Se connecter / S'enregistrer
Votre question

[Résolu] Applications tres lentes, voires inactives

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
14 Mai 2009 09:41:29

hello

bé voilà depuis peu mon Pc est tres lent. quand je lance une application ça prend des plombes. (3 minutes a peu pres) j ai lancé un scan avec antivir et rien, je tente une defrag et pas moyen que ça se lance. je ne sais pas d ou cela peut venir

j ai besoin d aide please! j ai toutes mes creations sur ce pc... xp pack3 2go de ram

je poste un rapport hijack des fois.. merciii



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:40:51, on 14/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\dllhost.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\apps\ABoard\ABoard.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\apps\ABoard\AOSD.exe
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\WINDOWS\eHome\ehmsas.exe
D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskmgr.exe
D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Documents and Settings\Kuro\Mes documents\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/APPS/IE/offline/fr.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5F11D5D5-3FB2-4ADD-84AD-D69BC9A5D312} - (no file)
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EmailChecker] C:\APPS\EmailChecker\ech.exe
O4 - HKLM\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Winamp Search - D:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - http://www.piclens.com/shared/plinstll.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: jKARkjjJ - jKARkjjJ.dll (file missing)
O20 - Winlogon Notify: ljJBSKBU - ljJBSKBU.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c8c10e92d04a4b) (gupdate1c8c10e92d04a4b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 15727 bytes

Autres pages sur : resolu applications tres lentes voires inactives

a c 267 8 Sécurité
14 Mai 2009 12:52:01

Bonjour,

Je vois des traces de Vundo/Virtumonde.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    Anonyme
    14 Mai 2009 15:10:20

    ok merci beaucoup voilà le log.txt

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Kuro at 2009-05-14 15:09:27
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 5 GB (15%) free of 31 GB
    Total RAM: 2046 MB (48% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:09:37, on 14/05/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16827)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\FileZilla Server\FileZilla Server.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Apps\Softex\OmniPass\Omniserv.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Dantz\Retrospect\retrorun.exe
    C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Apps\Softex\OmniPass\OPXPApp.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
    C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
    C:\apps\ABoard\ABoard.exe
    C:\WINDOWS\system32\WDBtnMgr.exe
    C:\apps\ABoard\AOSD.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\APPS\SMP\SmpSys.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\OFFICE One6.5\program\soffice.exe
    C:\WINDOWS\eHome\ehmsas.exe
    D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    D:\Documents and Settings\Kuro\Mes documents\Downloads\HiJackThis.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
    D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    D:\Documents and Settings\Kuro\Mes documents\Downloads\RSIT.exe
    D:\Documents and Settings\Kuro\Mes documents\Downloads\Kuro.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/APPS/IE/offline/fr.htm
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5F11D5D5-3FB2-4ADD-84AD-D69BC9A5D312} - (no file)
    O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
    O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
    O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
    O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
    O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [EmailChecker] C:\APPS\EmailChecker\ech.exe
    O4 - HKLM\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Winamp Search - D:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - http://www.piclens.com/shared/plinstll.cab
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - Winlogon Notify: jKARkjjJ - jKARkjjJ.dll (file missing)
    O20 - Winlogon Notify: ljJBSKBU - ljJBSKBU.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate1c8c10e92d04a4b) (gupdate1c8c10e92d04a4b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
    O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 15376 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GlaryInitialize.job
    C:\WINDOWS\tasks\Google Software Updater.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-734007298-3330273604-3312953743-1005.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06663B51-0D73-4f9f-BCC5-4AA941470AFD}]
    Pando Search Assistant BHO - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL [2008-03-17 61440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-07-17 279944]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
    Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-03-20 1267040]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-06-04 308856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38D3FE60-3D53-4F37-BB0E-C7A97A26A156}]
    CInterceptor Object - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll [2008-02-27 569344]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5F11D5D5-3FB2-4ADD-84AD-D69BC9A5D312}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
    EoBho Class

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489}]
    Alcohol Toolbar Helper - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll [2007-12-05 798720]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-04 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-22 668656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-04 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-14 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4}]
    Pando Toolbar BHO - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL [2008-03-17 266240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-14 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}]
    C:\Program Files\PicLensIE\cooliris.dll [2008-12-18 3741664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]
    {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - Alcohol Toolbar - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll [2007-12-05 798720]
    {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - Pando Toolbar - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL [2008-03-17 266240]
    {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-03-20 1267040]
    {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-07-17 279944]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-04 259696]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-03 13680640]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-02-10 15969280]
    "nwiz"=nwiz.exe /install []
    "Vade Retro Outlook Express"=C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe [2004-10-04 310272]
    "DetectorApp"=C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe [2005-10-20 102400]
    "ACTIVBOARD"=c:\apps\ABoard\ABoard.exe [2003-05-02 24576]
    "WD Button Manager"=C:\WINDOWS\system32\WDBtnMgr.exe [2006-09-29 335872]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "EmailChecker"=C:\APPS\EmailChecker\ech.exe [2003-07-02 40960]
    "AWMON"=C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe [2004-09-16 538112]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
    "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-07-09 36352]
    "RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2008-06-04 214560]
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-03 86016]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe [2005-06-03 36975]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"=C:\APPS\SMP\SmpSys.exe [2005-11-17 975360]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

    D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

    D:\Documents and Settings\Kuro\Mes documents\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    DesktopVideoPlayer.LNK - C:\Program Files\vghd\vghd.exe
    MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
    OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jKARkjjJ]
    jKARkjjJ.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ljJBSKBU]
    ljJBSKBU.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OPXPGina]
    C:\Apps\Softex\OmniPass\opxpgina.dll [2006-01-30 49152]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{CE86878F-D099-4FFC-A4DC-E51D192063B1}"= []
    "{5F11D5D5-3FB2-4ADD-84AD-D69BC9A5D312}"= []

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\BitSpirit\BitSpirit.exe"="C:\Program Files\BitSpirit\BitSpirit.exe:*:Enabled:The powerful and easy-to-use BitTorrent Client"
    "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adslTV"
    "C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus"
    "C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:p ando Application"
    "C:\Program Files\Podmailing\podmailing.exe"="C:\Program Files\Podmailing\podmailing.exe:*:Enabled:p odmailing Beta"
    "C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:o rb"
    "C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:o rbTray"
    "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:o rb Stream Client"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "D:\Jeux\Codemasters\GRID\GRID.exe"="D:\Jeux\Codemasters\GRID\GRID.exe:*:Enabled:GRID"
    "D:\Jeux\Ubisoft\Far Cry 2\bin\FarCry2.exe"="D:\Jeux\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
    "D:\Jeux\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="D:\Jeux\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
    "D:\Jeux\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="D:\Jeux\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editeur"
    "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:p nkBstrA"
    "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:p nkBstrB"
    "D:\Jeux\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="D:\Jeux\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
    "D:\Jeux\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="D:\Jeux\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
    "D:\Jeux\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="D:\Jeux\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
    "C:\Program Files\Packet Tracer 5.0\bin\PacketTracer5.exe"="C:\Program Files\Packet Tracer 5.0\bin\PacketTracer5.exe:*:Enabled:p acketTracer5"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\N]
    shell\AutoRun\command - N:\WDSetup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{706c0045-e785-11dc-8f29-00173169e79b}]
    shell\AutoRun\command - N:\WDSetup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b7efd646-d6ee-11dc-8f16-00173169e79b}]
    shell\AutoRun\command - M:\EasyCN.exe


    ======List of files/folders created in the last 1 months======

    2009-05-14 15:09:27 ----D---- C:\rsit
    2009-05-14 13:13:15 ----D---- C:\WINDOWS\LastGood
    2009-05-14 11:08:32 ----D---- D:\Documents and Settings\Kuro\Application Data\Auslogics
    2009-05-14 11:08:29 ----D---- C:\Program Files\Auslogics

    ======List of files/folders modified in the last 1 months======

    2009-05-14 15:06:46 ----D---- C:\WINDOWS\Temp
    2009-05-14 14:56:59 ----D---- C:\WINDOWS
    2009-05-14 13:13:19 ----HD---- C:\WINDOWS\inf
    2009-05-14 12:13:10 ----SD---- C:\WINDOWS\Tasks
    2009-05-14 11:08:31 ----D---- C:\WINDOWS\Prefetch
    2009-05-14 11:08:29 ----D---- C:\Program Files
    2009-05-14 10:44:00 ----D---- C:\WINDOWS\system32\LogFiles
    2009-05-14 10:44:00 ----D---- C:\WINDOWS\Debug
    2009-05-14 10:18:18 ----SHD---- C:\WINDOWS\Installer
    2009-05-14 10:18:14 ----D---- C:\Config.Msi
    2009-05-14 10:18:13 ----D---- C:\WINDOWS\system32
    2009-05-14 10:18:07 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-05-14 10:18:07 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-05-14 10:18:07 ----A---- C:\WINDOWS\system32\java.exe
    2009-05-14 10:18:07 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-05-14 10:17:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-05-14 08:45:39 ----D---- C:\WINDOWS\system32\Lang
    2009-05-14 08:44:15 ----D---- C:\WINDOWS\Registration
    2009-05-14 08:43:45 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-05-13 18:25:33 ----N---- C:\WINDOWS\SchedLgU.Txt
    2009-05-13 18:25:25 ----D---- C:\WINDOWS\system32\CatRoot
    2009-05-13 17:42:20 ----D---- D:\Documents and Settings\Kuro\Application Data\foobar2000
    2009-05-13 16:04:58 ----D---- D:\Documents and Settings\All Users\Application Data\Google Updater
    2009-05-13 16:01:57 ----D---- C:\WINDOWS\system32\config
    2009-05-13 16:01:36 ----D---- C:\WINDOWS\system32\wbem
    2009-05-13 16:01:18 ----D---- D:\Documents and Settings\Kuro\Application Data\dvdcss
    2009-05-13 16:01:03 ----D---- C:\Program Files\Mozilla Firefox
    2009-05-07 09:16:29 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-05-04 09:31:44 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-05-04 09:26:25 ----D---- C:\Program Files\Safari
    2009-05-04 09:08:56 ----D---- C:\Program Files\Java
    2009-04-16 19:20:43 ----D---- C:\WINDOWS\AppPatch
    2009-04-16 19:19:30 ----RSHD---- C:\WINDOWS\system32\dllcache
    2009-04-16 19:19:18 ----D---- C:\WINDOWS\system32\fr-fr
    2009-04-16 19:19:18 ----D---- C:\Program Files\Internet Explorer
    2009-04-16 19:19:13 ----D---- C:\WINDOWS\ie7updates
    2009-04-16 19:17:03 ----HD---- C:\WINDOWS\$hf_mig$

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-26 75072]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-01-20 33292]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-11-30 271360]
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-11-30 18048]
    R2 PStrip;PStrip; C:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 27992]
    R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-17 825600]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-16 4156416]
    R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-02-18 96256]
    R3 mfwagsif;MOTU Audio GSIF; C:\WINDOWS\system32\drivers\mfwagsif.sys [2006-08-23 17408]
    R3 mfwamidi;MOTU Audio MIDI; C:\WINDOWS\system32\drivers\mfwamidi.sys [2006-08-23 19968]
    R3 mfwawave;MOTU Audio Wave; C:\WINDOWS\system32\drivers\mfwawave.sys [2006-08-23 27648]
    R3 motubus;MOTU Audio MIDI Extension; C:\WINDOWS\system32\drivers\MotuBus.sys [2006-05-08 15360]
    R3 MotuFWA;MotuFWA; C:\WINDOWS\system32\drivers\motufwa.sys [2006-08-23 251904]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-03 6209536]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-29 34048]
    R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-29 12928]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-08-11 14604]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
    R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
    R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040]
    S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
    S3 aj29a216;aj29a216; C:\WINDOWS\system32\drivers\aj29a216.sys []
    S3 atwj72dk;atwj72dk; C:\WINDOWS\system32\drivers\atwj72dk.sys []
    S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
    S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
    S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
    S3 SaiHFF0D;SaiHFF0D; C:\WINDOWS\system32\DRIVERS\SaiHFF0D.sys [2005-07-22 176000]
    S3 SaiUFF0D;SaiUFF0D; C:\WINDOWS\system32\DRIVERS\SaiUFF0D.sys [2005-07-22 27136]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
    S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
    S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usb_rndisx;Carte ISDN USB; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-10-31 30464]
    S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-20 479200]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792]
    S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-17 52352]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-03-19 607576]
    R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
    R2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
    R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
    R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
    R2 FileZilla Server;FileZilla Server FTP server; C:\Program Files\FileZilla Server\FileZilla Server.exe [2008-11-10 587776]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-14 152984]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-03 163908]
    R2 omniserv;Softex OmniPass Service; C:\Apps\Softex\OmniPass\Omniserv.exe [2006-01-30 32768]
    R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-10-23 63040]
    R2 RetroLauncher;Retrospect Launcher; C:\Program Files\Dantz\Retrospect\retrorun.exe [2003-11-12 49152]
    R2 RetroWDSvc;Retrospect WD Service; C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe [2004-01-26 46592]
    R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
    R2 USBDeviceService;USBDeviceService; C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe [2005-10-20 90112]
    R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
    S2 gupdate1c8c10e92d04a4b;Google Update Service (gupdate1c8c10e92d04a4b); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-08-28 133104]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 183280]
    S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-03-29 68096]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-02-10 654848]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
    S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-08-19 1836544]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
    S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-01-22 183112]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

    -----------------EOF-----------------




    et le info.txt

    info.txt logfile of random's system information tool 1.06 2009-05-14 15:09:40

    ======Uninstall list======

    #1 DVD Ripper 1.3.16-->"C:\Program Files\NO1 DVD Ripper\unins000.exe"
    -->"c:\apps\skype\phone\unins000.exe"
    -->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
    -->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
    -->C:\PROGRA~1\GOTOSO~1\VADERE~1\UNWISE.EXE C:\PROGRA~1\GOTOSO~1\VADERE~1\INSTALL.LOG
    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
    -->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
    -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->C:\Program Files\Learn2.com\StRunner\stuninst.exe
    -->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
    -->MsiExec /X{AC54E544-3E42-443C-A91D-A00A6974C592}
    -->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    -->MsiExec.exe /I{8B543A39-9401-44F4-B572-069E64C15189}
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F9CFBD8-8F77-4DCD-8CB5-CDD5F653C872}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}\setup.exe" -l0x40c
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    7-Zip 4.49 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
    Ad-Aware 2007-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Ad-Aware SE Professional-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
    Adobe After Effects 6.5-->MsiExec.exe /I{61CEB2D7-8D3B-4247-B75E-A95F6699B90A}
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
    Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
    Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
    Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
    Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
    Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
    Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe MPEG Encoder-->MsiExec.exe /I{9811A185-3D3D-11D6-9E14-00036D172B00}
    Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
    Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
    Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
    Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
    Adobe Premiere Pro-->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{084709F7-38C5-4609-B55F-2417939315EB}\setup.exe"
    Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
    Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
    Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
    Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
    Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
    adsl TV-->C:\Program Files\adslTV\Uninstal.exe
    Advanced RAR Password Recovery (remove only)-->C:\Program Files\ElcomSoft\ARPR\uninstall.exe
    Alcohol Toolbar-->"C:\WINDOWS\Alcohol_Toolbar_Uninstaller_8515.exe" _?=C:\Program Files\Alcohol Toolbar
    Angular Momentum Trance Gizmo-->C:\Program Files\Angular Momentum Trance Gizmo\Uninst.exe C:\Program Files\Angular Momentum Trance Gizmo\Uninst.log
    Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Arturia CS-80V v1.5-->C:\PROGRA~1\Arturia\CS-80V\UNWISE.EXE C:\PROGRA~1\Arturia\CS-80V\INSTALL.LOG
    Arturia Moog Modular V v1.1-->C:\PROGRA~1\Arturia\MOOGMO~1\UNWISE.EXE C:\PROGRA~1\Arturia\MOOGMO~1\INSTALL.LOG
    Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
    Audacity 1.3.3 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
    AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    AviSynth 2 (remove only)-->"C:\Program Files\AviSynth2\uninst.exe"
    BlackBerry Connect Desktop pour Windows Mobile-->C:\Program Files\InstallShield Installation Information\{A9A624F1-ED8D-44F9-A4EE-ADD2235C51A7}\setup.exe -runfromtemp -l0x040c
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    CamStudio-->C:\Program Files\CamStudio\uninstall.exe
    CamStudio-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{EB371786-9449-4ED8-B47A-032467A58CAD} anything\anything
    Capture Ecran 1.1-->"C:\Program Files\CaptureEcran11\unins000.exe"
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
    ConvertHelper 2.1-->"C:\Program Files\ConvertHelper\unins000.exe"
    Cool Edit Pro 2.1-->C:\Program Files\coolpro2\cep2unin.exe
    Cooliris for Internet Explorer-->MsiExec.exe /I{F9E3CA72-816F-3905-898C-3962A49F666A}
    Corona Visualization Plug-in for WMP-->MsiExec.exe /I{6C3CE73B-E7B8-4979-8740-1476C5CBDEBA}
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Crysis WARHEAD(R)-->"D:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
    Crysis WARHEAD(R)-->D:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
    DiscoDSP Discovery v1.5-->C:\PROGRA~1\STEINB~1\VSTPLU~1\discoDSP\DISCOV~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\discoDSP\DISCOV~1\INSTALL.LOG
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    DreamStation DXi-->C:\WINDOWS\DSDXIRMV.EXE C:\PROGRAM FILES\DREAMSTATION DXI
    Emagic EVP73 VSTi v1.0-->C:\PROGRA~1\STEINB~1\VSTPLU~1\emagic\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\emagic\INSTALL.LOG
    eMule Plus 1.2a-->"C:\Program Files\eMule\unins000.exe"
    eMusic - 50 Free MP3 offer-->"C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
    Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
    FIFA 09-->MsiExec.exe /X{2315B23D-3E21-4920-837D-AE6460934ECB}
    FileZilla Server (remove only)-->"C:\Program Files\FileZilla Server\uninstall.exe"
    FilmFX 2.25.731-->C:\WINDOWS\unvise32.exe C:\Program Files\FilmFX2\uninstal.log
    Final Effects for Adobe Premiere-->C:\WINDOWS\uninst.exe -f"c:\program files\Final Effects AP\DeIsL1.isu"
    FL Studio 6-->C:\Program Files\Image-Line\FL Studio 6\uninstall.exe
    FLV Player 1.3.3-->"C:\Program Files\FLVPlayer\uninstall.exe"
    foobar2000 v0.9.4.3-->"C:\Program Files\foobar2000\uninstall.exe"
    Fraps (remove only)-->"C:\Fraps\uninstall.exe"
    Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe
    Genuine Fractals 5.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC38B36B-90F8-4C1F-8AC9-236B851B8871}\setup.exe" -l0x9 -uninst -removeonly
    getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
    Glary Utilities 2.8.0.366-->"C:\Program Files\Glary Utilities\unins000.exe"
    Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
    Google Earth Plugin-->MsiExec.exe /I{9491C880-1C35-11DE-97B2-005056806466}
    Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
    Google Gears-->MsiExec.exe /I{95774351-6087-3A3B-8CA8-70BEE49D2BD5}
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x040c -removeonly
    GRID-->"C:\Program Files\InstallShield Installation Information\{5A0B7BA5-4682-4273-81C2-69B17E649103}\setup.exe" -runfromtemp -l0x040c -removeonly
    HijackThis 2.0.2-->"C:\Program Files\HiJackThis\HijackThis.exe" /uninstall
    Hollywood FX GOLD-->C:\WINDOWS\unvise32.exe C:\Program Files\Pinnacle\Hollywood FX GOLD\uninstal.log
    IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
    Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
    Indeo® software-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Intel\Indeo\Indeo Uninstall.isu" -c"C:\WINDOWS\system32\SavedSystemFiles\indounin.dll"
    ISSENDIS WebUpdate v6-->"C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\unins000.exe"
    iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
    iZotope Ozone v3.02-->C:\PROGRA~1\iZotope\OZONE3~1\UNWISE.EXE C:\PROGRA~1\iZotope\OZONE3~1\INSTALL.LOG
    J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
    J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
    J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
    Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Joost (tm) 0.10.9-->C:\Program Files\Joost\uninst.exe
    Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
    K-Lite Codec Pack 3.01 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Line Adventures 1.0-->"C:\Program Files\Line Adventures\unins000.exe"
    LinPlug daOrgan-->C:\Program Files\Steinberg\Vstplugins\UninstalOrgan.exe
    LinPlug DeltaIII VSTi v3.0.5-->C:\PROGRA~1\STEINB~1\VSTPLU~1\DeltaIII\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\DeltaIII\INSTALL.LOG
    Macromedia Flash Player 8-->MsiExec.exe /X{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}
    Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
    Magic ISO Maker v5.3 (build 0221)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
    MagicDisc 2.6.93-->C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
    MAGIX Audio Cleaning Lab 14 Download version 9.0.2.0 (US)-->C:\Program Files\MAGIX\ACLab14_Download_version\unwise.exe
    MAGIX Screenshare 4.3.6.1987 (US)-->C:\Program Files\MAGIX\PCVisit\unwise.exe
    Malwarebytes' RogueRemover 1.22-->"C:\Program Files\RogueRemover FREE\unins000.exe"
    Manuel de l'appareil Windows Mobile®-->C:\Program Files\Windows Mobile Device Handbook\Windows Mobile Device Handbook\Bin\DHUninstall.exe
    MCE Software Encoder 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
    Media Library Management Wizard-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplibwiz.inf,DefaultUninstall
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
    Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
    Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft FrontPage Express-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\fpxpress.inf, Uninstall
    Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
    Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.1-->"C:\WINDOWS\$NtUninstallWdf01001$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
    MOTU FireWire/USB Audio Installer-->MsiExec.exe /I{FAAF4F08-107F-42B4-B01C-B5BACB65E7D3}
    Movie Maker Background Music Files-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmmusic.inf,DefaultUninstall
    Movie Maker Sound Effects-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmsounds.inf,DefaultUninstall
    Movie Maker Title Images-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmtitle.inf,DefaultUninstall
    Mozilla Firefox (3.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MRU-Blaster v1.5 (Database 3/28/2004)-->"C:\Program Files\MRU-Blaster\unins000.exe"
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    Native Instruments Absynth 3-->C:\PROGRA~1\NATIVE~1\ABSYNT~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\ABSYNT~1\INSTALL.LOG
    nCleaner second 2.3.4.0-->C:\Program Files\NKProds\nCleaner\uninstall.exe
    Need for Speed™ Undercover-->MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}
    NI Absynth v1.3.4-OxYGeN-->C:\PROGRA~1\Absynth\UNWISE.EXE C:\PROGRA~1\Absynth\INSTALL.LOG
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA PhysX v8.10.13-->MsiExec.exe /X{AC54E544-3E42-443C-A91D-A00A6974C592}
    OFFICE One 450 Fonts-->C:\WINDOWS\Fonts\unins000.exe
    OFFICE One 6.5 Bureautique désinstallation complète 6.5-->"C:\Program Files\OFFICE One6.5\Uninstall All\SETUP\setup.exe" /u
    OFFICE One 6.5-->c:\Program Files\OFFICE ONE6.5\program\setup.exe -deinstall
    OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
    OrangeVocoder v2.0-OxYGeN-->C:\WINDOWS\vocoder\UNWISE.EXE C:\WINDOWS\vocoder\INSTALL.LOG
    Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    Packet Tracer 5.0-->"C:\Program Files\Packet Tracer 5.0\unins000.exe"
    Pando Toolbar-->rundll32 C:\PROGRA~1\PandoBar\bar\1.bin\PandoBar.dll,O
    Pando-->MsiExec.exe /I{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}
    PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
    Personal License Update Wizard for Windows Media Player-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\drmtool.inf,DefaultUninstall
    PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
    PicLens for Internet Explorer-->MsiExec.exe /I{54BCE5D8-4375-3F14-B116-43B77DEB2DBA}
    PicLens for Internet Explorer-->MsiExec.exe /I{C92651B8-39F6-3DD5-80EF-E71D2A21DE2F}
    Plus! MP3 Audio Converter LE-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\audcle.inf,DefaultUninstall
    Podmailing Beta 0.10.0-->C:\Program Files\Podmailing\uninstall.exe
    PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation
    Contenus similaires
    a c 267 8 Sécurité
    14 Mai 2009 15:24:28

  • Désinstalle les programmes suivants :
    - Ask Toolbar
    - J2SE Runtime Environment 5.0 Update 10
    - J2SE Runtime Environment 5.0 Update 11
    - J2SE Runtime Environment 5.0 Update 4
    - Java 6 Update 2
    - Java 6 Update 3
    - Java 6 Update 5
    - Java 6 Update 7
    - Java SE Runtime Environment 6 Update 1

  • Mets à jour Adobe Reader.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    Anonyme
    14 Mai 2009 16:03:30

    et voilà le rapport ! j avais pas mal d alertes..

    Malwarebytes' Anti-Malware 1.36
    Version de la base de données: 2130
    Windows 5.1.2600 Service Pack 3

    14/05/2009 15:53:27
    mbam-log-2009-05-14 (15-53-27).txt

    Type de recherche: Examen rapide
    Eléments examinés: 160423
    Temps écoulé: 5 minute(s), 24 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 12
    Valeur(s) du Registre infectée(s): 4
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 41

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{5f11d5d5-3fb2-4add-84ad-d69bc9a5d312} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5f11d5d5-3fb2-4add-84ad-d69bc9a5d312} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000162-9980-0010-8000-00aa00389b71} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000162-9980-0010-8000-00aa00389b71} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5f11d5d5-3fb2-4add-84ad-d69bc9a5d312} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\office one 450 fonts_is1 (Worm.Archive) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\WinButler (Adware.WinButler) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{5f11d5d5-3fb2-4add-84ad-d69bc9a5d312} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{ce86878f-d099-4ffc-a4dc-e51d192063b1} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\WINDOWS\system32\smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\akttzn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\anticipator.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\awtoolb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bsva-egihsg52.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\dpcproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hoproxy.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hxiwlgpm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\msgp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\msnbho.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\msvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mtr2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mwin32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\netode.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\newsd32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ps1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\psof1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\psoft1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\regc64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\regm64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\Rundl1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sncntr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ssurf022.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ssvchost.com (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ssvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sysreq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\taack.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\thun.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\thun32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\vcatchpi.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\winlogonpc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\winsystem.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\WINWGPX.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\vbsys2.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
    C:\WINDOWS\xbaqktfv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\eoRezo (Rogue.Eorezo) -> Delete on reboot.
    a c 267 8 Sécurité
    14 Mai 2009 18:29:46

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
  • Double-clique sur le raccourci d'Ad-Remover situé sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
  • Au menu principal, choisis l'option A.
  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-Scan-(date).log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Anonyme
    14 Mai 2009 18:59:45

    ok voilà le rapport de ad remover merci !!


    ------- LOGFILE OF AD-REMOVER 1.1.3.7 | ONLY XP/VISTA -------

    Updated by C_XX on 11/05/2009 at 16:00
    Contact: AdRemover.contact@gmail.com
    Website: http://pagesperso-orange.fr/NosTools/ad_remover.html

    Start at: 18:42:56, 14/05/2009 | Boot mode: Normal Boot
    Option: Scan | Executed from: C:\Program Files\Ad-remover\
    Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
    Computer Name: 118672810312
    Current User: Kuro - Administrator
    Drive(s):
    - C:\ (File System: NTFS)
    - D:\ (File System: NTFS)
    - M:\ (File System: NTFS)
    - N:\ (File System: NTFS)

    (!) ---- D:\Documents and Settings\Administrateur\Ntuser.dat Loaded as: 'HKU\Administrateur'
    (!) ---- D:\Documents and Settings\LocalService.AUTORITE NT.000\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.000'
    (!) ---- D:\Documents and Settings\LocalService.AUTORITE NT.003\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.003'
    (!) ---- D:\Documents and Settings\LocalService.AUTORITE NT.005\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.005'
    (!) ---- D:\Documents and Settings\LocalService.AUTORITE NT.007\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.007'
    (!) ---- D:\Documents and Settings\LocalService.AUTORITE NT.008\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.008'
    (!) ---- D:\Documents and Settings\NetworkService.AUTORITE NT.000\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.000'
    (!) ---- D:\Documents and Settings\NetworkService.AUTORITE NT.003\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.003'
    (!) ---- D:\Documents and Settings\NetworkService.AUTORITE NT.005\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.005'
    (!) ---- D:\Documents and Settings\NetworkService.AUTORITE NT.008\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.008'
    (!) ---- D:\Documents and Settings\NetworkService.AUTORITE NT.009\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.009'
    (!) ---- D:\Documents and Settings\NetworkService.AUTORITE NT.011\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.011'

    ============ Known Adwares Found ============

    .
    .
    D:\Documents and Settings\Kuro\Application Data\Mozilla\Firefox\Profiles\tfx2h0gu.default\searchplugins\ask.xml
    D:\Documents and Settings\Kuro\Application Data\Mozilla\Firefox\Profiles\tfx2h0gu.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

    +-----------------| Eorezo Elements Found:

    HKCR\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKCU\Software\EoRezo
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\Software\Classes\EoRezoBHO.EoBho
    HKLM\Software\Classes\EoRezoBHO.EoBho.1
    HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
    .

    +-----------------| It's TV Elements Found:

    HKCU\Software\ItsLabel
    HKLM\Software\ItsLabel
    HKU\S-1-5-21-734007298-3330273604-3312953743-1005\Software\ItsLabel
    .
    D:\Documents and Settings\Kuro\Application Data\ItsLabel

    +-----------------| Sweetim Elements Found:

    .

    +-----------------| Added Scan:

    ---- Mozilla FireFox Version 3.0.7 ----

    ProfilePath: tfx2h0gu.default (Kuro)
    .
    (Prefs.js) user_pref("browser.search.defaultenginename", "MyStart Rechercher");
    (Prefs.js) user_pref("browser.search.selectedEngine", "Google");
    (Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr/");
    (Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.8");
    .

    ---- Internet Explorer Version 7.0.5730.11 ----

    [HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp:///C

    [HKEY_USERS\S-1-5-21-734007298-3330273604-3312953743-1005\..\Internet Explorer\Main]

    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp:///C

    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: hxxp://ieframe.dll/tabswelcome.htm

    =========== Suspicious ==========

    D:\Documents and Settings\Kuro\Local Settings\Application Data\Microsoft\Messenger\kuro59@hotmail.fr\Sharing Folders\jeremy.gruson@hotmail.fr\NFS undercover\Need.for.Speed.Undercover.Keygen.Only-0x0008\0x0008-nfsu_keygen\0x0008-nfsu_keygen.exe
    [1009841 Byte(s)|--a------|16/11/2008 20:15|HashMD5: 36865265be14302b17891f7b9b437204 |CRC32: 09e640b8]

    D:\Documents and Settings\Kuro\Mes documents\a\Propellerhead Reason Toolpack\ReCycle 2.1 Incl Keygen [TEAM H2O]\Patch & Keygen.exe
    [32768 Byte(s)|-ra------|03/10/2007 11:55|HashMD5: bf415ecccfca8e28d2449ad36548f224 |CRC32: 9a4abdec]

    D:\Documents and Settings\Kuro\Mes documents\Medialink\RecordPad_Sound_Recorder_v1.03\EXPLOSiON\keygen.exe
    [68608 Byte(s)|--a------|13/10/2004 21:33|HashMD5: 81b9e6325e55ce25402038500192414e |CRC32: 31af347c]

    D:\Documents and Settings\Kuro\Mes documents\Mes fichiers reçus\dead space Key and crack.rar
    [310298 Byte(s)|--a------|15/11/2008 15:05|HashMD5: a2075cddf3359a95fc5bfe8eb0990569 |CRC32: 65f48cbe]

    D:\Documents and Settings\Kuro\Mes documents\Mes fichiers reçus\NFS undercover\Need.for.Speed.Undercover.Keygen.Only-0x0008\0x0008-nfsu_keygen\0x0008-nfsu_keygen.exe
    [1009841 Byte(s)|--a------|16/11/2008 20:15|HashMD5: 36865265be14302b17891f7b9b437204 |CRC32: 09e640b8]

    D:\Documents and Settings\Kuro\Mes documents\Mes fichiers reçus 2\Propellerhead Reason 4\crack\KEYGEN.EXE
    [164352 Byte(s)|--a------|10/08/2008 20:36|HashMD5: ac271f7c2907076984144dda7db30c4a |CRC32: dae7a014]


    +---------------------------------------------------------------------------+

    6252 Byte(s) - C:\Ad-Report-Scan-14.05.2009.log

    0 File(s) - C:\Program Files\Ad-remover\BACKUP
    0 File(s) - C:\Program Files\Ad-remover\QUARANTINE

    End at: 18:56:11 | 14/05/2009
    .
    +-----------------| E.O.F
    .
    a c 267 8 Sécurité
    14 Mai 2009 19:07:30

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur le raccourci d'Ad-Remover pour le lancer.
    (Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)

  • Au menu principal, choisis l'option B.

  • Coche A à l'écran de sélection :



  • Puis choisis S, le programme va travailler.

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-Clean-(date).log).

    /!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide /!\
    Anonyme
    14 Mai 2009 19:55:00

    et voilà !


    ------- LOGFILE OF AD-REMOVER 1.1.3.7 | ONLY XP/VISTA -------

    Updated by C_XX on 11/05/2009 at 16:00
    Contact: AdRemover.contact@gmail.com
    Website: http://pagesperso-orange.fr/NosTools/ad_remover.html

    **** LIMITED TO ****

    Known Adwares
    Eorezo
    It's TV
    Sweetim

    ********************

    Start at: 19:33:17, 14/05/2009 | Boot mode: Normal Boot
    Option: Clean | Executed from: C:\Program Files\Ad-remover\
    Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
    Computer Name: 118672810312
    Current User: Kuro - Administrator
    Drive(s):
    - C:\ (File System: NTFS)
    - D:\ (File System: NTFS)
    - M:\ (File System: NTFS)
    - N:\ (File System: NTFS)

    (!) ---- D:\Documents and Settings\Administrateur\Ntuser.dat Loaded as: 'HKU\Administrateur'
    (!) ---- D:\Documents and Settings\LocalService.AUTORITE NT.000\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.000'
    (!) ---- D:\Documents and Settings\LocalService.AUTORITE NT.003\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.003'
    (!) ---- D:\Documents and Settings\LocalService.AUTORITE NT.005\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.005'
    (!) ---- D:\Documents and Settings\LocalService.AUTORITE NT.007\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.007'
    (!) ---- D:\Documents and Settings\LocalService.AUTORITE NT.008\Ntuser.dat Loaded as: 'HKU\LocalService.AUTORITE NT.008'
    (!) ---- D:\Documents and Settings\NetworkService.AUTORITE NT.000\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.000'
    (!) ---- D:\Documents and Settings\NetworkService.AUTORITE NT.003\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.003'
    (!) ---- D:\Documents and Settings\NetworkService.AUTORITE NT.005\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.005'
    (!) ---- D:\Documents and Settings\NetworkService.AUTORITE NT.008\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.008'
    (!) ---- D:\Documents and Settings\NetworkService.AUTORITE NT.009\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.009'
    (!) ---- D:\Documents and Settings\NetworkService.AUTORITE NT.011\Ntuser.dat Loaded as: 'HKU\NetworkService.AUTORITE NT.011'

    (!) ---- IE start pages/Tabs reset

    ============ Known Adwares Deleted ============

    .
    .
    D:\Documents and Settings\Kuro\Application Data\Mozilla\Firefox\Profiles\tfx2h0gu.default\searchplugins\ask.xml
    D:\Documents and Settings\Kuro\Application Data\Mozilla\Firefox\Profiles\tfx2h0gu.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

    +-----------------| Eorezo Elements Deleted :

    HKCR\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKCU\Software\EoRezo
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
    .

    +-----------------| It's TV Elements Deleted :

    HKCU\Software\ItsLabel
    HKLM\Software\ItsLabel
    .
    D:\Documents and Settings\Kuro\Application Data\ItsLabel

    +-----------------| Sweetim Elements Deleted :

    .

    (!) ---- Temp files deleted.
    (!) ---- Recycle bin emptied in all drives.



    +-----------------| Added Scan:

    ---- Mozilla FireFox Version 3.0.7 ----

    ProfilePath: tfx2h0gu.default (Kuro)
    .
    (Prefs.js) user_pref("browser.search.defaultenginename", "MyStart Rechercher");
    (Prefs.js) user_pref("browser.search.selectedEngine", "Google");
    (Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr/");
    (Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.8");
    .

    ---- Internet Explorer Version 7.0.5730.11 ----

    [HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...

    [HKEY_USERS\S-1-5-21-734007298-3330273604-3312953743-1005\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...

    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/

    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: hxxp://ieframe.dll/tabswelcome.htm

    =========== Suspicious ==========

    D:\Documents and Settings\Kuro\Local Settings\Application Data\Microsoft\Messenger\kuro59@hotmail.fr\Sharing Folders\jeremy.gruson@hotmail.fr\NFS undercover\Need.for.Speed.Undercover.Keygen.Only-0x0008\0x0008-nfsu_keygen\0x0008-nfsu_keygen.exe
    [1009841 Byte(s)|--a------|16/11/2008 20:15|HashMD5: 36865265be14302b17891f7b9b437204 |CRC32: 09e640b8]

    D:\Documents and Settings\Kuro\Mes documents\a\Propellerhead Reason Toolpack\ReCycle 2.1 Incl Keygen [TEAM H2O]\Patch & Keygen.exe
    [32768 Byte(s)|-ra------|03/10/2007 11:55|HashMD5: bf415ecccfca8e28d2449ad36548f224 |CRC32: 9a4abdec]

    D:\Documents and Settings\Kuro\Mes documents\Medialink\RecordPad_Sound_Recorder_v1.03\EXPLOSiON\keygen.exe
    [68608 Byte(s)|--a------|13/10/2004 21:33|HashMD5: 81b9e6325e55ce25402038500192414e |CRC32: 31af347c]

    D:\Documents and Settings\Kuro\Mes documents\Mes fichiers reçus\dead space Key and crack.rar
    [310298 Byte(s)|--a------|15/11/2008 15:05|HashMD5: a2075cddf3359a95fc5bfe8eb0990569 |CRC32: 65f48cbe]

    D:\Documents and Settings\Kuro\Mes documents\Mes fichiers reçus\NFS undercover\Need.for.Speed.Undercover.Keygen.Only-0x0008\0x0008-nfsu_keygen\0x0008-nfsu_keygen.exe
    [1009841 Byte(s)|--a------|16/11/2008 20:15|HashMD5: 36865265be14302b17891f7b9b437204 |CRC32: 09e640b8]

    D:\Documents and Settings\Kuro\Mes documents\Mes fichiers reçus 2\Propellerhead Reason 4\crack\KEYGEN.EXE
    [164352 Byte(s)|--a------|10/08/2008 20:36|HashMD5: ac271f7c2907076984144dda7db30c4a |CRC32: dae7a014]


    +---------------------------------------------------------------------------+

    6747 Byte(s) - C:\Ad-Report-Clean-14.05.2009.log
    6469 Byte(s) - C:\Ad-Report-Scan-14.05.2009.log

    18 File(s) - C:\Program Files\Ad-remover\BACKUP
    1 File(s) - C:\Program Files\Ad-remover\QUARANTINE

    End at: 19:48:32 | 14/05/2009
    .
    +-----------------| E.O.F
    .
    a c 267 8 Sécurité
    14 Mai 2009 20:10:24

  • Désinstalle Ad-Remover.

  • Refais un scan RSIT et poste le rapport log.
    Anonyme
    14 Mai 2009 20:47:37

    c est fait, ci dessous le rapport, merci de ton attention

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Kuro at 2009-05-14 20:47:00
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 5 GB (17%) free of 31 GB
    Total RAM: 2046 MB (68% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:47:05, on 14/05/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16827)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\FileZilla Server\FileZilla Server.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Apps\Softex\OmniPass\Omniserv.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Dantz\Retrospect\retrorun.exe
    C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Apps\Softex\OmniPass\OPXPApp.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
    C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
    C:\apps\ABoard\ABoard.exe
    C:\apps\ABoard\AOSD.exe
    C:\WINDOWS\system32\WDBtnMgr.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\APPS\SMP\SmpSys.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\MagicDisc\MagicDisc.exe
    C:\Program Files\OFFICE One6.5\program\soffice.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\explorer.exe
    D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\wuauclt.exe
    D:\Documents and Settings\Kuro\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    D:\Documents and Settings\Kuro\Mes documents\Downloads\RSIT.exe
    D:\Documents and Settings\Kuro\Mes documents\Downloads\Kuro.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
    O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
    O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
    O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
    O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [EmailChecker] C:\APPS\EmailChecker\ech.exe
    O4 - HKLM\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Winamp Search - D:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - Winlogon Notify: jKARkjjJ - jKARkjjJ.dll (file missing)
    O20 - Winlogon Notify: ljJBSKBU - ljJBSKBU.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate1c8c10e92d04a4b) (gupdate1c8c10e92d04a4b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
    O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 14280 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GlaryInitialize.job
    C:\WINDOWS\tasks\Google Software Updater.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-734007298-3330273604-3312953743-1005.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06663B51-0D73-4f9f-BCC5-4AA941470AFD}]
    Pando Search Assistant BHO - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL [2008-03-17 61440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
    Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-03-20 1267040]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-06-04 308856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38D3FE60-3D53-4F37-BB0E-C7A97A26A156}]
    CInterceptor Object - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll [2008-02-27 569344]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-05-14 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489}]
    Alcohol Toolbar Helper - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll [2007-12-05 798720]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-04 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-22 668656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-04 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-14 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4}]
    Pando Toolbar BHO - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL [2008-03-17 266240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-14 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}]
    C:\Program Files\PicLensIE\cooliris.dll [2008-12-18 3741664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]
    {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - Alcohol Toolbar - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll [2007-12-05 798720]
    {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - Pando Toolbar - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL [2008-03-17 266240]
    {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-03-20 1267040]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-04 259696]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-03 13680640]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-02-10 15969280]
    "nwiz"=nwiz.exe /install []
    "Vade Retro Outlook Express"=C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe [2004-10-04 310272]
    "DetectorApp"=C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe [2005-10-20 102400]
    "ACTIVBOARD"=c:\apps\ABoard\ABoard.exe [2003-05-02 24576]
    "WD Button Manager"=C:\WINDOWS\system32\WDBtnMgr.exe [2006-09-29 335872]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "EmailChecker"=C:\APPS\EmailChecker\ech.exe [2003-07-02 40960]
    "AWMON"=C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe [2004-09-16 538112]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
    "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-07-09 36352]
    "RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2008-06-04 214560]
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-03 86016]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe []
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"=C:\APPS\SMP\SmpSys.exe [2005-11-17 975360]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

    D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

    D:\Documents and Settings\Kuro\Mes documents\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    DesktopVideoPlayer.LNK - C:\Program Files\vghd\vghd.exe
    MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
    OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jKARkjjJ]
    jKARkjjJ.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ljJBSKBU]
    ljJBSKBU.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OPXPGina]
    C:\Apps\Softex\OmniPass\opxpgina.dll [2006-01-30 49152]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\BitSpirit\BitSpirit.exe"="C:\Program Files\BitSpirit\BitSpirit.exe:*:Enabled:The powerful and easy-to-use BitTorrent Client"
    "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adslTV"
    "C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus"
    "C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:p ando Application"
    "C:\Program Files\Podmailing\podmailing.exe"="C:\Program Files\Podmailing\podmailing.exe:*:Enabled:p odmailing Beta"
    "C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:o rb"
    "C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:o rbTray"
    "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:o rb Stream Client"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "D:\Jeux\Codemasters\GRID\GRID.exe"="D:\Jeux\Codemasters\GRID\GRID.exe:*:Enabled:GRID"
    "D:\Jeux\Ubisoft\Far Cry 2\bin\FarCry2.exe"="D:\Jeux\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
    "D:\Jeux\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="D:\Jeux\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
    "D:\Jeux\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="D:\Jeux\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editeur"
    "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:p nkBstrA"
    "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:p nkBstrB"
    "D:\Jeux\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="D:\Jeux\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
    "D:\Jeux\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="D:\Jeux\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
    "D:\Jeux\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="D:\Jeux\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
    "C:\Program Files\Packet Tracer 5.0\bin\PacketTracer5.exe"="C:\Program Files\Packet Tracer 5.0\bin\PacketTracer5.exe:*:Enabled:p acketTracer5"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\N]
    shell\AutoRun\command - N:\WDSetup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b7efd646-d6ee-11dc-8f16-00173169e79b}]
    shell\AutoRun\command - M:\EasyCN.exe


    ======List of files/folders created in the last 1 months======

    2009-05-14 18:41:43 ----D---- C:\Program Files\Ad-remover
    2009-05-14 15:44:47 ----D---- D:\Documents and Settings\Kuro\Application Data\Malwarebytes
    2009-05-14 15:44:42 ----D---- D:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-05-14 15:44:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-14 15:09:27 ----D---- C:\rsit
    2009-05-14 11:08:32 ----D---- D:\Documents and Settings\Kuro\Application Data\Auslogics
    2009-05-14 11:08:29 ----D---- C:\Program Files\Auslogics

    ======List of files/folders modified in the last 1 months======

    2009-05-14 20:45:34 ----D---- C:\WINDOWS\Temp
    2009-05-14 19:45:55 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-05-14 19:45:01 ----D---- C:\WINDOWS
    2009-05-14 18:41:46 ----D---- C:\WINDOWS\Prefetch
    2009-05-14 18:41:43 ----D---- C:\Program Files
    2009-05-14 17:05:20 ----SD---- C:\WINDOWS\Tasks
    2009-05-14 17:05:12 ----D---- D:\Documents and Settings\All Users\Application Data\Google Updater
    2009-05-14 17:05:12 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-14 15:58:57 ----D---- C:\WINDOWS\Registration
    2009-05-14 15:58:17 ----D---- C:\WINDOWS\system32\Lang
    2009-05-14 15:57:02 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-05-14 15:56:32 ----D---- C:\WINDOWS\system32\LogFiles
    2009-05-14 15:55:10 ----D---- C:\Config.Msi
    2009-05-14 15:55:02 ----D---- C:\WINDOWS\system32\drivers
    2009-05-14 15:53:27 ----D---- C:\WINDOWS\system32
    2009-05-14 15:44:13 ----SHD---- C:\WINDOWS\Installer
    2009-05-14 15:43:31 ----D---- D:\Documents and Settings\All Users\Application Data\Adobe
    2009-05-14 15:43:29 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-05-14 15:43:29 ----D---- C:\Program Files\Adobe
    2009-05-14 15:40:39 ----D---- C:\Program Files\Java
    2009-05-14 15:40:39 ----D---- C:\Program Files\Fichiers communs
    2009-05-14 13:13:19 ----HD---- C:\WINDOWS\inf
    2009-05-14 10:44:00 ----D---- C:\WINDOWS\Debug
    2009-05-14 10:18:07 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-05-14 10:18:07 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-05-14 10:18:07 ----A---- C:\WINDOWS\system32\java.exe
    2009-05-14 10:18:07 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-05-14 10:17:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-05-13 18:25:25 ----D---- C:\WINDOWS\system32\CatRoot
    2009-05-13 17:42:20 ----D---- D:\Documents and Settings\Kuro\Application Data\foobar2000
    2009-05-13 16:01:57 ----D---- C:\WINDOWS\system32\config
    2009-05-13 16:01:36 ----D---- C:\WINDOWS\system32\wbem
    2009-05-13 16:01:18 ----D---- D:\Documents and Settings\Kuro\Application Data\dvdcss
    2009-05-13 16:01:03 ----D---- C:\Program Files\Mozilla Firefox
    2009-05-07 09:16:29 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-05-04 09:31:44 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-05-04 09:26:25 ----D---- C:\Program Files\Safari
    2009-04-16 19:20:43 ----D---- C:\WINDOWS\AppPatch
    2009-04-16 19:19:30 ----RSHD---- C:\WINDOWS\system32\dllcache
    2009-04-16 19:19:18 ----D---- C:\WINDOWS\system32\fr-fr
    2009-04-16 19:19:18 ----D---- C:\Program Files\Internet Explorer
    2009-04-16 19:19:13 ----D---- C:\WINDOWS\ie7updates
    2009-04-16 19:17:03 ----HD---- C:\WINDOWS\$hf_mig$

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-26 75072]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-01-20 33292]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-11-30 271360]
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-11-30 18048]
    R2 PStrip;PStrip; C:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 27992]
    R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-17 825600]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-16 4156416]
    R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-02-18 96256]
    R3 mfwagsif;MOTU Audio GSIF; C:\WINDOWS\system32\drivers\mfwagsif.sys [2006-08-23 17408]
    R3 mfwamidi;MOTU Audio MIDI; C:\WINDOWS\system32\drivers\mfwamidi.sys [2006-08-23 19968]
    R3 mfwawave;MOTU Audio Wave; C:\WINDOWS\system32\drivers\mfwawave.sys [2006-08-23 27648]
    R3 motubus;MOTU Audio MIDI Extension; C:\WINDOWS\system32\drivers\MotuBus.sys [2006-05-08 15360]
    R3 MotuFWA;MotuFWA; C:\WINDOWS\system32\drivers\motufwa.sys [2006-08-23 251904]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-03 6209536]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-29 34048]
    R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-29 12928]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-08-11 14604]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
    R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
    R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040]
    S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
    S3 a5h1cfgx;a5h1cfgx; C:\WINDOWS\system32\drivers\a5h1cfgx.sys []
    S3 akvkl15o;akvkl15o; C:\WINDOWS\system32\drivers\akvkl15o.sys []
    S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
    S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
    S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
    S3 SaiHFF0D;SaiHFF0D; C:\WINDOWS\system32\DRIVERS\SaiHFF0D.sys [2005-07-22 176000]
    S3 SaiUFF0D;SaiUFF0D; C:\WINDOWS\system32\DRIVERS\SaiUFF0D.sys [2005-07-22 27136]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
    S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
    S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usb_rndisx;Carte ISDN USB; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-10-31 30464]
    S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-20 479200]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792]
    S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-17 52352]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-03-19 607576]
    R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
    R2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
    R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
    R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
    R2 FileZilla Server;FileZilla Server FTP server; C:\Program Files\FileZilla Server\FileZilla Server.exe [2008-11-10 587776]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-14 152984]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-03 163908]
    R2 omniserv;Softex OmniPass Service; C:\Apps\Softex\OmniPass\Omniserv.exe [2006-01-30 32768]
    R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-10-23 63040]
    R2 RetroLauncher;Retrospect Launcher; C:\Program Files\Dantz\Retrospect\retrorun.exe [2003-11-12 49152]
    R2 RetroWDSvc;Retrospect WD Service; C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe [2004-01-26 46592]
    R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
    R2 USBDeviceService;USBDeviceService; C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe [2005-10-20 90112]
    R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
    S2 gupdate1c8c10e92d04a4b;Google Update Service (gupdate1c8c10e92d04a4b); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-08-28 133104]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 183280]
    S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-03-29 68096]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-02-10 654848]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
    S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-08-19 1836544]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
    S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-01-22 183112]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

    -----------------EOF-----------------
    a c 267 8 Sécurité
    14 Mai 2009 20:58:04

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jKARkjjJ]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ljJBSKBU]

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    Anonyme
    14 Mai 2009 21:21:35

    ok c est fait voilà le rapport

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jKARkjjJ\\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ljJBSKBU\\ deleted successfully.
    ========== COMMANDS ==========
    File delete failed. D:\DOCUME~1\Kuro\LOCALS~1\Temp\etilqs_pnJNCPRfus6rZEmBoVSX scheduled to be deleted on reboot.
    File delete failed. D:\DOCUME~1\Kuro\LOCALS~1\Temp\~ROMFN_00000E0C scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. D:\Documents and Settings\Kuro\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    User's Temporary Internet Files folder emptied.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    Network Service Temp folder emptied.
    Network Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_220.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05142009_211207

    Files moved on Reboot...
    File D:\DOCUME~1\Kuro\LOCALS~1\Temp\etilqs_pnJNCPRfus6rZEmBoVSX not found!
    File D:\DOCUME~1\Kuro\LOCALS~1\Temp\~ROMFN_00000E0C not found!
    File C:\WINDOWS\temp\Perflib_Perfdata_220.dat not found!
    a c 267 8 Sécurité
    14 Mai 2009 21:37:13

  • Désinstalle AntiVir.

  • Installe Antivir et mets-le à jour.
  • Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.
  • Dans Antivir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.
  • Fais un scan complet et poste le rapport.

    Tutoriel : Scanner le(s) disque(s) dur(s)
    Anonyme
    15 Mai 2009 08:37:57

    je fais ça ce soir, je suis au boulot, merci enormement pour ton aide, a ce soir ou plus tard selon ta disponibilté !!
    Anonyme
    15 Mai 2009 15:26:09

    hello, ça y est c est fait

    ps: apparemment rien n a changé ça ne tourne pas rond..



    Avira AntiVir Personal
    Date de création du fichier de rapport : vendredi 15 mai 2009 14:18

    La recherche porte sur 1395768 souches de virus.

    Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
    Numéro de série : 0000149996-ADJIE-0000001
    Plateforme : Windows XP
    Version de Windows : (Service Pack 3) [5.1.2600]
    Mode Boot : Démarré normalement
    Identifiant : SYSTEM
    Nom de l'ordinateur : 118672810312

    Informations de version :
    BUILD.DAT : 9.0.0.65 17959 Bytes 22/04/2009 12:06:00
    AVSCAN.EXE : 9.0.3.6 466689 Bytes 21/04/2009 12:20:54
    AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02
    LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11
    LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
    ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:26
    ANTIVIR2.VDF : 7.1.3.185 2010112 Bytes 12/05/2009 12:17:39
    ANTIVIR3.VDF : 7.1.3.212 114688 Bytes 15/05/2009 12:17:39
    Version du moteur : 8.2.0.166
    AEVDF.DLL : 8.1.1.1 106868 Bytes 15/05/2009 12:17:43
    AESCRIPT.DLL : 8.1.1.81 385401 Bytes 15/05/2009 12:17:43
    AESCN.DLL : 8.1.1.10 127348 Bytes 15/05/2009 12:17:42
    AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:41
    AEPACK.DLL : 8.1.3.16 397686 Bytes 15/05/2009 12:17:42
    AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 19:01:56
    AEHEUR.DLL : 8.1.0.128 1757559 Bytes 15/05/2009 12:17:41
    AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 19:01:56
    AEGEN.DLL : 8.1.1.42 348531 Bytes 15/05/2009 12:17:40
    AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 13:32:40
    AECORE.DLL : 8.1.6.9 176500 Bytes 15/05/2009 12:17:40
    AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40
    AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30
    AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 10:39:26
    AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
    AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42
    AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22
    AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37
    SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
    SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57
    NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59
    RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 17/02/2009 12:49:32
    RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:05

    Configuration pour la recherche actuelle :
    Nom de la tâche...............................: Contrôle intégral du système
    Fichier de configuration......................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
    Documentation.................................: bas
    Action principale.............................: interactif
    Action secondaire.............................: ignorer
    Recherche sur les secteurs d'amorçage maître..: marche
    Recherche sur les secteurs d'amorçage.........: marche
    Secteurs d'amorçage...........................: C:, D:, M:, N:,
    Recherche dans les programmes actifs..........: marche
    Recherche en cours sur l'enregistrement.......: marche
    Recherche de Rootkits.........................: marche
    Contrôle d'intégrité de fichiers système......: arrêt
    Fichier mode de recherche.....................: Tous les fichiers
    Recherche sur les archives....................: marche
    Limiter la profondeur de récursivité..........: 20
    Archive Smart Extensions......................: marche
    Heuristique de macrovirus.....................: marche
    Heuristique fichier...........................: moyen

    Début de la recherche : vendredi 15 mai 2009 14:18

    La recherche d'objets cachés commence.
    '85753' objets ont été contrôlés, '0' objets cachés ont été trouvés.

    La recherche sur les processus démarrés commence :
    Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ehmsas.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'soffice.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'MagicDisc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SMPSYS.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'winampa.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'Ad-Watch.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AOSD.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'WDBtnMgr.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ABOARD.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'DetectorApp.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'Vaderetro_oe.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'RTHDCPL.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ehtray.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wmiapsrv.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'OPXPApp.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'dllhost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'GoogleUpdate.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'X10nets.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'USBDeviceService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ULCDRSvr.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'StarWindServiceAE.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wdsvc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'retrorun.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'PnkBstrA.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'OmniServ.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'FileZilla server.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ehSched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ehrecvr.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AOLacsd.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'aawservice.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
    '61' processus ont été contrôlés avec '61' modules

    La recherche sur les secteurs d'amorçage maître commence :
    Secteur d'amorçage maître HD0
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD1
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD2
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD3
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD4
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD5
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD6
    [INFO] Aucun virus trouvé !

    La recherche sur les secteurs d'amorçage commence :
    Secteur d'amorçage 'C:\'
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage 'D:\'
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage 'M:\'
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage 'N:\'
    [INFO] Aucun virus trouvé !

    La recherche sur les renvois aux fichiers exécutables (registre) commence :
    Le registre a été contrôlé ( '77' fichiers).


    La recherche sur les fichiers sélectionnés commence :

    Recherche débutant dans 'C:\' <HDD>
    C:\pagefile.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    [REMARQUE] Ce fichier est un fichier système Windows.
    [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
    C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP624\A0099008.exe
    [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Vapsup.agf.2
    C:\WINDOWS\system32\drivers\sptd.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    Recherche débutant dans 'D:\' <DATA>
    D:\Documents and Settings\Kuro\Mes documents\Mes fichiers reçus 2\FIFA.09.Crackfix-RELOADED\rld-f09f.rar
    [AVERTISSEMENT] Une exception a été interceptée !
    [AVERTISSEMENT] Dans le module aecore.dll, une exception est survenue.
    Accès à la fonction AVEPROC_TestFile in file: \\?\D:\Documents and Settings\Kuro\Mes documents\Mes fichiers reçus 2\FIFA.09.Crackfix-RELOADED\rld-f09f.rar
    Description de l'erreur :ACCESS_VIOLATION
    EAX = 05CAA450 EBX = 02562AC8
    ECX = 05CAA444 EDX = 00000003
    ESI = 05DB0013 EDI = 02562ac4
    EIP = 014E1693 EBP = 01A10001
    ESP = 01A1E754 Flg = 00010283
    CS = 00000023 SS = 0000001B
    Recherche débutant dans 'M:\' <WD USB 2>
    Recherche débutant dans 'N:\' <My Passport>

    Début de la désinfection :
    C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP624\A0099008.exe
    [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Vapsup.agf.2
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a3d6d3b.qua' !


    Fin de la recherche : vendredi 15 mai 2009 15:24
    Temps nécessaire: 1:06:04 Heure(s)

    La recherche a été effectuée intégralement

    23899 Les répertoires ont été contrôlés
    616234 Des fichiers ont été contrôlés
    1 Des virus ou programmes indésirables ont été trouvés
    0 Des fichiers ont été classés comme suspects
    0 Des fichiers ont été supprimés
    0 Des virus ou programmes indésirables ont été réparés
    1 Les fichiers ont été déplacés dans la quarantaine
    0 Les fichiers ont été renommés
    2 Impossible de contrôler des fichiers
    616231 Fichiers non infectés
    12640 Les archives ont été contrôlées
    3 Avertissements
    2 Consignes
    85753 Des objets ont été contrôlés lors du Rootkitscan
    0 Des objets cachés ont été trouvés

    a c 267 8 Sécurité
    15 Mai 2009 15:39:36

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    Anonyme
    15 Mai 2009 15:48:14

    voilà le rapport combofix

    ComboFix 09-05-14.07 - Kuro 15/05/2009 15:44.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2046.1346 [GMT 2:00]
    Lancé depuis: d:\documents and settings\Kuro\Mes documents\Downloads\ComboFix.exe
    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\patchw32.dll
    c:\windows\system32\dumphive.exe
    c:\windows\system32\Ijl11.dll
    c:\windows\system32\Process.exe
    c:\windows\system32\SrchSTS.exe
    c:\windows\system32\temp#01.exe
    c:\windows\system32\tmp.reg
    c:\windows\system32\tmp90.tmp
    c:\windows\system32\tmp91.tmp
    c:\windows\system32\VCCLSID.exe
    c:\windows\system32\w32apiw.dll
    c:\windows\system32\WS2Fix.exe
    N:\Autorun.inf

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-15 au 2009-05-15 ))))))))))))))))))))))))))))))))))))
    .

    2009-05-15 12:10 . 2009-03-24 14:07 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys
    2009-05-15 12:10 . 2009-05-15 12:10 -------- d-----w c:\program files\Avira
    2009-05-15 12:10 . 2009-05-15 12:10 -------- d-----w d:\documents and settings\All Users\Application Data\Avira
    2009-05-15 12:06 . 2009-05-15 12:06 -------- d-----w c:\windows\LastGood
    2009-05-14 16:41 . 2009-05-14 18:45 -------- d-----w c:\program files\Ad-remover
    2009-05-14 13:44 . 2009-05-14 13:44 -------- d-----w d:\documents and settings\Kuro\Application Data\Malwarebytes
    2009-05-14 13:44 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
    2009-05-14 13:44 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
    2009-05-14 13:44 . 2009-05-14 13:44 -------- d-----w d:\documents and settings\All Users\Application Data\Malwarebytes
    2009-05-14 13:44 . 2009-05-14 13:44 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
    2009-05-14 13:09 . 2009-05-14 13:09 -------- d-----w C:\rsit
    2009-05-14 09:08 . 2009-05-14 09:08 -------- d-----w d:\documents and settings\Kuro\Application Data\Auslogics
    2009-05-14 09:08 . 2009-05-14 09:08 -------- d-----w c:\program files\Auslogics
    2009-05-13 16:25 . 2009-05-13 16:25 -------- d-----w d:\documents and settings\LocalService.AUTORITE NT.009\Application Data\X10 Commander
    2009-05-13 14:04 . 2009-05-13 14:04 -------- d-----w d:\documents and settings\LocalService.AUTORITE NT.009\Local Settings\Application Data\Google
    2009-05-13 14:04 . 2009-05-13 14:04 -------- d-----w d:\documents and settings\LocalService.AUTORITE NT.009\Local Settings\Application Data\Microsoft
    2009-05-13 14:04 . 2009-05-13 14:04 -------- d-sh--w d:\documents and settings\LocalService.AUTORITE NT.009
    2009-05-10 16:45 . 2009-05-13 14:01 -------- d-----w d:\documents and settings\NetworkService.AUTORITE NT.011\Local Settings\Application Data\Microsoft
    2009-05-10 16:45 . 2009-05-13 14:01 -------- d-s---w d:\documents and settings\NetworkService.AUTORITE NT.011
    2009-05-04 07:24 . 2009-05-04 07:24 -------- d-----w d:\documents and settings\NetworkService.AUTORITE NT.010\Local Settings\Application Data\Apple
    2009-04-16 16:03 . 2009-02-06 10:10 227840 ------w c:\windows\system32\dllcache\wmiprvse.exe
    2009-04-16 16:03 . 2009-03-06 14:20 286720 ------w c:\windows\system32\dllcache\pdh.dll
    2009-04-16 16:03 . 2009-02-09 11:23 111104 ------w c:\windows\system32\dllcache\services.exe
    2009-04-16 16:03 . 2009-02-09 10:53 401408 ------w c:\windows\system32\dllcache\rpcss.dll
    2009-04-16 16:03 . 2009-02-09 10:53 473600 ------w c:\windows\system32\dllcache\fastprox.dll
    2009-04-16 16:03 . 2009-02-06 10:39 35328 ------w c:\windows\system32\dllcache\sc.exe
    2009-04-16 16:03 . 2009-02-09 10:53 685568 ------w c:\windows\system32\dllcache\advapi32.dll
    2009-04-16 16:03 . 2009-02-09 10:53 735744 ------w c:\windows\system32\dllcache\lsasrv.dll
    2009-04-16 16:03 . 2009-02-09 10:53 453120 ------w c:\windows\system32\dllcache\wmiprvsd.dll
    2009-04-16 16:03 . 2009-02-09 10:53 739840 ------w c:\windows\system32\dllcache\ntdll.dll
    2009-04-16 16:03 . 2008-12-16 12:31 354304 ------w c:\windows\system32\dllcache\winhttp.dll
    2009-04-16 16:03 . 2008-04-21 21:15 219136 ------w c:\windows\system32\dllcache\wordpad.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-05-14 13:43 . 2006-09-15 00:02 -------- d-----w c:\program files\Fichiers communs\Adobe
    2009-05-14 13:40 . 2006-09-15 00:02 -------- d-----w c:\program files\Java
    2009-05-14 08:18 . 2008-12-09 23:18 410984 ----a-w c:\windows\system32\deploytk.dll
    2009-05-14 08:17 . 2004-09-23 16:12 85058 ----a-w c:\windows\system32\perfc00C.dat
    2009-05-14 08:17 . 2004-09-23 16:12 511154 ----a-w c:\windows\system32\perfh00C.dat
    2009-05-04 07:26 . 2008-12-19 23:42 -------- d-----w c:\program files\Safari
    2009-04-08 20:09 . 2006-09-28 23:41 -------- d-----w c:\program files\Google
    2009-04-02 19:27 . 2006-09-29 08:36 -------- d-----w c:\program files\Image-Line
    2009-03-30 15:38 . 2009-03-30 15:38 -------- d-----w c:\program files\Propellerhead02
    2009-03-19 14:02 . 2007-01-07 16:39 -------- d-----w c:\program files\adslTV
    2009-03-17 21:02 . 2008-01-25 14:32 8 ----a-w c:\windows\system32\nvModes.dat
    2009-03-06 14:20 . 2004-09-23 16:11 286720 ----a-w c:\windows\system32\pdh.dll
    2009-03-03 00:13 . 2004-09-23 16:11 826368 ----a-w c:\windows\system32\wininet.dll
    2009-02-20 17:10 . 2008-08-28 15:20 78336 ----a-w c:\windows\system32\ieencode.dll
    2007-01-22 23:17 . 2007-01-22 23:18 47104 ----a-w c:\program files\ATF-Cleaner.exe
    2005-06-26 14:32 . 2005-06-26 14:32 616448 --sha-r c:\windows\system32\cygwin1.dll
    2005-06-21 21:37 . 2005-06-21 21:37 45568 --sha-r c:\windows\system32\cygz.dll
    2007-01-19 12:58 . 2006-09-28 23:41 56 --sh--r c:\windows\system32\EEA054C8D5.sys
    2006-05-03 09:06 . 2008-10-18 15:42 163328 --sh--r c:\windows\system32\flvDX.dll
    2004-01-24 23:00 . 2004-01-24 23:00 70656 --sha-r c:\windows\system32\i420vfw.dll
    2007-01-19 12:58 . 2006-09-28 23:41 10022 --sha-w c:\windows\system32\KGyGaAvL.sys
    2007-02-21 10:47 . 2008-10-18 15:42 31232 --sh--r c:\windows\system32\msfDX.dll
    2008-03-16 12:30 . 2008-10-18 15:42 216064 --sh--r c:\windows\system32\nbDX.dll
    2006-01-12 23:23 . 2006-05-08 18:07 364032 --sha-r c:\windows\system32\suf2D4.tmp
    2005-01-17 23:26 . 2006-05-08 18:07 421888 --sha-r c:\windows\system32\suf2D5.tmp
    2005-11-25 20:22 . 2006-05-08 18:07 421888 --sha-r c:\windows\system32\suf2D6.tmp
    2005-11-25 20:39 . 2006-05-08 18:07 368640 --sha-r c:\windows\system32\suf2D7.tmp
    2003-08-19 08:20 . 2006-05-08 18:07 180224 --sha-r c:\windows\system32\suf2D8.tmp
    2005-02-28 12:16 . 2005-02-28 12:16 240128 --sha-r c:\windows\system32\x.264.exe
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-03-19 1267040]
    "{06663B56-0D73-4f9f-BCC5-4AA941470AFD}"= "c:\program files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL" [2008-03-17 61440]

    [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
    [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
    [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
    [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

    [HKEY_CLASSES_ROOT\clsid\{06663b56-0d73-4f9f-bcc5-4aa941470afd}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4}]
    2008-03-17 20:31 266240 ----a-w c:\program files\PandoBar\bar\1.bin\PANDOBAR.DLL

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4}"= "c:\program files\PandoBar\bar\1.bin\PANDOBAR.DLL" [2008-03-17 266240]

    [HKEY_CLASSES_ROOT\clsid\{e3ea4fd9-cade-4ae5-84f7-086eee888be4}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{E3EA4FD9-CADE-4AE5-84F7-086EEE888BE4}"= "c:\program files\PandoBar\bar\1.bin\PANDOBAR.DLL" [2008-03-17 266240]

    [HKEY_CLASSES_ROOT\clsid\{e3ea4fd9-cade-4ae5-84f7-086eee888be4}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-11-17 975360]
    "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-02 13680640]
    "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
    "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
    "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
    "Vade Retro Outlook Express"="c:\progra~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 310272]
    "DetectorApp"="c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
    "ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 24576]
    "EmailChecker"="c:\apps\EmailChecker\ech.exe" [2003-07-02 40960]
    "AWMON"="c:\progra~1\Lavasoft\AD-AWA~1\Ad-Watch.exe" [2004-09-16 538112]
    "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
    "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-07-09 36352]
    "RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2008-06-04 214560]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-02 86016]
    "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-02-10 15969280]
    "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-12-02 1657376]
    "WD Button Manager"="WDBtnMgr.exe" - c:\windows\system32\WDBtnMgr.exe [2006-09-28 335872]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    d:\documents and settings\Kuro\Mes documents\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-3-29 113664]

    d:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-3-29 113664]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]
    2006-01-30 06:53 49152 ----a-w c:\apps\Softex\OmniPass\OPXPGina.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
    "RealTray"=c:\program files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "c:\\Program Files\\BitSpirit\\BitSpirit.exe"=
    "c:\\Program Files\\adslTV\\adsltv.exe"=
    "c:\\Program Files\\eMule\\eMule.exe"=
    "c:\\Program Files\\Pando Networks\\Pando\\pando.exe"=
    "c:\\Program Files\\Podmailing\\podmailing.exe"=
    "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
    "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
    "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\MSN Messenger\\livecall.exe"=
    "d:\\Jeux\\Codemasters\\GRID\\GRID.exe"=
    "d:\\Jeux\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
    "d:\\Jeux\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
    "d:\\Jeux\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrB.exe"=
    "d:\\Jeux\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
    "d:\\Jeux\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
    "d:\\Jeux\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
    "c:\\Program Files\\Packet Tracer 5.0\\bin\\PacketTracer5.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "56445:TCP"= 56445:TCP:p ando P2P TCP Listening Port
    "56445:UDP"= 56445:UDP:p ando P2P UDP Listening Port
    "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [15/05/2009 14:10 108289]
    R2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [15/07/2007 03:37 27992]
    R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [12/09/2006 22:08 825600]
    R3 mfwagsif;MOTU Audio GSIF;c:\windows\system32\drivers\mfwagsif.sys [23/08/2006 17:18 17408]
    R3 mfwamidi;MOTU Audio MIDI;c:\windows\system32\drivers\MFWAMIDI.sys [23/08/2006 17:19 19968]
    R3 mfwawave;MOTU Audio Wave;c:\windows\system32\drivers\MFWAWave.sys [23/08/2006 17:18 27648]
    R3 motubus;MOTU Audio MIDI Extension;c:\windows\system32\drivers\motubus.sys [08/05/2006 09:20 15360]
    R3 MotuFWA;MotuFWA;c:\windows\system32\drivers\motufwa.sys [23/08/2006 17:17 251904]
    R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [12/09/2006 22:10 7040]
    S2 gupdate1c8c10e92d04a4b;Google Update Service (gupdate1c8c10e92d04a4b);c:\program files\Google\Update\GoogleUpdate.exe [14/07/2008 14:01 133104]
    S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [12/10/2008 14:44 33752]
    S3 SaiHFF0D;SaiHFF0D;c:\windows\system32\drivers\SaiHFF0D.sys [04/12/2006 17:47 176000]
    S3 SaiUFF0D;SaiUFF0D;c:\windows\system32\drivers\SaiUFF0D.sys [04/12/2006 17:47 27136]
    S4 Lbriauicac;Lbriauicac; [x]

    --- Autres Services/Pilotes en mémoire ---

    *NewlyCreated* - ANTIVIRSCHEDULERSERVICE
    *NewlyCreated* - ANTIVIRSERVICE
    *NewlyCreated* - AVGIO
    *NewlyCreated* - AVGNTFLT
    *NewlyCreated* - AVIPBB

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\N]
    \Shell\AutoRun\command - N:\WDSetup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b7efd646-d6ee-11dc-8f16-00173169e79b}]
    \Shell\AutoRun\command - M:\EasyCN.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
    .
    Contenu du dossier 'Tâches planifiées'

    2009-05-04 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

    2009-05-15 c:\windows\Tasks\GlaryInitialize.job
    - c:\program files\Glary Utilities\initialize.exe [2008-04-22 16:58]

    2009-05-15 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-05-28 17:07]

    2009-05-15 c:\windows\Tasks\GoogleUpdateTaskMachine.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2008-07-14 15:56]

    2009-05-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-734007298-3330273604-3312953743-1005.job
    - d:\documents and settings\Kuro\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-10-09 15:56]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    ShellIconOverlayIdentifiers-{9D1F87E7-4D72-41AB-9D57-D101A08F20E5} - (no file)
    HKLM-Run-avast! - c:\progra~1\ALWILS~1\Avast4\ashDisp.exe
    HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre1.5.0_04\bin\jusched.exe


    .
    ------- Examen supplémentaire -------
    .
    uStart Page = file:///C:/APPS/IE/offline/fr.htm
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: &Winamp Search - d:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    IE: Télécharger avec &BitSpirit - c:\program files\BitSpirit\bsurl.htm
    IE: ÓñÈÌؾ«ÁéÏÂÔØ(&B)
    Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    FF - ProfilePath - d:\documents and settings\Kuro\Application Data\Mozilla\Firefox\Profiles\tfx2h0gu.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
    FF - prefs.js: keyword.URL - hxxp://mystart.hiyo.com/?loc=ff_address&search=
    FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll
    FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
    FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-15 15:46
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-734007298-3330273604-3312953743-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:32,8d,3e,a2,43,be,34,09,8d,d2,82,eb,e4,24,ac,73,5d,63,e2,45,f1,85,d4,
    f3,2f,3a,04,a4,b8,c2,43,09,c3,de,a5,bc,69,74,b9,51,5f,82,be,bc,9b,a6,c2,e1,\
    "??"=hex:b3,05,6c,0f,cc,18,5f,f5,1e,57,43,aa,20,2d,64,98

    [HKEY_USERS\S-1-5-21-734007298-3330273604-3312953743-1005\Software\SecuROM\License information*]
    "datasecu"=hex:93,2e,02,57,3a,33,5d,99,70,73,4b,ae,7d,72,23,ff,7d,1f,42,6d,52,
    6d,55,35,45,3a,a8,f0,19,b2,14,26,72,33,7a,ad,9b,b2,70,4d,f2,be,a4,44,05,50,\
    "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

    [HKEY_LOCAL_MACHINE\software\Adobe\Premiere\7.0\DefaultPreset]
    @DACL=(02 0000)
    @="c:\\Program Files\\Adobe\\Premiere Pro\\Settings\\DV - NTSC\\Standard 48kHz.prpreset"

    [HKEY_LOCAL_MACHINE\software\Adobe\Premiere\7.0\Help]
    @DACL=(02 0000)
    "AdobeMediaEncoder"="c:\\Program Files\\Adobe\\Premiere Pro\\Help\\1_0_0_0.html"
    "Contents"="c:\\Program Files\\Adobe\\Premiere Pro\\Help\\1_0_0_0.html"
    "ExportToDVD"="c:\\Program Files\\Adobe\\Premiere Pro\\Help\\1_13_2_0.html"
    "HowToUse"="c:\\Program Files\\Adobe\\Premiere Pro\\Help\\0_0_0_0.html"
    "Keyboard"="c:\\Program Files\\Adobe\\Premiere Pro\\Help\\1_4_15_0.html"
    "Search"="c:\\Program Files\\Adobe\\Premiere Pro\\Help\\search.html"
    "Support"="http://www.adobe.com/support/products/premiere.html"

    [HKEY_LOCAL_MACHINE\software\MOSS\W*i*n*d*o*w*s*Hr÷–û–b!\{6A36DFA4-83F5-FC67-DDB2-0AD22AB03E71}]
    "DesktopFolder"="d:\\Documents and Settings\\All Users\\Bureau\\"
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(824)
    c:\apps\Softex\OmniPass\opxpgina.dll
    .
    Heure de fin: 2009-05-15 15:47
    ComboFix-quarantined-files.txt 2009-05-15 13:46
    ComboFix2.txt 2008-01-07 23:07

    Avant-CF: 5 871 828 992 octets libres
    Après-CF: 5 851 459 584 octets libres

    Current=1 Default=1 Failed=0 LastKnownGood=3 Sets=,1,2,3
    285 --- E O F --- 2009-05-14 22:10
    a c 267 8 Sécurité
    15 Mai 2009 19:23:57

    Des changements ?
    Anonyme
    15 Mai 2009 20:47:52

    oui, il y a des changements! et je t en remercie! cependant, qd je lance par exemple chrome de google ça prend encore un ptit temps ( moins qu avant ) et qd je lance la defrag de microsoft ça prend encore du temps mais j arrive a defragmenter ( ce ne sont que des exemples hein) alors que je n y arrivais pas avant ( donc y a grave du mieux!) mais c est pas encore ça si tu vois ce que je veux dire
    a c 267 8 Sécurité
    15 Mai 2009 20:55:33

    Tente une défragmentation avec Defraggler.
    Anonyme
    15 Mai 2009 20:58:01

    ok, je finis la defrag de windows et apres je le fais avec defraggler. je te tiens au courant de la suite! serieux merci !!
    Anonyme
    15 Mai 2009 22:49:18

    bon bé pas de changement apres defrag. je viens de lancer defrag crosoft ça bouge pas, j ai les meme problemes.. la fenetre s ouvre mais ça prend des plombes avant que ça ne veuille venir. y a du mieux dans la rapidite d execution mais ça bleme encore.. as tu une idee? as tu des questions?
    a c 267 8 Sécurité
    16 Mai 2009 11:59:07

    1/

  • Désinstalle HijackThis.
  • Menu Démarrer > Exécuter > Tape combofix /u et valide.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
  • Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).
    Anonyme
    18 Mai 2009 11:05:20

    salut

    c fait je te poste le rapport:

    [ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    D:\_OtMoveIt: trouvé !
    D:\Documents and Settings\Kuro\Mes documents\Downloads\HijackThis.exe: trouvé !
    D:\Documents and Settings\Kuro\Mes documents\Downloads\Ad-R.exe: trouvé !
    D:\Documents and Settings\Kuro\Mes documents\Downloads\hijackthis.log: trouvé !
    D:\Documents and Settings\Kuro\Mes documents\Downloads\OTMoveIt3.exe: trouvé !
    D:\Documents and Settings\Kuro\Mes documents\Downloads\Rsit.exe: trouvé !
    D:\Documents and Settings\Kuro\Mes documents\Medialink\SmitFraudfix: trouvé !
    D:\Documents and Settings\Kuro\Mes documents\Medialink\SmitfraudFix\SmitFraudFix.zip: trouvé !

    ---------------------------------
    --> Suppression:

    D:\Documents and Settings\Kuro\Mes documents\Downloads\HijackThis.exe: supprimé !
    D:\Documents and Settings\Kuro\Mes documents\Downloads\Ad-R.exe: supprimé !
    D:\Documents and Settings\Kuro\Mes documents\Medialink\SmitfraudFix\SmitFraudFix.zip: supprimé !
    D:\Documents and Settings\Kuro\Mes documents\Downloads\hijackthis.log: supprimé !
    D:\Documents and Settings\Kuro\Mes documents\Downloads\OTMoveIt3.exe: supprimé !
    D:\Documents and Settings\Kuro\Mes documents\Downloads\Rsit.exe: supprimé !
    D:\_OtMoveIt: supprimé !
    D:\Documents and Settings\Kuro\Mes documents\Medialink\SmitFraudfix: supprimé !

    Corbeille vidée!
    Fichiers temporaires nettoyés !
    a c 267 8 Sécurité
    18 Mai 2009 11:38:38

    Des changements ?
    Anonyme
    18 Mai 2009 11:48:02

    je redemarre la bete et je te tiens au courant!
    Anonyme
    18 Mai 2009 15:02:34

    bon bé pas de neuf .. je comprend pas

    au demarrage j ai encore un noir de 2 min entre l affichage "packarbell" et le demarrage de windows

    ensuite, quand tout est normalement demarré, le lance chrome, ça prend 1 a 2 minutes. une fois que c est lancé ça tourne. sinon je remarque que c est que certaines appli qui merdent , la par exemple, je lance reason, ça prend des plombes, la defrag pareil .. par contre vlc c ok, foobar2000 c est ok..

    je ne comprend vraiment pas ..
    a c 267 8 Sécurité
    18 Mai 2009 15:54:06

    Au pire, tu peux remettre le PC comme s'il était neuf avec tes Masters CD/DVD.
    Anonyme
    18 Mai 2009 16:03:28

    ce que je voulais eviter a tout prix..

    m est il possible de reparer a partir du cd master ?

    devrais je reinstaller drivers applications etc etc ?
    a c 267 8 Sécurité
    18 Mai 2009 16:19:31

    Réparer, je ne sais plus (J'ai eu deux PC Packard Bell).
    Anonyme
    18 Mai 2009 16:56:17

    ok! merci encore beaucoup pour ton aide

    je vais tenter le dvd master!

    Anonyme
    26 Mai 2009 12:21:25

    bé ecoute, j ai installé la derniere version de google chrome , la 2.0, et ça a lair d etre revenu comme avant ... vraiment etrange
    a c 267 8 Sécurité
    27 Mai 2009 06:46:42

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Supprimer les popups d'AntiVir : Lien

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    Si tu estimes que ton problème est résolu :

    ---> Ajoute maintenant [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Rajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS