-224034.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-123541.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-124054.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-131622.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-151402.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-151601.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-152008.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-152229.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-153819.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-154622.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-155106.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-155807.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-160625.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-162514.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-162739.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-162843.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-162916.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-164018.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-165215.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-165907.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-170025.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-170741.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-172339.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-173110.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-173749.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-174520.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-175318.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-181352.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-182316.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-182334.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-182643.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-213321.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-213509.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-214010.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-214238.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-214539.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-215019.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-220208.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090910-222946.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-134455.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-134735.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-202435.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-202637.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-202839.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-203155.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-203418.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-210707.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-211027.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-221337.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-221421.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-222058.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-222931.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-223446.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-224105.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-224555.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-230148.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090911-231305.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090912-100101.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090912-100741.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090912-101255.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090912-102402.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090912-154309.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090912-154530.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090912-155829.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090912-161019.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090912-162735.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-135107.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-135636.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-194731.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-194735.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-194933.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-195243.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-200403.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-202354.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-202549.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-203236.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-212311.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-212953.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-213335.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-213805.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-214123.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090913-221241.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-133843.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-144426.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-145041.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-152657.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-152700.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-153102.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-155703.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-155732.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-171657.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-171925.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-173224.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-173818.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-175202.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-175258.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-181503.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-181504.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-181505.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-181505.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-181506.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-181548.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-181833.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-182807.578.log (Adware.DoubleD) -> Delete on reboot.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\NP_20090914-183004.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Internet Saving Optimizer\3.7.1.4630\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090901-211505.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090901-211530.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090901-211605.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090901-211633.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090901-223213.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090901-230335.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-161612.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-161753.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-161826.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-161930.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-162711.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-162738.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-165101.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-165259.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-165431.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-182658.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-182701.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-182732.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-183101.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-183618.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-184226.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-184330.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-184340.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-184647.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-184832.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-185515.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-185639.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-185733.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090903-185748.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090904-103045.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090904-103547.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090904-104236.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090904-104257.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090904-104326.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090904-111839.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090904-111958.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090904-112002.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media Access Startup\1.6.0.940\HJHP_20090904-112136.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Sandrine\Local Settings\Application Data\Media
    a c 296 8 Sécurité
    14 Septembre 2009 18:58:25

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix pour l'exécuter.
    (Sous Vista, il faut cliquer droit sur le raccourci UsbFix et choisir Exécuter en tant qu'administrateur)
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    14 Septembre 2009 20:17:07


    ############################## | UsbFix V6.033 |

    User : Sandrine (Administrateurs) # SANDRINE-D8A4FE
    Update on 14/09/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 20:15:37 | 14/09/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html

    Intel(R) Celeron(R) M processor 1.60GHz
    Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled
    AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

    C:\ -> Disque fixe local # 149,04 Go (138,43 Go free) [Système] # NTFS
    D:\ -> Disque CD-ROM

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\LogMeIn\x86\RaMaint.exe
    C:\Program Files\LogMeIn\x86\LogMeIn.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\All Users\Application Data\Sukoku\sukoku117.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Sukoku\sukoku.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
    C:\Program Files\Power Manager\PM.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\Wanadoo\CnxMon.exe
    C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Wanadoo\EspaceWanadoo.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\iTunes\iTunes.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\SearchFilterHost.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## | Fichiers # Dossiers infectieux |


    ################## | Registre # Clés Run infectieuses |


    ################## | Registre # Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\{67bb8122-7638-11de-bca2-4d6564696130}
    Shell\AutoRun\command =E:\yhh.bat
    Shell\open\Command =E:\yhh.bat

    ################## | ! Fin du rapport # UsbFix V6.033 ! |

    a c 296 8 Sécurité
    14 Septembre 2009 20:58:40

    Tu peux faire l'option 2 et poster le rapport.
    14 Septembre 2009 21:36:55


    ############################## | UsbFix V6.033 |

    User : Sandrine (Administrateurs) # SANDRINE-D8A4FE
    Update on 14/09/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 21:28:23 | 14/09/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html

    Intel(R) Celeron(R) M processor 1.60GHz
    Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled
    AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

    C:\ -> Disque fixe local # 149,04 Go (138,31 Go free) [Système] # NTFS
    D:\ -> Disque CD-ROM

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\LogMeIn\x86\RaMaint.exe
    C:\Program Files\LogMeIn\x86\LogMeIn.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\All Users\Application Data\Sukoku\sukoku117.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\userinit.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Sukoku\sukoku.exe

    ################## | Fichiers # Dossiers infectieux |


    ################## | Registre # Clés Run infectieuses |


    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{67bb8122-7638-11de-bca2-4d6564696130}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [02/07/2009 17:06|--a------|1024] C:\.rnd
    [01/07/2009 18:37|--a------|0] C:\AUTOEXEC.BAT
    [03/07/2009 10:24|---hs----|216] C:\boot.ini
    [14/04/2008 14:00|-rahs----|4952] C:\Bootfont.bin
    [01/07/2009 18:37|--a------|0] C:\CONFIG.SYS
    [01/07/2009 18:37|-rahs----|0] C:\IO.SYS
    [01/07/2009 18:37|-rahs----|0] C:\MSDOS.SYS
    [14/04/2008 14:00|-rahs----|47564] C:\NTDETECT.COM
    [14/04/2008 14:00|-rahs----|252240] C:\ntldr
    [?|?|?] C:\pagefile.sys
    [14/09/2009 21:30|--a------|2723] C:\UsbFix.txt

    ################## | ! Fin du rapport # UsbFix V6.033 ! |

    a c 296 8 Sécurité
    14 Septembre 2009 21:49:07

  • Désinstalle Foxit Toolbar.

  • Refais un scan RSIT et poste le rapport log.
    14 Septembre 2009 21:59:09

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Sandrine at 2009-09-14 21:57:45
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 143 GB (94%) free of 153 GB
    Total RAM: 894 MB (51% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:57:58, on 14/09/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\LogMeIn\x86\RaMaint.exe
    C:\Program Files\LogMeIn\x86\LogMeIn.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\All Users\Application Data\Sukoku\sukoku117.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Sukoku\sukoku.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Wanadoo\EspaceWanadoo.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\Program Files\Wanadoo\Watch.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Sandrine\Local Settings\Temporary Internet Files\Content.IE5\D3YW7ZH0\RSIT[1].exe
    C:\Program Files\trend micro\Sandrine.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
    O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.touslesdrivers.com/fichiers/maconfig/MaConfi...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{359CE61C-CDD2-4CAD-828E-AD4BB33B0B63}: NameServer = 81.253.149.9 80.10.246.132
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: Sukoku Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Sukoku\sukoku117.exe

    --
    End of file - 8394 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{586604F4-8ACA-4EA8-ABDF-A25C554B4FD3}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-10 761840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-10 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-05-17 77824]
    "LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-07-24 63048]
    "PowerManager"=C:\Program Files\Power Manager\PM.exe [2005-12-14 159744]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
    "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-20 177472]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
    "WooCnxMon"=C:\PROGRA~1\Wanadoo\CnxMon.exe [2004-10-13 24576]
    "WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe [2004-10-13 24576]
    "WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\TaskbarIcon.exe [2004-10-13 49152]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-18 39408]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
    C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
    C:\WINDOWS\sm56hlpr.exe [2005-07-06 544768]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-06-22 46080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
    C:\WINDOWS\system32\LMIinit.dll [2009-09-08 87352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=255
    "NoDriveAutoRun"=FFFFFFFF
    "HonorAutoRunSetting"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
    "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2009-09-14 21:28:21 ----A---- C:\UsbFix.txt
    2009-09-14 20:14:10 ----D---- C:\UsbFix
    2009-09-14 18:33:17 ----D---- C:\Documents and Settings\Sandrine\Application Data\Malwarebytes
    2009-09-14 18:33:10 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-09-14 18:33:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-09-14 17:19:41 ----D---- C:\Program Files\trend micro
    2009-09-14 17:19:40 ----D---- C:\rsit
    2009-09-10 16:46:57 ----D---- C:\Program Files\Avira
    2009-09-10 16:46:57 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-09-09 22:57:50 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
    2009-09-09 22:57:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-09-08 09:59:19 ----A---- C:\WINDOWS\imsins.BAK
    2009-09-08 09:58:58 ----D---- C:\Program Files\Microsoft Silverlight
    2009-09-04 16:18:46 ----D---- C:\Documents and Settings\Sandrine\Application Data\Yahoo!
    2009-09-04 16:18:44 ----D---- C:\Program Files\Yahoo!
    2009-09-04 16:18:42 ----D---- C:\Program Files\CCleaner
    2009-09-02 18:19:10 ----A---- C:\WINDOWS\system32\ffJmpWeb.dll
    2009-09-02 18:19:09 ----D---- C:\Program Files\Wanadoo Messager
    2009-09-01 21:15:17 ----D---- C:\Program Files\Sukoku
    2009-09-01 21:15:17 ----D---- C:\Documents and Settings\All Users\Application Data\Sukoku
    2009-08-21 22:05:01 ----D---- C:\Program Files\iPod

    ======List of files/folders modified in the last 1 months======

    2009-09-14 21:57:49 ----D---- C:\WINDOWS\Prefetch
    2009-09-14 21:56:16 ----D---- C:\Program Files\Wanadoo
    2009-09-14 21:51:33 ----RD---- C:\Program Files
    2009-09-14 21:30:39 ----D---- C:\WINDOWS\Temp
    2009-09-14 21:30:11 ----SHD---- C:\RECYCLER
    2009-09-14 21:28:14 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-09-14 18:48:38 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-09-14 18:33:12 ----D---- C:\WINDOWS\system32\drivers
    2009-09-14 13:37:10 ----D---- C:\Program Files\LogMeIn
    2009-09-11 23:19:08 ----SHD---- C:\WINDOWS\Installer
    2009-09-11 23:19:08 ----D---- C:\Config.Msi
    2009-09-11 23:19:07 ----D---- C:\WINDOWS\WinSxS
    2009-09-11 13:44:06 ----D---- C:\WINDOWS
    2009-09-10 16:47:11 ----HD---- C:\WINDOWS\inf
    2009-09-09 22:57:58 ----D---- C:\WINDOWS\Debug
    2009-09-09 22:57:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-09-09 22:57:52 ----D---- C:\WINDOWS\system32
    2009-09-09 22:57:46 ----HD---- C:\WINDOWS\$hf_mig$
    2009-09-09 22:57:29 ----D---- C:\WINDOWS\ie8updates
    2009-09-08 09:59:18 ----D---- C:\Program Files\Internet Explorer
    2009-09-08 09:58:20 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll
    2009-09-08 09:58:19 ----A---- C:\WINDOWS\system32\LMIport.dll
    2009-09-08 09:58:19 ----A---- C:\WINDOWS\system32\lmimirr2.dll
    2009-09-08 09:58:19 ----A---- C:\WINDOWS\system32\lmimirr.dll
    2009-09-08 09:58:19 ----A---- C:\WINDOWS\system32\LMIinit.dll
    2009-09-07 18:22:20 ----A---- C:\WINDOWS\win.ini
    2009-09-07 14:41:54 ----D---- C:\Program Files\Mozilla Firefox
    2009-09-04 17:17:41 ----D---- C:\WINDOWS\system32\Restore
    2009-09-04 16:24:12 ----D---- C:\WINDOWS\system32\LogFiles
    2009-09-02 18:27:07 ----D---- C:\Documents and Settings\Sandrine\Application Data\Help
    2009-09-02 13:09:59 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-08-31 20:28:47 ----D---- C:\WINDOWS\system32\1036
    2009-08-31 20:28:42 ----D---- C:\WINDOWS\system32\3com_dmi
    2009-08-28 23:38:20 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-08-23 23:21:39 ----D---- C:\Program Files\iTunes
    2009-08-21 22:05:00 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-08-21 22:03:29 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-08-21 15:37:52 ----D---- C:\Documents and Settings\Sandrine\Application Data\Apple Computer
    2009-08-21 15:35:19 ----D---- C:\Documents and Settings\All Users\Application Data\Apple

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
    R1 WINIO;WINIO; \??\C:\WINDOWS\system32\WinIo.sys []
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
    R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
    R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
    R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2004-03-02 127065]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-05-18 2319680]
    R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-02-13 1503840]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-22 1198592]
    R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-04-28 45056]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
    R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2005-07-06 925572]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-06-04 162176]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
    S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-03-02 50007]
    S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys []
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 DUBE100B;D-Link DUB-E100 USB 2.0 Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\DUBE100B.sys [2006-05-26 18560]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
    S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-22 368640]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2009-09-08 116032]
    R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-07-24 63040]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
    R2 Sukoku Service;Sukoku Service; C:\Documents and Settings\All Users\Application Data\Sukoku\sukoku117.exe [2009-09-02 54760]
    R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-18 182768]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    a c 296 8 Sécurité
    14 Septembre 2009 22:03:22

    Est-ce toi qui a installé Sukoku ?
    14 Septembre 2009 22:12:31

    non je sais meme pas ce que sait!
    a c 296 8 Sécurité
    14 Septembre 2009 22:15:06

  • Désinstalle Sukoku.

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Double-clique sur OTM.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :services
    Sukoku Service

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    :files
    C:\Program Files\Sukoku
    C:\Documents and Settings\All Users\Application Data\Sukoku

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    14 Septembre 2009 22:38:09

    y a un probleme

    quand je colle le texte et que j appui sur move it, toutes les fenetres se ferment, je ne peut plus rien faire, j ai juste mon image de fond, plus d icones
    a c 296 8 Sécurité
    14 Septembre 2009 22:53:40

    Essaie de faire la manip' en mode sans échec.

    Pour redémarrer en mode sans échec :
  • Redémarre ton PC.
  • Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
  • Dans le menu d'options avancées, choisis Mode sans échec.
  • Choisis ta session.
    15 Septembre 2009 18:19:41

    bonjour,
    bon j ai enfin trouve pourquoi ca buggait
    tout simplement parce que je n avais pas enregistre OTM, je l executais en fait

    dc voici le rapport:
    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== SERVICES/DRIVERS ==========
    Service\Driver Sukoku Service not found.
    Service\Driver Sukoku Service not found.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    ========== FILES ==========
    File/Folder C:\Program Files\Sukoku not found.
    File/Folder C:\Documents and Settings\All Users\Application Data\Sukoku not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    ->Temporary Internet Files folder emptied: 13470406 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 598322 bytes

    User: Sandrine
    ->Temp folder emptied: 12690 bytes
    ->Temporary Internet Files folder emptied: 325333571 bytes
    ->FireFox cache emptied: 22312374 bytes

    %systemdrive% .tmp files removed: 0 bytes
    C:\WINDOWS\msdownld.tmp folder deleted successfully.
    %systemroot% .tmp files removed: 2351795 bytes
    %systemroot%\System32 .tmp files removed: 8352 bytes
    Windows Temp folder emptied: 0 bytes
    RecycleBin emptied: 43905248 bytes

    Total Files Cleaned = 389,12 mb


    OTM by OldTimer - Version 3.0.0.6 log created on 09152009_181248

    Files moved on Reboot...

    Registry entries deleted on Reboot...
    a c 296 8 Sécurité
    15 Septembre 2009 19:03:24

    Bien. Plus de souci ?

  • Double-clique sur l'icône d'AntiVir (Parapluie) dans la barre des tâches.
  • Dans AntiVir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages puis valide.
  • Fais un scan complet, clique sur Tout réparer si AntiVir trouve quelque chose et poste le rapport.

    Tutoriel : Scanner le(s) disque(s) dur(s)
    15 Septembre 2009 22:56:31

    tout est en anglais, je comprend rien, je trouve pas pfffffffff
    a c 296 8 Sécurité
    15 Septembre 2009 23:06:20

    Qu'est-ce qui est en anglais ?
    16 Septembre 2009 14:01:30

    antivir

    et depuis hier on a plus de son
    16 Septembre 2009 14:45:19

    c bon j ai reussi!!
    scan fait, rien detecte
    a c 296 8 Sécurité
    16 Septembre 2009 14:49:48

    Le son n'est pas en muet ?
    16 Septembre 2009 19:00:42

    bah non, j ai regarde
    c bizarre c venu d un coup
    a c 296 8 Sécurité
    16 Septembre 2009 20:36:55

    Ok. Le PC va bien ?
    17 Septembre 2009 18:36:47

    oui ca va, je le trouve un peu lent
    17 Septembre 2009 18:37:08

    et pour le son je fais quoi?
    a c 296 8 Sécurité
    17 Septembre 2009 18:40:00

    Tu m'as dit que le son refonctionnait.

    Tu as fait une défragmentation ?
    18 Septembre 2009 17:13:08

    non non il ne refonctionne pas

    je vais faire une defragmentation
    merci
    a c 296 8 Sécurité
    19 Septembre 2009 00:05:24

    Marque et modèle du PC ?
    24 Septembre 2009 17:11:21

    bonjour, excuse moi de mon absence, assez surchargee lol

    donc c un ordi portable siemens amilo

    quand je rentre dans ma session, j ai une fenetre qui s ouvre pour installer un nouveau peripherique.
    et c bien le son, dc j ai essaye de le reinstaller mais ca marche pas, surtout que j ai pas de cd pour ca.
    quand je vais dans panneau de configuration et ensuite dans sons et peripherique audio, y a ecrit dans la 1ere fenetre "aucun peripherique audio"

    a c 296 8 Sécurité
    24 Septembre 2009 17:28:31

    Citation :
    portable siemens amilo

    --> Ce n'est pas assez précis. Exemples : Amilo Si1520, Amilo Xa2528, etc.
    24 Septembre 2009 17:31:49

    ha mince excuse moi
    amilo L1310G

    j espere que c bon
    24 Septembre 2009 20:26:54

    merci je le fais de suite
    24 Septembre 2009 21:00:14

    youpi ca marche
    merci beaucoup

    on a fini?
    a c 296 8 Sécurité
    25 Septembre 2009 03:01:48

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Pour supprimer les popups d'AntiVir : Lien

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    25 Septembre 2009 17:15:22

    dc voici le rapport


    [ Rapport ToolsCleaner version 2.3.10 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\UsbFix.txt: trouvé !
    C:\_OTM: trouvé !
    C:\UsbFix: trouvé !
    C:\Rsit: trouvé !
    C:\Documents and Settings\Sandrine\Bureau\OTM.exe: trouvé !
    C:\Program Files\trend micro\HijackThis.exe: trouvé !
    C:\Program Files\trend micro\hijackthis.log: trouvé !

    ---------------------------------
    --> Suppression:

    C:\Documents and Settings\Sandrine\Bureau\OTM.exe: supprimé !
    C:\Program Files\trend micro\HijackThis.exe: supprimé !
    C:\UsbFix.txt: supprimé !
    C:\Program Files\trend micro\hijackthis.log: supprimé !
    C:\_OTM: supprimé !
    C:\UsbFix: supprimé !
    C:\Rsit: supprimé !
    a c 296 8 Sécurité
    25 Septembre 2009 17:19:36

    Tu peux supprimer ToolsCleaner.
    25 Septembre 2009 18:26:09

    ok merci

    merci pour ton aide encore une fois
    on va surement se revoir vu que j arrete pas d avoir des soucis lol

    merci pour ta disponibilite
    bonne continuation
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS