Votre question

[Résolu] Des pop-ups qui s'ouvrent tout le temps...

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
6 Février 2009 22:44:10

Bonjour,

Depuis quelques temps, dès qu'on ouvre internet, des pop-ups apparaissent, souvent en rapport avec des jeux, des casinos... (mon père a télécharger quelques logiciels de casino (32vegas.com) mais on les a tous effacés, est-ce que ça peut quand-même être dû à ça ?)
J'aimerais savoir comment on peut se débarrasser de ces pop-ups, s'il y a un logiciel car j'ai le pop-up blocker de google mais ça marche pas) ou si ça peut carrément être dû à un virus... parce que desfois elles s'ouvrent même quand personne n'est sur l'ordi.

Quelqu'un peut m'aider ?

Autres pages sur : resolu pop ups ouvrent temps

a c 295 8 Sécurité
6 Février 2009 22:54:20

Salut,

Oui, tu es infecté.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparait à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit\.
    m
    0
    l
    6 Février 2009 23:02:20

    Merci de ta répose.

    Rapport du fichier "log" :

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Angelini at 2009-02-06 23:00:35
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 6 GB (21%) free of 29 GB
    Total RAM: 511 MB (31% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:00:51, on 06/02/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
    C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe
    C:\windows\system32\ywewy.exe
    C:\Program Files\P2Pcontrol\p2control.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\sony\giga pocket\shwserv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\sony\giga pocket\RM_SV.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Angelini\Bureau\RSIT.exe
    C:\Program Files\trend micro\Angelini.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.estvideo.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
    R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
    O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
    O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
    O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NI.UWFX5V_0001_N57M1212] "C:\Documents and Settings\Angelini\Local Settings\Temporary Internet Files\Content.IE5\0JKCMEO7\WinFixer2005ScannerInstallFRA[1].exe" -nag
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
    O4 - HKLM\..\Run: [AppInstaller] C:\Program Files\Sony\VAIO Application Recovery Utility\InstExec.exe -W30
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe"
    O4 - HKLM\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [ywewy] "c:\windows\system32\ywewy.exe" ywewy
    O4 - HKLM\..\Run: [P2Pcontrol] C:\Program Files\P2Pcontrol\p2control.exe
    O4 - HKLM\..\Run: [Bat Wave Base Dale] C:\Documents and Settings\All Users\Application Data\Link Axis Bat Wave\active mail.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\RunOnce: [delus] C:\DOCUME~1\Angelini\LOCALS~1\Temp\delus.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
    O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
    O4 - HKCU\..\Run: [svchost] C:\WINDOWS\svchost.exe
    O4 - HKCU\..\Run: [WinButler] C:\Documents and Settings\Angelini\Application Data\WinButler\WinButler.exe
    O4 - HKCU\..\Run: [SfKg6wIPu] C:\Documents and Settings\Angelini\Application Data\Microsoft\Windows\rayio.exe
    O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SC4.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Idlebuild] C:\DOCUME~1\Angelini\APPLIC~1\SCRMAI~1\LiveHtmBold.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
    O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O9 - Extra button: Carnival Casino - {776883A9-1EA8-4d8f-88B7-AA652FEF01A7} - C:\Casino\Carnival Casino\casino.exe (file missing)
    O9 - Extra 'Tools' menuitem: Carnival Casino - {776883A9-1EA8-4d8f-88B7-AA652FEF01A7} - C:\Casino\Carnival Casino\casino.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office12\REFIEBAR.DLL
    O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
    O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.estvideo.com/
    O15 - Trusted Zone: *.sony-europe.com
    O15 - Trusted Zone: *.sonystyle-europe.com
    O15 - Trusted Zone: *.vaio-link.com
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www8.photoweb.fr/telechargement/Photoweb_uploade...
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld...
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.ca...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://gelatigelati68.spaces.live.com/PhotoUpload/MsnPU...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPl...
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://assets.photobox.com/assets/aurigma/ImageUploader...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
    O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.fotodiscount.com/aurigma/ImageUploader4.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O21 - SSODL: rdihost - {A812C25C-9D78-4480-8BE3-BFD22AB0A567} - rdihost.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\sony\giga pocket\shwserv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\sony\giga pocket\halsv.exe
    O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\sony\giga pocket\RM_SV.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

    --
    End of file - 16115 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\A8E0E5EA91DB9716.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
    Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2008-12-13 1784856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-29 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-29 251504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-29 657904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-29 522224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-29 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-29 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-21 399424]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624]
    {D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-04-01 352256]
    {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll [2008-04-03 265360]
    {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]
    {1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2008-12-13 1784856]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-29 251504]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "ezShieldProtector for Px"=C:\WINDOWS\System32\ezSP_Px.exe [2002-08-20 40960]
    "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-07-22 88361]
    "ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-07-06 335872]
    "NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-04-02 4616192]
    "nwiz"=nwiz.exe /installquiet []
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-29 136600]
    "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]
    "NI.UWFX5V_0001_N57M1212"=C:\Documents and Settings\Angelini\Local Settings\Temporary Internet Files\Content.IE5\0JKCMEO7\WinFixer2005ScannerInstallFRA[1].exe -nag []
    "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe []
    "OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe [2005-11-29 40960]
    "AppInstaller"=C:\Program Files\Sony\VAIO Application Recovery Utility\InstExec.exe -W30 []
    "SsAAD.exe"=C:\PROGRA~1\sony\SONICS~1\SsAAD.exe [2006-01-07 81920]
    "Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]
    "Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]
    "KiweeHook"=C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe [2008-04-03 56456]
    "brastk"=C:\WINDOWS\system32\brastk.exe []
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "ywewy"=c:\windows\system32\ywewy.exe [2009-01-19 275456]
    "P2Pcontrol"=C:\Program Files\P2Pcontrol\p2control.exe [2009-01-26 159744]
    "Bat Wave Base Dale"=C:\Documents and Settings\All Users\Application Data\Link Axis Bat Wave\active mail.exe [2009-02-06 790528]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "delus"=C:\DOCUME~1\Angelini\LOCALS~1\Temp\delus.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "WOOKIT"=C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe []
    "Cld2000.exe"=C:\Program Files\Calendrier\Cld2000.exe []
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe []
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2008-12-29 190024]
    "OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe [2005-11-29 57344]
    "svchost"=C:\WINDOWS\svchost.exe []
    "WinButler"=C:\Documents and Settings\Angelini\Application Data\WinButler\WinButler.exe []
    "SfKg6wIPu"=C:\Documents and Settings\Angelini\Application Data\Microsoft\Windows\rayio.exe []
    ""= []
    "EPSON Stylus DX8400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [2007-04-12 182272]
    "SVCHOST.EXE"=C:\WINDOWS\system32\drivers\svchost.exe []
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-29 39408]
    "Idlebuild"=C:\DOCUME~1\Angelini\APPLIC~1\SCRMAI~1\LiveHtmBold.exe [2009-02-02 614400]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

    C:\Documents and Settings\Angelini\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="wbsys.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
    C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll [2001-12-20 24576]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
    rdihost - {A812C25C-9D78-4480-8BE3-BFD22AB0A567} - rdihost.dll []

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=95000000

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe"="C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe:*:Enabled:MessengerDiscovery Live the Windows Live Messenger addon"
    "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
    "C:\Program Files\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza"
    "C:\Program Files\Real\RealOne Player\realplay.exe"="C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player"
    "D:\Mélanie\Mélanie images\Jeux\playstation\ePSXe 1_6_0 Fr\ePSXe.exe"="D:\Mélanie\Mélanie images\Jeux\playstation\ePSXe 1_6_0 Fr\ePSXe.exe:*:Enabled:ePSXe"
    "D:\alberto.angelini\Phone\Skype.exe"="D:\alberto.angelini\Phone\Skype.exe:*:Enabled:Skype"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\WINDOWS\system32\drivers\svchost.exe"="C:\WINDOWS\system32\drivers\svchost.exe:*:D isabled:svchost"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\P2Pcontrol\p2control.exe"="C:\Program Files\P2Pcontrol\p2control.exe:*:Enabled:p 2Control"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    ======File associations======

    .reg - edit -
    .reg - open - c:\Winnt\Regedit.exe %1

    ======List of files/folders created in the last 3 months======

    2009-02-06 23:00:35 ----D---- C:\rsit
    2009-02-06 22:31:10 ----D---- C:\Program Files\BHODemon 2
    2009-02-06 22:10:20 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2009-02-06 21:00:44 ----DC---- C:\Documents and Settings\All Users\Application Data\ma-config.com
    2009-02-06 21:00:44 ----D---- C:\Program Files\ma-config.com
    2009-02-03 16:56:02 ----D---- C:\Program Files\Intel Desktop Board
    2009-02-02 10:47:38 ----D---- C:\Program Files\scr mail team
    2009-02-02 10:33:04 ----D---- C:\Program Files\P2Pcontrol
    2009-02-02 10:32:41 ----DC---- C:\Documents and Settings\All Users\Application Data\Link Axis Bat Wave
    2009-02-02 10:32:31 ----D---- C:\Program Files\WinZix
    2009-02-02 10:32:24 ----D---- C:\Documents and Settings\Angelini\Application Data\scr mail team
    2009-01-28 09:54:20 ----D---- C:\Program Files\Mystery Case Files - Return to Ravenhearst
    2009-01-20 19:34:42 ----D---- C:\Program Files\Windows Live Safety Center
    2009-01-19 14:40:13 ----A---- C:\WINDOWS\system32\ywewy.exe
    2009-01-14 22:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-01-14 22:36:52 ----A---- C:\WINDOWS\system32\MRT.INI
    2008-12-31 16:07:40 ----D---- C:\Program Files\avijoin
    2008-12-30 20:52:49 ----D---- C:\Program Files\Freeze.com
    2008-12-30 20:52:49 ----A---- C:\WINDOWS\vorbisfile.dll
    2008-12-30 20:52:49 ----A---- C:\WINDOWS\vorbis.dll
    2008-12-30 20:52:49 ----A---- C:\WINDOWS\ogg.dll
    2008-12-29 18:47:57 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-12-29 18:47:57 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-12-29 18:47:57 ----A---- C:\WINDOWS\system32\java.exe
    2008-12-29 18:47:57 ----A---- C:\WINDOWS\system32\deploytk.dll
    2008-12-29 18:25:21 ----A---- C:\WINDOWS\system32\winscenter.exe
    2008-12-29 18:25:11 ----A---- C:\WINDOWS\vmreg.dll
    2008-12-29 18:25:11 ----A---- C:\WINDOWS\reged.exe
    2008-12-29 18:25:10 ----A---- C:\WINDOWS\sysexplorer.exe
    2008-12-29 18:25:10 ----A---- C:\WINDOWS\syscert.exe
    2008-12-29 18:25:10 ----A---- C:\WINDOWS\sys.com
    2008-12-29 18:25:10 ----A---- C:\WINDOWS\spoolsystem.exe
    2008-12-29 18:25:09 ----D---- C:\Program Files\Spyware Guard 2008
    2008-12-29 18:24:55 ----A---- C:\WINDOWS\system32\TDSSlxwp.dll
    2008-12-29 18:24:46 ----A---- C:\WINDOWS\system32\TDSSxfum.dll
    2008-12-29 18:24:44 ----A---- C:\WINDOWS\system32\TDSSriqp.dll
    2008-12-29 18:24:42 ----A---- C:\WINDOWS\system32\TDSSbrsr.dll
    2008-12-29 18:24:21 ----A---- C:\WINDOWS\system32\TDSSoiqh.dll
    2008-12-28 16:42:42 ----D---- C:\Program Files\Windows Live
    2008-12-24 11:21:09 ----D---- C:\Program Files\MSN Apps
    2008-12-24 11:20:05 ----D---- C:\Program Files\Avira
    2008-12-24 11:20:04 ----D---- C:\Program Files\AntivirusPro2009
    2008-12-24 11:20:04 ----D---- C:\Documents and Settings\All Users\Application Data\Avira(2)
    2008-12-24 11:20:04 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2008-12-17 18:34:42 ----D---- C:\Program Files\Microsoft
    2008-12-17 18:22:47 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2008-12-11 21:46:26 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
    2008-12-11 21:42:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2008-12-11 21:42:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2008-12-11 21:42:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2008-12-02 22:37:20 ----A---- C:\WINDOWS\system32\sirenacm.dll
    2008-11-17 17:29:18 ----D---- C:\Program Files\Conduit
    2008-11-17 17:29:17 ----D---- C:\Program Files\Freecorder
    2008-11-17 17:20:47 ----D---- C:\WINDOWS\Freecorder Toolbar
    2008-11-17 17:20:46 ----D---- C:\Program Files\Freecorder Toolbar
    2008-11-17 17:20:42 ----A---- C:\WINDOWS\Freecorder Toolbar Setup Log.txt
    2008-11-12 17:40:08 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2008-11-12 17:39:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
    2008-11-12 17:38:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2008-11-10 18:11:30 ----A---- C:\WINDOWS\system32\tmp.txt
    2008-11-10 18:11:23 ----A---- C:\rapport.txt
    2008-11-10 18:11:05 ----A---- C:\WINDOWS\system32\o4Patch.exe
    2008-11-10 18:11:05 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
    2008-11-10 18:11:05 ----A---- C:\WINDOWS\system32\404Fix.exe
    2008-11-10 18:11:04 ----A---- C:\WINDOWS\system32\WS2Fix.exe
    2008-11-10 18:11:04 ----A---- C:\WINDOWS\system32\VCCLSID.exe
    2008-11-10 18:11:04 ----A---- C:\WINDOWS\system32\VACFix.exe
    2008-11-10 18:11:04 ----A---- C:\WINDOWS\system32\swxcacls.exe
    2008-11-10 18:11:04 ----A---- C:\WINDOWS\system32\swsc.exe
    2008-11-10 18:11:04 ----A---- C:\WINDOWS\system32\swreg.exe
    2008-11-10 18:11:04 ----A---- C:\WINDOWS\system32\SrchSTS.exe
    2008-11-10 18:11:04 ----A---- C:\WINDOWS\system32\Process.exe
    2008-11-10 18:11:04 ----A---- C:\WINDOWS\system32\IEDFix.exe
    2008-11-10 18:11:04 ----A---- C:\WINDOWS\system32\dumphive.exe
    2008-11-10 17:58:10 ----A---- C:\WINDOWS\ntbtlog.txt
    2008-11-10 13:55:39 ----A---- C:\WINDOWS\Sysvxd.exe
    2008-11-10 12:12:43 ----DC---- C:\Documents and Settings\All Users\Application Data\Grisoft
    2008-11-10 11:42:13 ----A---- C:\Program Files\Fichiers communs\yrav.vbs
    2008-11-10 11:23:08 ----A---- C:\WINDOWS\opeq.bat
    2008-11-10 11:23:07 ----A---- C:\WINDOWS\sugoha.bat
    2008-11-10 11:23:07 ----A---- C:\Documents and Settings\Angelini\Application Data\fytoh.com
    2008-11-10 10:50:12 ----A---- C:\WINDOWS\system32\wini10891.exe

    ======List of files/folders modified in the last 3 months======

    2009-02-06 23:00:51 ----D---- C:\Program Files\Trend Micro
    2009-02-06 23:00:23 ----D---- C:\WINDOWS\Prefetch
    2009-02-06 22:31:10 ----RD---- C:\Program Files
    2009-02-06 22:19:32 ----D---- C:\Program Files\Mozilla Thunderbird
    2009-02-06 22:10:43 ----D---- C:\WINDOWS\system32\drivers
    2009-02-06 22:10:40 ----D---- C:\WINDOWS\system32
    2009-02-06 21:37:50 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-02-06 21:37:49 ----D---- C:\WINDOWS\Temp
    2009-02-06 21:36:24 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-02-06 21:33:39 ----D---- C:\WINDOWS
    2009-02-06 21:01:17 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-02-06 21:01:10 ----SHD---- C:\WINDOWS\Installer
    2009-02-06 21:01:03 ----DC---- C:\Config.Msi
    2009-02-06 20:59:58 ----HD---- C:\WINDOWS\inf
    2009-02-06 20:47:46 ----D---- C:\Documents and Settings\Angelini\Application Data\EPSON
    2009-02-06 20:31:24 ----D---- C:\Documents and Settings\Angelini\Application Data\OpenOffice.org2
    2009-02-03 11:26:30 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-02-02 11:19:33 ----D---- C:\games
    2009-02-02 10:48:32 ----SD---- C:\WINDOWS\Tasks
    2009-02-02 10:33:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-01-31 12:24:40 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-01-29 17:09:00 ----D---- C:\Documents and Settings\Angelini\Application Data\DivX
    2009-01-28 10:35:30 ----DC---- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
    2009-01-28 09:49:24 ----D---- C:\Program Files\bfgclient
    2009-01-24 09:59:35 ----D---- C:\Documents and Settings\Angelini\Application Data\AdobeUM
    2009-01-15 19:24:45 ----SD---- C:\Documents and Settings\Angelini\Application Data\Microsoft
    2009-01-14 22:37:30 ----HD---- C:\WINDOWS\$hf_mig$
    2009-01-14 22:37:29 ----D---- C:\WINDOWS\system32\CatRoot
    2009-01-14 14:14:43 ----D---- C:\Program Files\DivX
    2009-01-11 13:03:28 ----D---- C:\WINDOWS\Debug
    2009-01-10 02:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-01-09 15:47:19 ----A---- C:\WINDOWS\imsins.BAK
    2009-01-09 15:45:33 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-01-09 10:33:36 ----D---- C:\Program Files\epson
    2009-01-04 19:24:41 ----RASH---- C:\boot.ini
    2009-01-04 19:24:41 ----A---- C:\WINDOWS\win.ini
    2009-01-04 19:24:41 ----A---- C:\WINDOWS\System.ini
    2009-01-02 09:22:15 ----D---- C:\WINDOWS\pss
    2008-12-30 15:56:51 ----D---- C:\Program Files\Messenger Plus! Live
    2008-12-29 18:36:04 ----D---- C:\WINDOWS\system32\config
    2008-12-29 18:35:39 ----D---- C:\WINDOWS\system32\wbem
    2008-12-29 18:35:39 ----D---- C:\WINDOWS\Registration
    2008-12-29 18:24:15 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2008-12-29 16:47:08 ----D---- C:\WINDOWS\Lhsp
    2008-12-29 15:17:12 ----D---- C:\Program Files\Java
    2008-12-29 15:14:55 ----D---- C:\Program Files\Google
    2008-12-29 13:30:31 ----DC---- C:\Documents and Settings\All Users\Application Data\Google
    2008-12-29 09:50:58 ----D---- C:\Program Files\MessengerPlus! 3
    2008-12-28 16:48:21 ----D---- C:\Program Files\MSECache
    2008-12-28 16:45:21 ----D---- C:\WINDOWS\WinSxS
    2008-12-28 16:42:26 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-12-27 19:25:22 ----D---- C:\Documents and Settings\Angelini\Application Data\Google
    2008-12-26 14:18:06 ----D---- C:\WINDOWS\network diagnostic
    2008-12-25 20:26:07 ----DC---- C:\Documents and Settings\All Users\Application Data\Kiwee Toolbar2
    2008-12-24 13:42:11 ----AC---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt
    2008-12-24 11:21:19 ----D---- C:\WINDOWS\system32\DirectX
    2008-12-24 11:21:12 ----D---- C:\Program Files\Messenger
    2008-12-22 21:26:13 ----D---- C:\Program Files\Windows Media Connect 2
    2008-12-22 21:26:11 ----D---- C:\Program Files\PC Inspector File Recovery
    2008-12-18 22:56:18 ----D---- C:\WINDOWS\ie7updates
    2008-12-18 18:49:31 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2008-12-17 18:36:49 ----RSD---- C:\WINDOWS\assembly
    2008-12-17 18:22:47 ----D---- C:\Program Files\Fichiers communs
    2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll
    2008-12-11 21:46:06 ----D---- C:\Program Files\Internet Explorer
    2008-12-11 21:41:20 ----DC---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-12-10 18:38:12 ----D---- C:\Casino
    2008-11-23 10:31:14 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-23 09:58:38 ----D---- C:\WINDOWS\system32\Macromed
    2008-11-20 12:37:25 ----D---- C:\WINDOWS\Help
    2008-11-19 19:50:55 ----RSD---- C:\WINDOWS\Fonts
    2008-11-12 16:51:09 ----D---- C:\WINDOWS\ShellNew
    2008-11-12 16:51:08 ----RD---- C:\WINDOWS\Web
    2008-11-10 18:26:27 ----SHD---- C:\System Volume Information
    2008-11-10 18:26:27 ----D---- C:\WINDOWS\system32\Restore
    2008-11-10 15:50:44 ----D---- C:\Program Files\WebMediaPlayer
    2008-11-10 15:47:27 ----D---- C:\Program Files\ShoppingReport
    2008-11-08 15:26:58 ----D---- C:\Documents and Settings\Angelini\Application Data\MegauploadToolbar
    2008-11-07 20:54:18 ----A---- C:\WINDOWS\MegaManager.INI

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
    R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
    R1 DMICall;Sony DMI Call service; C:\WINDOWS\System32\DRIVERS\DMICall.sys [2000-12-05 3952]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
    R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-30 12032]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-10-12 21419]
    R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
    R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2002-08-30 63232]
    R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2002-08-30 55936]
    R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
    R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
    R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2004-07-22 1268234]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2003-03-04 145408]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-04-11 20496]
    R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-04-11 63248]
    R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
    R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
    R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-04-11 79376]
    R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-04-02 1265130]
    R3 ovt530;Webcam Deluxe; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
    R3 smrt;Sony MPEG RealTime encoder board; C:\WINDOWS\System32\DRIVERS\smrt.sys [2003-07-15 761472]
    R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-17 578752]
    R3 USB_RNDIS;USB Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
    S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
    S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    S1 lusbaudio;Microphone USB Logitech; C:\WINDOWS\system32\drivers\OVSound2.sys [2001-08-17 25216]
    S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
    S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
    S3 a42f250e;a42f250e; C:\WINDOWS\system32\drivers\a42f250e.sys []
    S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
    S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
    S3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-07-06 587264]
    S3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    S3 BCM43XX;Wireless-G PCI Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2003-07-17 265728]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 QCAbsee;QuickCam Web Logitech (0801); C:\WINDOWS\system32\DRIVERS\OVCA.sys [2001-08-17 25088]
    S3 RT2500USB;DWL-G122(rev.B) USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys []
    S3 RT73;Hercules Wireless USB Dongle Driver ; C:\WINDOWS\system32\DRIVERS\rt73.sys []
    S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-10-01 162304]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-05-23 80272]
    S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-05-23 10864]
    S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-05-23 137884]
    S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Giga Pocket Hardware Detector;Giga Pocket Hardware Detector; C:\Program Files\sony\giga pocket\shwserv.exe [2003-07-07 77824]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-29 152984]
    R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-04-02 69632]
    R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R3 Sony TV Tuner Manager;Sony TV Tuner Manager; C:\Program Files\sony\giga pocket\RM_SV.exe [2003-07-07 90112]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]
    S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-04-24 72704]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2006-04-14 69120]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-29 137200]
    S3 InstallShield Licensing Service;InstallShield Licensing Service; C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe [2007-02-02 69632]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-01-24 216232]
    S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe [2005-11-24 53337]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe [2005-11-24 53337]
    S3 Sony TV Tuner Controller;Sony TV Tuner Controller; C:\Program Files\sony\giga pocket\halsv.exe [2003-07-07 118784]
    S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2005-11-24 69718]
    S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe [2006-01-06 69632]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

    -----------------EOF-----------------



    Rapport du fichier "info" :

    info.txt logfile of random's system information tool 1.05 2009-02-06 23:00:57

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->Dummy
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x40c UNINSTALL
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93B80FB1-7A23-11D3-B250-00105A1F4184}\setup.exe"
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0019-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
    ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
    AbiWord 2.4.6 (remove only)-->C:\Program Files\AbiSuite2\UninstallAbiWord2.exe
    AbsoluCasino-->D:\\Uninst.exe /uGfedEurofr18F
    Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
    Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
    Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
    Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
    Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-2E257A25E34D}
    Adobe Premiere 6 LE-->C:\Program Files\Adobe\Premiere 6 LE\UNINST.EXE -f"C:\Program Files\Adobe\Premiere 6 LE\DeIsL1.isu" -c"C:\Program Files\Adobe\Premiere 6 LE\Uninst.dll"
    Adobe Reader 7.0.9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
    Agere Systems AC'97 Modem-->agrsmdel
    Antivirus Pro 2009-->C:\Program Files\AntivirusPro2009\Uninstall.exe
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
    ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    AVI Joiner-->"C:\Program Files\avijoin\unins000.exe"
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\setup.exe /REMOVE
    AxCrypt (Désinstaller uniquement)-->"C:\Program Files\Axon Data\AxCrypt\AxCryptU.exe"
    Barre d'outils MSN-->C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\mtbs.exe c
    BaZik-->C:\WINDOWS\unin040c.exe -fC:\Delemme\BaZik\DeIsL1.isu -cC:\Delemme\BaZik\_ISREG32.DLL
    Bazooka Scanner-->"C:\Program Files\Bazooka Scanner\Uninstall.exe" "C:\Program Files\Bazooka Scanner\install.log"
    Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
    Bink and Smacker-->C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG
    Burn4Free CD and DVD-->"D:\Burn4Free\uninstall.exe"
    Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}\SETUP.EXE" -l0x40c UNINST
    Canon MP Toolbox 4.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4669544E-20E4-4E56-8B44-2E6E1200051F}\Setup.exe" -l0x40c -Uninstall
    CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    CyberGestion-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C964A549-C74A-11D3-B88A-00A0C9379093}\setup.exe"
    Dance eJay 7 Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D74C204-0451-463E-8B8E-F2E11504A675}\setup.exe" -l0x40c -removeonly
    DeepBurner v1.8.0.224-->"C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log"
    Digimax Viewer 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A20EF228-8545-45D8-8E2E-6D067948727E}\Setup.exe"
    Diner Dash Flo on the Go-->"C:\Program Files\Diner Dash Flo on the Go\Uninstall.exe"
    Diner Dash fr-->"C:\Program Files\BoontyGames\Diner Dash\unins000.exe"
    Diner Dash Hometown Hero-->"C:\Program Files\Diner Dash Hometown Hero\ReflexiveArcade\unins000.exe"
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Easy-TV-->"C:\Program Files\Easy-TV\uninstall.exe"
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Enregistrement en ligne VAIO (Français)-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{668B1BD6-4593-4959-970E-249AFFE6F35C} /l1036
    EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
    EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
    EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}\SETUP.EXE" -l0x40c UNINST
    EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x40c UNINST
    EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
    EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
    EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel-->C:\Program Files\EPSON\TPMANUAL\ES_CX_DX\FRA\USE_G\DOCUNINS.EXE
    EZface ActiveX 208-->C:\PROGRA~1\EZFace\ActiveX\uninst.bat 208 C:\PROGRA~1\EZFace\ActiveX
    Favorit-->"c:\windows\system32\ywewy.exe" -uninstall
    Finale NotePad 2008-->C:\Program Files\Finale NotePad 2008\uninstallNP.exe
    FL Studio 7-->C:\Program Files\Image-Line\FL Studio 7\uninstall.exe
    Freecorder Toolbar 3.02 Application-->"C:\WINDOWS\Freecorder Toolbar\uninstall.exe" "/U:C:\Program Files\Freecorder Toolbar\Uninstall\uninstall.xml"
    Freecorder Toolbar-->C:\PROGRA~1\FREECO~2\UNWISE.EXE C:\PROGRA~1\FREECO~2\INSTALL.LOG
    Giga Pocket 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B37D327-29D4-450C-A60A-946DB54E9DA9}\Setup.exe" -l0x40c
    Giga Pocket Demo Movie-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5F2CE2DD-5119-4860-9E46-6A0129A34FF1}\Setup.exe"
    Giga Pocket Hardware Library 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13031987-D1A5-4BED-99CF-327B6E8DBEBC}\setup.exe"
    Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
    GTK+ 2.10.6-1 runtime environment-->"D:\gtk\setup\unins000.exe"
    Guide Routier France et Europe-->C:\PROGRA~1\ANUMAN~1\GUIDER~1\UNWISE.EXE C:\PROGRA~1\ANUMAN~1\GUIDER~1\INSTALL.LOG
    HDGraph-->MsiExec.exe /I{2AF12739-9725-4817-902A-1DF0FC270C1B}
    Hercules WebCam Station-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D208F4A7-6B73-4C2A-8B1E-8756FCBA831E}\Setup.exe" -l0x40c
    Hercules Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}\Setup.exe" -l0x40c
    HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Icy Tower v1.3.1-->"c:\games\icytower1.3\unins000.exe"
    IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
    ImageMixer VCD/DVD2 for OLYMPUS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}\Setup.exe" -l0x40c UNINSTALL
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe
    ISOpen V4.3-->"D:\ISOpen\unins000.exe"
    J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
    J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
    J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
    J2SE Runtime Environment 5.0 Update 8-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
    Kate's Video Converter 2.8.4-->"C:\Program Files\Kate's Video Converter\unins000.exe"
    KC Softwares IDPhotoStudio-->"C:\Program Files\KC Softwares\IDPhotoStudio\unins000.exe"
    KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
    Kiwee Toolbar-->MsiExec.exe /X{12403F20-DE27-4067-B083-A42E8A6432BA}
    K-Lite Codec Pack 2.72 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LG Electronics MF-FE500 MP3 Player-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{157D035D-1FA0-4F66-AA38-A79549B79CA9}\Setup.exe" -l0x9
    Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly
    Ma-Config.com-->MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1}
    Magellan POI File Editor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{104A059B-CD20-4632-A8F6-D8C80E14782D}\Setup.exe" -l0x40c
    mediaSync-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9BB4325A-8E5A-42F1-8978-129172F4D615}\Setup.exe" -l0x9
    Mega Bloc Notes 5.2.0-->C:\Program Files\Mega Bloc Notes\desinstall.exe
    Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
    Megaupload Toolbar-->C:\Program Files\MegauploadToolbar\uninstall.exe
    Memory Stick Formatter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27337663-2619-11D4-99DC-0000F49094C7}\Setup.exe" -l0x40c /UNINSTALL
    Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    MessengerDiscovery Live 1.3.0310-->"C:\Program Files\MessengerDiscovery\unins000.exe"
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Mi
    m
    0
    l
    Contenus similaires
    a c 295 8 Sécurité
    6 Février 2009 23:08:00

    Niveau infection, tu as une jolie collection.

  • Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
  • Double-clique sur Navilog1.exe afin de lancer l'installation.
  • Si le fix ne lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le Bureau.
  • Appuie sur F ou f puis valide par Entrée.
  • Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
  • Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
  • Patiente jusqu'au message : *** Analyse terminée le ..... ***
  • Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse.
  • Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\fixnavi.txt

    N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan.
    m
    0
    l
    6 Février 2009 23:13:10

    Je vais faire la manipulation "Navilog1" tout de suite, mais j'ai vu que le fichier "info" n'avait pas été entièrement écrit donc j'écris la suite ici, au cas où :

    Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
    Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher 2007 Trial-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PUBLISHERR /dll OSETUP.DLL
    Microsoft Office Publisher 2007-->MsiExec.exe /X{91120000-0019-0000-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    MilkShape 3D 1.7.9-->"D:\MilkShape 3D 1.7.9\uninstall.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mozilla Firefox (2.0.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Musicnotes Player V1.23.1 and Viewer-->"C:\Program Files\Musicnotes\Player\unins000.exe"
    My 3D Christmas Tree Screen Saver-->"C:\PROGRA~1\Freeze.com\My 3D Christmas Tree\UNINSTAL.EXE"
    MyHeritage Family Tree Builder-->D:\MyHeritage\Bin\Uninstall.exe
    Mystery Case Files: Return to Ravenhearst ™-->"C:\Program Files\Mystery Case Files - Return to Ravenhearst\Uninstall.exe"
    NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvsy.inf
    OLYMPUS Master-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{BA820A24-704B-428D-9904-71A10DAC1372} /l1036 /zUNINSTALL
    OpenMG Limited Patch 4.4-06-13-19-01-->C:\Program Files\Fichiers communs\Sony Shared\OpenMG\HotFixes\HotFix4.4-06-13-19-01\HotFixSetup\setup.exe /u
    OpenMG Secure Module 4.4.00-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{CFB17307-B244-4EAD-AE8E-CDAF440477C2} UNINSTALL
    OpenOffice.org 2.1-->MsiExec.exe /I{43983EB4-43DC-4C3D-9712-1EF592A31CA8}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    P2Pcontrol 1.0-->C:\Program Files\P2Pcontrol\uninst.exe
    PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
    PC Studio-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{D48C9BFC-FBCF-4F29-B97D-822ED6D497FE} /l1036
    PCLink for GSM Ver.1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F3BF93D3-25E7-11D6-B496-0050BF282FBC}\SETUP.EXE" -l0x9
    Photo d'identité 2006 v2.7-->"C:\Program Files\Emjysoft\Photo\unins000.exe"
    Photo Print Calendar from YOKOHAMA Ver.3.00E beta-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70FF1E06-E533-4552-B384-DA4EE4AC1615}\Setup.exe"
    PhotoBox 3.2.5-->"C:\Program Files\PhotoBox\uninstall.exe"
    Pilotes Canon MP-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58F8C6D9-5B55-486A-A322-4E8D87670031}\Setup.exe" -l0x40c -Uninstall
    Polaroid Dust and Scratch Removal v1.0.0.15.2e-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B03B4E6-E3F9-11D5-B9D9-00D0B75C082C}\Setup.exe" -l0x9
    Portrait Professional 6.3-->"C:\Program Files\Portrait Professional 6\unins000.exe"
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    RealArcade-->C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2
    RealOne Player-->C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
    Ri4m v5.0.1d-->D:\Ri4m_Uninstal.exe
    SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
    Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
    Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
    Samsung USB Driver (MCCI 4.24)-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{77F09242-A107-4CB6-A295-D8656C2C3795}
    Sandlot Games Client Services 1.2.2-->"C:\Program Files\Fichiers communs\Sandlot Shared\unins000.exe"
    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0019-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0019-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0019-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0019-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0019-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
    Seekmo Search Assistant-->c:\program files\seekmo\seekmo.exe /uninst_simple_init=y
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Shareaza version 2.2.5.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe"
    ShopperReports-->C:\Program Files\ShoppingReport\Uninst.exe
    Sibelius Scorch (ActiveX Only)-->MsiExec.exe /I{C8E4455F-0F70-4DA2-A9F9-2D56C80E10AD}
    SimPE 0.58 (alpha)-->"D:\SimPE\unins000.exe"
    SimpleOCR 3.1-->C:\PROGRA~1\SIMPLE~1\UNWISE.EXE C:\PROGRA~1\SIMPLE~1\INSTALL.LOG
    Skin PlayBoy 7.5.322 by diablotin-->C:\Program Files\MSN Messenger\Uninstal.exe
    Skype 2.5-->"D:\alberto.angelini\Phone\unins000.exe"
    SonicStage 3.4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x40c UNINSTALL -removeonly
    SpySpotter-->C:\Program Files\SpySpotter3\Uninstall.exe
    Stamp-->"C:\Program Files\AKVIS\Stamp\Uninstall\Uninstall.exe" "C:\Program Files\AKVIS\Stamp\Uninstall\install.log" -u
    StuffPlug 3-->D:\StuffPlug3\Uninstall.exe
    StuffPlug-NG (Messenger Plus! Plugins)-->C:\Program Files\MessengerPlus! 3\Plugins\StuffPlug-NG\Uninstall.exe
    The GIMP 2.2.15-->"D:\GIMP-2.0\unins000.exe"
    TreeSize Free V2.1-->"D:\TreeSize Free\unins000.exe"
    Uninstall PGEDemo-->C:\WINDOWS\unvise32.exe C:\Program Files\PGEDemo\PGEDemo Uninstall.log
    Update for Office 2007 (KB946691)-->msiexec /package {91120000-0019-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    VAIO BrightColor Wallpaper-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D1D6640-CD43-4AD9-A52F-E48265DB28E0}\Setup.exe" -l0x9
    VAIO Clock Screen Saver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1D057E97-A116-4BF9-B307-83C3FBD86515}\Setup.exe" -l0x9
    VAIO DeepSea Wallpaper-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3147661C-2807-49EC-B971-3B0F23D95018}\Setup.exe" -l0x9
    VAIO System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2366D960-F00F-11D3-99D3-00C04FCCB775}\Setup.exe" -l0x40c
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    VCW VicMan's Photo Editor 7.99-->"C:\Program Files\VCW VicMan's Photo Editor\unins000.exe"
    VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
    VideoLAN VLC media player 0.8.4a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    VirtualDub 1.6.9 Fr-->C:\Program Files\VirtualDub\UnInstall_VirtualDub.exe
    Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
    WebMediaPlayer 1.0-->C:\Program Files\WebMediaPlayer\uninst.exe
    WindowBlinds-->C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\INSTALL.LOG
    Windows Defender Signatures-->MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
    Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
    Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
    Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    WinZix-->C:\Program Files\WinZix\uninstall.exe
    Wireless-G PCI Adapter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88742616-A6E9-4C7E-9665-B625799541FB}\Setup.exe" -l0x9
    XnView 1.80.1-->"C:\Program Files\XnView\unins000.exe"
    Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

    ======Security center information======

    AV: Avira AntiVir PersonalEdition (outdated)

    System event log

    Computer Name: ANGELINI2
    Event Code: 263
    Message: Le service "AntiVirScheduler" n'a peut-être pas annulé son inscription au service de notifications d'événement de périphériques avant d'être arrêté.

    Record Number: 89785
    Source Name: PlugPlayManager
    Time Written: 20081231103051.000000+060
    Event Type: Avertissement
    User:

    Computer Name: ANGELINI2
    Event Code: 6005
    Message: Le service d'Enregistrement d'événement a démarré.

    Record Number: 89784
    Source Name: EventLog
    Time Written: 20081231103046.000000+060
    Event Type: Informations
    User:

    Computer Name: ANGELINI2
    Event Code: 6009
    Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

    Record Number: 89783
    Source Name: EventLog
    Time Written: 20081231103046.000000+060
    Event Type: Informations
    User:

    Computer Name: ANGELINI2
    Event Code: 6006
    Message: Le service d'Enregistrement d'événement a été arrêté.

    Record Number: 89782
    Source Name: EventLog
    Time Written: 20081230233009.000000+060
    Event Type: Informations
    User:

    Computer Name: ANGELINI2
    Event Code: 4201
    Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{7FB3D499-932D-4CED-A44A-3CBA037EDB23} était connectée au réseau,
    et a lancé une opération normale sur la carte réseau.

    Record Number: 89781
    Source Name: Tcpip
    Time Written: 20081230204150.000000+060
    Event Type: Informations
    User:

    Application event log

    Computer Name: ANGELINI2
    Event Code: 1800
    Message: Le service Centre de sécurité Windows a démarré.

    Record Number: 32345
    Source Name: SecurityCenter
    Time Written: 20090102092927.000000+060
    Event Type: Informations
    User:

    Computer Name: ANGELINI2
    Event Code: 0
    Message:
    Record Number: 32344
    Source Name: Giga Pocket Hardware Detector
    Time Written: 20090102092901.000000+060
    Event Type: Informations
    User:

    Computer Name: ANGELINI2
    Event Code: 4097
    Message: The AntiVir service has been stopped!

    Record Number: 32343
    Source Name: Avira AntiVir
    Time Written: 20090102092856.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: ANGELINI2
    Event Code: 4122
    Message: Unable to load file AVPREF.DLL.
    Returned error code: 1114

    Record Number: 32342
    Source Name: Avira AntiVir
    Time Written: 20090102092855.000000+060
    Event Type: erreur
    User: AUTORITE NT\SYSTEM

    Computer Name: ANGELINI2
    Event Code: 0
    Message:
    Record Number: 32341
    Source Name: Sony TV Tuner Manager
    Time Written: 20090102092423.000000+060
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\Java\jre1.5.0_06\bin\client\;C:\Program Files\Fichiers communs\Adobe\AGL;D:\gtk\bin;C:\Program Files\Samsung\Samsung PC Studio 3\
    "windir"=%SystemRoot%
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
    "PROCESSOR_REVISION"=0209
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "FP_NO_HOST_CHECK"=NO

    -----------------EOF-----------------
    m
    0
    l
    6 Février 2009 23:46:26

    Voilà l'analyse Navilog :

    Search Navipromo version 3.7.1 commencé le 06/02/2009 à 23:17:45,68

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
    BIOS : BIOS Date: 09/19/03 10:23:50 Ver: 08.00.08
    USER : Angelini ( Administrator )
    BOOT : Normal boot

    Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated)


    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:27 Go (Free:5 Go)
    D:\ (Local Disk) - NTFS - Total:83 Go (Free:21 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)


    Recherche executé en mode normal

    *** Recherche Programmes installés ***

    Favorit
    WebMediaPlayer 1.0

    *** Recherche dossiers dans "C:\WINDOWS" ***


    *** Recherche dossiers dans "C:\Program Files" ***

    ...\Instant Access trouvé !
    ...\WebMediaPlayer trouvé !

    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


    *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\Angelini\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\Angelini\locals~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\Angelini\menudm~1\progra~1" ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans "C:\WINDOWS\system32" *

    * Recherche dans "C:\Documents and Settings\Angelini\locals~1\applic~1" *



    *** Recherche fichiers ***


    C:\WINDOWS\Downloaded Program Files\IaLdr32.inf trouvé !
    C:\WINDOWS\pack.epk trouvé !
    C:\WINDOWS\system32\nvs2.inf trouvé !

    *** Recherche clés spécifiques dans le Registre ***
    !! Les clés trouvées ne sont pas forcément infectées !!

    HKEY_CURRENT_USER\Software\Lanconfig

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ywewy"="\"c:\\windows\\system32\\ywewy.exe\" ywewy"


    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans "C:\WINDOWS\system32" :

    mwcok.dat trouvé !
    mwcok_nav.dat trouvé !
    mwcok_navps.dat trouvé !
    oieca.dat trouvé !
    oieca_nav.dat trouvé !
    oieca_navps.dat trouvé !
    saecumu.dat trouvé !
    saecumu_nav.dat trouvé !
    saecumu_navps.dat trouvé !
    ywewy.exe trouvé !
    ywewy.dat trouvé !
    ywewy_nav.dat trouvé !
    ywewy_navps.dat trouvé !

    * Dans "C:\Documents and Settings\Angelini\locals~1\applic~1" :


    3)Recherche Certificats :

    Certificat Egroup trouvé !
    Certificat Electronic-Group trouvé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit trouvé !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche autres dossiers et fichiers connus :

    C:\WINDOWS\Tasks\A8E0E5EA91DB9716.job trouvé ! Infection Lop possible non traitée par cet outil !


    *** Analyse terminée le 06/02/2009 à 23:31:11,46 ***
    m
    0
    l
    a c 295 8 Sécurité
    6 Février 2009 23:48:19

    Ne réinstalle pas Instant Access et WebMediaPlayer, ce sont des programmes piégés.

  • Relance Navilog1, fais l'option 2 et poste le rapport (C:\cleannavi.txt).
    m
    0
    l
    7 Février 2009 00:08:44

    Résultat 2 de Navilog1 :

    Clean Navipromo version 3.7.1 commencé le 06/02/2009 à 23:57:17,31

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
    BIOS : BIOS Date: 09/19/03 10:23:50 Ver: 08.00.08
    USER : Angelini ( Administrator )
    BOOT : Normal boot

    Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated)


    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:27 Go (Free:5 Go)
    D:\ (Local Disk) - NTFS - Total:83 Go (Free:21 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)


    Mode suppression automatique
    avec prise en charge résultats Catchme et GNS


    Nettoyage exécuté au redémarrage de l'ordinateur


    *** fsbl1.txt non trouvé ***
    (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans "C:\WINDOWS\System32" *


    * Suppression dans "C:\Documents and Settings\Angelini\locals~1\applic~1" *



    *** Suppression dossiers dans "C:\WINDOWS" ***


    *** Suppression dossiers dans "C:\Program Files" ***

    ...\Instant Access ...suppression...
    ...\Instant Access supprimé !

    ...\WebMediaPlayer ...suppression...
    ...\WebMediaPlayer supprimé !


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


    *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Angelini\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Angelini\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Angelini\menudm~1\progra~1" ***



    *** Suppression fichiers ***

    C:\WINDOWS\Downloaded Program Files\IaLdr32.inf supprimé !
    C:\WINDOWS\pack.epk supprimé !
    C:\WINDOWS\system32\nvs2.inf supprimé !

    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Angelini\locals~1\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :


    * Dans "C:\WINDOWS\system32" *


    mwcok.dat trouvé !
    Copie mwcok.dat réalisée avec succès !
    mwcok.dat supprimé !

    mwcok_nav.dat trouvé !
    Copie mwcok_nav.dat réalisée avec succès !
    mwcok_nav.dat supprimé !

    mwcok_navps.dat trouvé !
    Copie mwcok_navps.dat réalisée avec succès !
    mwcok_navps.dat supprimé !

    oieca.dat trouvé !
    Copie oieca.dat réalisée avec succès !
    oieca.dat supprimé !

    oieca_nav.dat trouvé !
    Copie oieca_nav.dat réalisée avec succès !
    oieca_nav.dat supprimé !

    oieca_navps.dat trouvé !
    Copie oieca_navps.dat réalisée avec succès !
    oieca_navps.dat supprimé !

    saecumu.dat trouvé !
    Copie saecumu.dat réalisée avec succès !
    saecumu.dat supprimé !

    saecumu_nav.dat trouvé !
    Copie saecumu_nav.dat réalisée avec succès !
    saecumu_nav.dat supprimé !

    saecumu_navps.dat trouvé !
    Copie saecumu_navps.dat réalisée avec succès !
    saecumu_navps.dat supprimé !

    ywewy.exe trouvé !
    Copie ywewy.exe réalisée avec succès !
    ywewy.exe supprimé !

    ywewy.dat trouvé !
    Copie ywewy.dat réalisée avec succès !
    ywewy.dat supprimé !

    ywewy_nav.dat trouvé !
    Copie ywewy_nav.dat réalisée avec succès !
    ywewy_nav.dat supprimé !

    ywewy_navps.dat trouvé !
    Copie ywewy_navps.dat réalisée avec succès !
    ywewy_navps.dat supprimé !


    * Dans "C:\Documents and Settings\Angelini\locals~1\applic~1" *



    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok


    *** Certificats ***

    Certificat Egroup supprimé !
    Certificat Electronic-Group supprimé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit supprimé !
    Certificat Sunny-Day-Design-Ltdt absent !

    *** Recherche autres dossiers et fichiers connus ***

    C:\WINDOWS\Tasks\A8E0E5EA91DB9716.job trouvé ! Infection Lop possible non traitée par cet outil !


    *** Nettoyage terminé le 07/02/2009 à 0:06:20,04 ***

    m
    0
    l
    a c 295 8 Sécurité
    7 Février 2009 00:13:12

  • Désinstalle Navilog1.

  • Télécharge Lop S&D sur ton Bureau.
  • Double-clique dessus pour lancer l'installation.
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).
    m
    0
    l
    7 Février 2009 00:21:43

    Rapport de Lop S&D :


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
    BIOS : BIOS Date: 09/19/03 10:23:50 Ver: 08.00.08
    USER : Angelini ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090206-0] 4.8.1335 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:27 Go (Free:5 Go)
    D:\ (Local Disk) - NTFS - Total:83 Go (Free:21 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 07/02/2009| 0:15 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [05/05/2007|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [08/05/2007|11:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    [09/12/2007|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [24/12/2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [24/12/2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira(2)
    [28/01/2009|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
    [14/04/2006|10:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [24/11/2005|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [08/11/2006|15:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [15/10/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
    [27/09/2006|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Emjysoft
    [09/10/2008|17:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
    [30/11/2007|22:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
    [29/12/2008|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [10/11/2008|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [23/03/2006|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [25/12/2008|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar2
    [02/02/2009|10:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave
    [27/06/2007|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
    [27/06/2007|10:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [06/02/2009|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [30/04/2006|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
    [15/10/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Megaupload
    [20/03/2007|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [22/07/2008|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
    [22/07/2008|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
    [29/12/2008|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [11/12/2008|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [02/01/2006|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [11/10/2006|16:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
    [12/10/2007|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Musicnotes
    [16/12/2007|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [20/02/2006|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
    [21/11/2007|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [03/12/2005|13:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Samsung
    [31/12/2006|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [04/08/2003|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [27/11/2005|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [08/06/2007|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
    [31/12/2006|16:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
    [24/11/2005|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [31/01/2009|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [12/03/2006|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [09/10/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [24/11/2005|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [28/12/2008|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [13/04/2006|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
    [05/11/2006|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [08/03/2008|09:24] C:\DOCUME~1\Angelini\APPLIC~1\Adobe
    [24/01/2009|09:59] C:\DOCUME~1\Angelini\APPLIC~1\AdobeUM
    [10/12/2007|15:33] C:\DOCUME~1\Angelini\APPLIC~1\Ahead
    [20/04/2008|10:53] C:\DOCUME~1\Angelini\APPLIC~1\Anthropics
    [06/10/2006|17:36] C:\DOCUME~1\Angelini\APPLIC~1\ArcSoft
    [06/12/2005|12:17] C:\DOCUME~1\Angelini\APPLIC~1\Canon
    [23/03/2006|18:55] C:\DOCUME~1\Angelini\APPLIC~1\Corel
    [07/04/2008|08:51] C:\DOCUME~1\Angelini\APPLIC~1\cs
    [08/05/2008|22:03] C:\DOCUME~1\Angelini\APPLIC~1\DAEMON Tools
    [05/02/2007|15:10] C:\DOCUME~1\Angelini\APPLIC~1\DeepBurner
    [29/01/2009|17:09] C:\DOCUME~1\Angelini\APPLIC~1\DivX
    [02/09/2008|08:18] C:\DOCUME~1\Angelini\APPLIC~1\Documents and Settings
    [15/10/2008|15:37] C:\DOCUME~1\Angelini\APPLIC~1\EmailNotifier
    [06/02/2009|20:47] C:\DOCUME~1\Angelini\APPLIC~1\EPSON
    [27/12/2008|19:25] C:\DOCUME~1\Angelini\APPLIC~1\Google
    [29/11/2005|17:24] C:\DOCUME~1\Angelini\APPLIC~1\Help
    [14/08/2008|22:12] C:\DOCUME~1\Angelini\APPLIC~1\Identities
    [22/01/2006|16:48] C:\DOCUME~1\Angelini\APPLIC~1\iMesh
    [27/06/2007|10:44] C:\DOCUME~1\Angelini\APPLIC~1\InstallShield
    [04/08/2003|11:22] C:\DOCUME~1\Angelini\APPLIC~1\InterTrust
    [04/10/2008|09:54] C:\DOCUME~1\Angelini\APPLIC~1\JAM Software
    [09/05/2006|12:21] C:\DOCUME~1\Angelini\APPLIC~1\Jasc
    [22/01/2006|18:04] C:\DOCUME~1\Angelini\APPLIC~1\Kazaa Lite
    [19/04/2006|20:38] C:\DOCUME~1\Angelini\APPLIC~1\Leadertech
    [27/06/2007|10:46] C:\DOCUME~1\Angelini\APPLIC~1\Logitech
    [30/04/2006|16:45] C:\DOCUME~1\Angelini\APPLIC~1\Macromedia
    [26/07/2006|22:11] C:\DOCUME~1\Angelini\APPLIC~1\Media Player Classic
    [15/10/2008|15:37] C:\DOCUME~1\Angelini\APPLIC~1\Megaupload
    [08/11/2008|15:26] C:\DOCUME~1\Angelini\APPLIC~1\MegauploadToolbar
    [15/01/2009|19:24] C:\DOCUME~1\Angelini\APPLIC~1\Microsoft
    [25/12/2005|19:51] C:\DOCUME~1\Angelini\APPLIC~1\Microsoft Web Folders
    [12/11/2007|17:22] C:\DOCUME~1\Angelini\APPLIC~1\Mozilla
    [15/01/2006|14:54] C:\DOCUME~1\Angelini\APPLIC~1\MSN6
    [03/04/2007|15:17] C:\DOCUME~1\Angelini\APPLIC~1\OLYMPUS
    [06/02/2009|20:31] C:\DOCUME~1\Angelini\APPLIC~1\OpenOffice.org2
    [21/11/2007|19:33] C:\DOCUME~1\Angelini\APPLIC~1\PlayFirst
    [16/08/2008|21:54] C:\DOCUME~1\Angelini\APPLIC~1\Real
    [07/03/2008|22:59] C:\DOCUME~1\Angelini\APPLIC~1\Samsung
    [02/02/2009|10:48] C:\DOCUME~1\Angelini\APPLIC~1\scr mail team
    [20/04/2007|12:28] C:\DOCUME~1\Angelini\APPLIC~1\Screenshot Sender
    [25/05/2007|09:44] C:\DOCUME~1\Angelini\APPLIC~1\SecondLife
    [04/11/2006|10:41] C:\DOCUME~1\Angelini\APPLIC~1\SecuROM
    [05/09/2006|22:11] C:\DOCUME~1\Angelini\APPLIC~1\SendPix
    [29/01/2007|12:38] C:\DOCUME~1\Angelini\APPLIC~1\Shareaza
    [28/12/2007|15:59] C:\DOCUME~1\Angelini\APPLIC~1\ShoppingReport
    [20/10/2007|11:35] C:\DOCUME~1\Angelini\APPLIC~1\Sibelius Software
    [21/08/2008|21:18] C:\DOCUME~1\Angelini\APPLIC~1\Skype
    [26/12/2006|11:01] C:\DOCUME~1\Angelini\APPLIC~1\SlySoft
    [08/06/2007|16:13] C:\DOCUME~1\Angelini\APPLIC~1\Sony Corporation
    [04/01/2006|22:19] C:\DOCUME~1\Angelini\APPLIC~1\Sun
    [04/08/2003|09:27] C:\DOCUME~1\Angelini\APPLIC~1\Symantec
    [14/10/2007|14:31] C:\DOCUME~1\Angelini\APPLIC~1\The Complete Genealogy Reporter - FTB
    [10/05/2007|20:23] C:\DOCUME~1\Angelini\APPLIC~1\Thunderbird
    [08/04/2008|16:15] C:\DOCUME~1\Angelini\APPLIC~1\U3
    [19/02/2006|13:33] C:\DOCUME~1\Angelini\APPLIC~1\vlc
    [25/07/2006|16:09] C:\DOCUME~1\Angelini\APPLIC~1\WebCompiler3
    [26/09/2008|15:12] C:\DOCUME~1\Angelini\APPLIC~1\WinButler
    [07/12/2005|16:52] C:\DOCUME~1\Angelini\APPLIC~1\XnView
    [14/08/2008|22:12] C:\DOCUME~1\Angelini\APPLIC~1\Zylom

    [04/08/2003|08:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [04/08/2003|11:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
    [02/12/2007|05:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [04/08/2003|09:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [29/01/2007|12:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [06/01/2008|10:25] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [07/02/2009 00:00][--ah-----] C:\WINDOWS\tasks\A8E0E5EA91DB9716.job
    [07/02/2009 00:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( A8E0E5EA91DB9716.job )=( c:\docume~1\angelini\applic~1\scrmai~1\WebDvdSkip.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/06/2007|12:04] C:\Program Files\2 Pic
    [18/03/2008|17:30] C:\Program Files\7-Zip
    [25/10/2008|13:30] C:\Program Files\802.11 Wireless LAN
    [09/10/2008|17:12] C:\Program Files\ABBYY FineReader 6.0 Sprint
    [01/05/2007|18:33] C:\Program Files\AbiSuite2
    [10/05/2007|20:00] C:\Program Files\Adobe
    [30/04/2006|11:11] C:\Program Files\AKVIS
    [24/11/2005|16:16] C:\Program Files\Alwil Software
    [24/12/2008|11:20] C:\Program Files\AntivirusPro2009
    [04/10/2008|10:52] C:\Program Files\Anuman Interactive
    [01/03/2008|12:32] C:\Program Files\ASIO4ALL v2
    [09/12/2007|10:47] C:\Program Files\AskTBar
    [05/02/2007|15:04] C:\Program Files\Astonsoft
    [04/08/2003|09:32] C:\Program Files\ATI Technologies
    [11/05/2007|09:12] C:\Program Files\AtomixMP3
    [23/06/2006|17:30] C:\Program Files\Auralog
    [03/09/2006|22:31] C:\Program Files\AV Vcs 4.0 DIAMOND
    [13/07/2006|23:58] C:\Program Files\AVI-GIF
    [31/12/2008|16:07] C:\Program Files\avijoin
    [24/12/2008|11:20] C:\Program Files\Avira
    [30/03/2007|21:09] C:\Program Files\Axon Data
    [11/11/2006|14:57] C:\Program Files\Bazooka Scanner
    [24/01/2007|20:25] C:\Program Files\BFG
    [28/01/2009|09:49] C:\Program Files\bfgclient
    [06/02/2009|22:59] C:\Program Files\BHODemon 2
    [01/06/2007|12:00] C:\Program Files\Boonty
    [12/08/2008|19:58] C:\Program Files\BoontyGames
    [26/11/2005|22:19] C:\Program Files\Canon
    [16/12/2007|13:54] C:\Program Files\CCleaner
    [04/08/2003|09:11] C:\Program Files\Common Files
    [04/08/2003|08:58] C:\Program Files\ComPlus Applications
    [17/11/2008|17:29] C:\Program Files\Conduit
    [09/12/2007|11:02] C:\Program Files\Corel
    [24/11/2005|14:16] C:\Program Files\CyberLink
    [05/04/2008|16:13] C:\Program Files\CyberMUT
    [14/01/2009|14:14] C:\Program Files\DivX
    [02/01/2006|16:13] C:\Program Files\D-Link
    [03/06/2007|16:29] C:\Program Files\Easy-TV
    [11/11/2006|14:38] C:\Program Files\ElcomSoft
    [27/09/2006|18:18] C:\Program Files\Emjysoft
    [09/01/2009|10:33] C:\Program Files\epson
    [10/10/2007|18:38] C:\Program Files\Everest Poker
    [14/02/2006|14:49] C:\Program Files\Every Toolbar 1.1
    [25/06/2006|16:40] C:\Program Files\EZFace
    [17/12/2008|18:22] C:\Program Files\Fichiers communs
    [22/08/2008|17:38] C:\Program Files\Finale NotePad 2008
    [13/12/2008|10:34] C:\Program Files\Freecorder
    [17/11/2008|17:54] C:\Program Files\Freecorder Toolbar
    [30/12/2008|20:52] C:\Program Files\Freeze.com
    [28/03/2007|14:50] C:\Program Files\GIMP-2.0
    [29/12/2008|15:14] C:\Program Files\Google
    [12/09/2006|14:25] C:\Program Files\Google Toolbar
    [24/04/2007|10:50] C:\Program Files\Grisoft
    [25/10/2008|13:55] C:\Program Files\Hercules
    [24/11/2005|14:08] C:\Program Files\HighMAT CD Writing Wizard
    [15/08/2008|12:38] C:\Program Files\Image-Line
    [22/01/2006|16:46] C:\Program Files\iMesh Applications
    [09/01/2009|15:45] C:\Program Files\InstallShield Installation Information
    [04/08/2003|09:38] C:\Program Files\Intel
    [03/02/2009|16:56] C:\Program Files\Intel Desktop Board
    [11/12/2008|21:46] C:\Program Files\Internet Explorer
    [16/06/2007|18:42] C:\Program Files\ISOpen
    [14/07/2006|00:07] C:\Program Files\Jasc Software Inc
    [29/12/2008|15:17] C:\Program Files\Java
    [14/09/2007|21:42] C:\Program Files\Kate's Video Converter
    [27/09/2006|18:29] C:\Program Files\KC Softwares
    [20/05/2008|22:10] C:\Program Files\Kiwee Toolbar2
    [07/07/2006|18:14] C:\Program Files\K-Lite Codec Pack
    [27/06/2007|10:44] C:\Program Files\Logitech
    [06/02/2009|21:00] C:\Program Files\ma-config.com
    [11/10/2008|10:15] C:\Program Files\Mega Bloc Notes
    [15/10/2008|15:37] C:\Program Files\Megaupload
    [15/10/2008|15:37] C:\Program Files\MegauploadToolbar
    [16/02/2006|11:50] C:\Program Files\Messager Wanadoo
    [24/12/2008|11:21] C:\Program Files\Messenger
    [30/12/2008|15:56] C:\Program Files\Messenger Plus! Live
    [29/12/2008|09:50] C:\Program Files\MessengerPlus! 3
    [11/02/2006|17:46] C:\Program Files\MF-FE500
    [24/12/2006|17:36] C:\Program Files\micronet-soft
    [17/12/2008|18:34] C:\Program Files\Microsoft
    [16/12/2007|13:56] C:\Program Files\Microsoft ActiveSync
    [08/05/2006|15:39] C:\Program Files\Microsoft AntiSpyware
    [25/12/2005|19:51] C:\Program Files\microsoft frontpage
    [28/02/2008|20:06] C:\Program Files\Microsoft Office
    [22/10/2008|09:07] C:\Program Files\Microsoft Silverlight
    [31/01/2008|13:20] C:\Program Files\Microsoft SQL Server Compact Edition
    [21/09/2008|17:25] C:\Program Files\Microsoft Works
    [21/09/2008|17:08] C:\Program Files\Microsoft.NET
    [12/09/2006|17:59] C:\Program Files\Mirror Magic
    [13/09/2008|08:31] C:\Program Files\Movie Maker
    [23/11/2008|10:31] C:\Program Files\Mozilla Firefox
    [07/02/2009|00:09] C:\Program Files\Mozilla Thunderbird
    [11/02/2006|17:46] C:\Program Files\MP3 Explorer
    [28/12/2008|16:48] C:\Program Files\MSECache
    [09/08/2006|08:21] C:\Program Files\MSN
    [24/12/2008|11:21] C:\Program Files\MSN Apps
    [04/08/2003|08:57] C:\Program Files\MSN Gaming Zone
    [28/04/2008|08:20] C:\Program Files\MSN Messenger
    [14/10/2006|23:11] C:\Program Files\MSXML 4.0
    [12/10/2006|09:24] C:\Program Files\MumboJumbo
    [08/10/2007|15:52] C:\Program Files\Musicnotes
    [31/01/2009|12:22] C:\Program Files\Mystery Case Files - Return to Ravenhearst
    [07/02/2009|00:14] C:\Program Files\Navilog1
    [09/12/2007|10:54] C:\Program Files\Nero
    [13/09/2008|08:23] C:\Program Files\NetMeeting
    [02/01/2006|18:46] C:\Program Files\Netscape
    [15/08/2008|12:37] C:\Program Files\Notation
    [03/04/2007|15:15] C:\Program Files\OLYMPUS
    [04/01/2007|18:15] C:\Program Files\OpenOffice.org 2.1
    [06/11/2006|18:04] C:\Program Files\orange
    [13/09/2008|08:23] C:\Program Files\Outlook Express
    [04/02/2009|15:40] C:\Program Files\P2Pcontrol
    [22/12/2008|21:26] C:\Program Files\PC Inspector File Recovery
    [24/01/2006|17:47] C:\Program Files\Photo Print Calendar from YOKOHAMA Ver.3.00E beta
    [09/04/2008|10:46] C:\Program Files\PhotoBox
    [03/04/2007|15:14] C:\Program Files\PIXELA
    [27/04/2007|10:41] C:\Program Files\Pizzicato 3
    [24/04/2006|15:40] C:\Program Files\Polaroid
    [20/04/2008|10:53] C:\Program Files\Portrait Professional 6
    [05/06/2008|22:45] C:\Program Files\QuickTime Alternative
    [09/07/2006|12:40] C:\Program Files\RADVideo
    [10/05/2007|19:59] C:\Program Files\Real
    [07/03/2008|22:55] C:\Program Files\Samsung
    [02/02/2009|10:47] C:\Program Files\scr mail team
    [27/02/2008|15:18] C:\Program Files\sega
    [20/12/2005|12:33] C:\Program Files\Serif
    [04/08/2003|08:58] C:\Program Files\Services en ligne
    [31/03/2007|21:24] C:\Program Files\Shareaza
    [15/08/2008|12:36] C:\Program Files\Shockwave.com
    [10/11/2008|15:47] C:\Program Files\ShoppingReport
    [14/08/2006|18:05] C:\Program Files\Sibelius Software
    [20/12/2005|15:56] C:\Program Files\SimpleOCR
    [25/06/2007|14:22] C:\Program Files\Slickball
    [26/12/2006|18:51] C:\Program Files\SlySoft
    [29/01/2007|13:05] C:\Program Files\SoftwareRevenue.org
    [25/11/2007|10:59] C:\Program Files\sony
    [08/06/2007|16:09] C:\Program Files\Sony Corporation
    [07/01/2006|10:19] C:\Program Files\SpySpotter3
    [29/12/2008|18:25] C:\Program Files\Spyware Guard 2008
    [02/02/2007|10:40] C:\Program Files\Stardock
    [06/02/2009|23:00] C:\Program Files\Trend Micro
    [03/12/2005|13:39] C:\Program Files\Uninstall Information
    [26/02/2008|21:41] C:\Program Files\VCW VicMan's Photo Editor
    [03/12/2007|16:21] C:\Program Files\Veoh Networks
    [19/02/2006|13:31] C:\Program Files\VideoLAN
    [21/10/2007|14:38] C:\Program Files\VirtualDub
    [01/03/2008|12:38] C:\Program Files\VstPlugins
    [13/01/2006|23:00] C:\Program Files\Wanadoo
    [24/11/2005|14:09] C:\Program Files\Windows Journal Viewer
    [28/12/2008|16:45] C:\Program Files\Windows Live
    [04/02/2009|17:54] C:\Program Files\Windows Live Safety Center
    [22/12/2008|21:26] C:\Program Files\Windows Media Connect 2
    [13/09/2008|08:23] C:\Program Files\Windows Media Player
    [13/09/2008|08:23] C:\Program Files\Windows NT
    [04/08/2003|08:57] C:\Program Files\WindowsUpdate
    [09/03/2007|13:39] C:\Program Files\WinRAR
    [02/02/2009|10:32] C:\Program Files\WinZix
    [12/02/2006|17:49] C:\Program Files\WMPCI54G WLAN Monitor
    [04/08/2003|08:59] C:\Program Files\xerox
    [07/12/2005|16:54] C:\Program Files\XnView
    [13/04/2006|18:31] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [10/05/2007|20:01] C:\Program Files\Fichiers communs\Adobe
    [24/04/2007|21:21] C:\Program Files\Fichiers communs\Adobe Systems Shared
    [09/12/2007|10:57] C:\Program Files\Fichiers communs\Ahead
    [06/10/2006|15:21] C:\Program Files\Fichiers communs\ArcSoft
    [14/04/2006|10:53] C:\Program Files\Fichiers communs\BOONTY Shared
    [26/09/2008|17:12] C:\Program Files\Fichiers communs\Carlson
    [21/09/2008|17:24] C:\Program Files\Fichiers communs\DESIGNER
    [10/12/2005|19:08] C:\Program Files\Fichiers communs\GTK
    [23/03/2006|18:55] C:\Program Files\Fichiers communs\InstallShield
    [02/02/2007|10:24] C:\Program Files\Fichiers communs\InstallShield Shared
    [24/11/2005|14:08] C:\Program Files\Fichiers communs\Java
    [27/06/2007|10:44] C:\Program Files\Fichiers communs\Logitech
    [18/12/2008|18:49] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/08/2003|08:58] C:\Program Files\Fichiers communs\MSSoap
    [31/05/2007|09:49] C:\Program Files\Fichiers communs\Oberon Media
    [04/08/2003|09:55] C:\Program Files\Fichiers communs\ODBC
    [10/05/2007|19:59] C:\Program Files\Fichiers communs\Real
    [31/12/2006|16:46] C:\Program Files\Fichiers communs\Sandlot Shared
    [04/08/2003|08:58] C:\Program Files\Fichiers communs\Services
    [08/06/2007|16:09] C:\Program Files\Fichiers communs\Sony Shared
    [04/08/2003|09:55] C:\Program Files\Fichiers communs\SpeechEngines
    [24/11/2005|14:06] C:\Program Files\Fichiers communs\Symantec Shared
    [13/09/2008|08:23] C:\Program Files\Fichiers communs\System
    [02/04/2007|19:47] C:\Program Files\Fichiers communs\Vbox
    [17/12/2008|18:22] C:\Program Files\Fichiers communs\Windows Live
    [01/12/2007|17:58] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [10/05/2007|19:59] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 45 Processes )

    IEXPLORE.EXE ~ [PID:3744]
    IEXPLORE.EXE ~ [PID:3928]
    iexplore.exe ~ [PID:1224]
    IEXPLORE.EXE ~ [PID:3468]

    --------------------\\ Recherche avec S_Lop

    C:\DOCUME~1\Angelini\APPLIC~1\SCRMAI~1
    C:\DOCUME~1\Angelini\APPLIC~1\SCRMAI~1\LiveHtmBold.exe
    C:\DOCUME~1\Angelini\APPLIC~1\SCRMAI~1\uyhwidyq.exe
    C:\DOCUME~1\Angelini\APPLIC~1\SCRMAI~1\WebDvdSkip.exe
    C:\DOCUME~1\Angelini\APPLIC~1\SCRMAI~1\yznxpkyq.exe

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave\active mail.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave\active mail.exe
    C:\DOCUME~1\Angelini\APPLIC~1\scrmai~1
    C:\DOCUME~1\Angelini\APPLIC~1\scrmai~1\LiveHtmBold.exe
    C:\DOCUME~1\Angelini\APPLIC~1\scrmai~1\uyhwidyq.exe
    C:\DOCUME~1\Angelini\APPLIC~1\scrmai~1\WebDvdSkip.exe
    C:\DOCUME~1\Angelini\APPLIC~1\scrmai~1\yznxpkyq.exe
    C:\Program Files\scrmai~1
    C:\Program Files\WinZix
    C:\Program Files\WinZix\search_error.htm
    C:\Program Files\WinZix\SkinCrafterDll.dll
    C:\Program Files\WinZix\support_error.htm
    C:\Program Files\WinZix\t_bg.jpg
    C:\Program Files\WinZix\uninstall.exe
    C:\Program Files\WinZix\winzix.exe
    C:\DOCUME~1\Angelini\Cookies\angelini@advertstream[2].txt
    C:\DOCUME~1\Angelini\Bureau\WinZix.lnk
    C:\DOCUME~1\Angelini\Cookies\angelini@advertising[1].txt
    C:\DOCUME~1\Angelini\Cookies\angelini@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\Angelini\Cookies\angelini@cotedazurpalace[1].txt
    C:\DOCUME~1\Angelini\Cookies\angelini@www.cotedazurpalace[1].txt
    C:\DOCUME~1\Angelini\Cookies\angelini@adopt.euroclick[1].txt
    C:\DOCUME~1\Angelini\Cookies\angelini@pacificpoker[2].txt
    C:\DOCUME~1\Angelini\Cookies\angelini@partypoker[2].txt
    C:\DOCUME~1\Angelini\Cookies\angelini@32vegas[2].txt
    C:\DOCUME~1\Angelini\Cookies\angelini@banner.32vegas[2].txt
    C:\DOCUME~1\Angelini\Cookies\angelini@serve.32vegas[2].txt
    C:\WINDOWS\Tasks\A8E0E5EA91DB9716.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Keep burn win]
    "DisplayName"="CiD Help"
    "UninstallString"="C:\\DOCUME~1\\Angelini\\APPLIC~1\\SCRMAI~1\\LiveHtmBold.exe -uninstall"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Idlebuild"="C:\\DOCUME~1\\Angelini\\APPLIC~1\\SCRMAI~1\\LiveHtmBold.exe"
    "Idlebuild"="C:\\DOCUME~1\\Angelini\\APPLIC~1\\SCRMAI~1\\LiveHtmBold.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Bat Wave Base Dale"="C:\\Documents and Settings\\All Users\\Application Data\\Link Axis Bat Wave\\active mail.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-07 00:17:48
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 275

    --------------------\\ Recherche d'autres infections

    --------------------\\ ROGUES ..

    C:\DOCUME~1\Angelini\APPLIC~1\WinButler
    C:\PROGRA~1\Spyware Guard 2008

    --------------------\\ Suspect ..

    C:\WINDOWS\system32\TDSSbrsr.dll
    C:\WINDOWS\system32\TDSSlxwp.dll
    C:\WINDOWS\system32\TDSSoiqh.dll
    C:\WINDOWS\system32\TDSSosvd.dat
    C:\WINDOWS\system32\TDSSriqp.dll
    C:\WINDOWS\system32\TDSStkdv.log
    C:\WINDOWS\system32\TDSSxfum.dll

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Angelini\Application Data\Shareaza\Torrents\Bigfish.Games.-.Diner.Dash.-.Flo.On.The.Go.+.Crack.rar.torrent


    [F:7][D:12]-> C:\DOCUME~1\Angelini\LOCALS~1\Temp
    [F:248][D:0]-> C:\DOCUME~1\Angelini\Cookies
    [F:10372][D:12]-> C:\DOCUME~1\Angelini\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 07/02/2009| 0:21 - Option : [1]

    --------------------\\ Fin du rapport a 0:21:02
    m
    0
    l
    a c 295 8 Sécurité
    7 Février 2009 00:23:04

    WinZix est également un programme piégé, à ne pas réinstaller.

  • Relance Lop S&D.
  • Choisis cette fois-ci l'option 2 (Suppression).
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt).

    (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    m
    0
    l
    7 Février 2009 00:33:35

    Résultat du 2e Lop S&D (entre-temps avast m'a effectivement trouvé le virus WinZix, je sais même pas d'où il vient mais bon je l'ai mis en quarantaine) :


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
    BIOS : BIOS Date: 09/19/03 10:23:50 Ver: 08.00.08
    USER : Angelini ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090206-0] 4.8.1335 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:27 Go (Free:5 Go)
    D:\ (Local Disk) - NTFS - Total:83 Go (Free:21 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 07/02/2009| 0:27 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave\active mail.dat
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave\active mail.exe
    Supprime! - C:\DOCUME~1\Angelini\APPLIC~1\scrmai~1\LiveHtmBold.exe
    Supprime! - C:\DOCUME~1\Angelini\APPLIC~1\scrmai~1\uyhwidyq.exe
    Supprime! - C:\DOCUME~1\Angelini\APPLIC~1\scrmai~1\WebDvdSkip.exe
    Supprime! - C:\DOCUME~1\Angelini\APPLIC~1\scrmai~1\yznxpkyq.exe
    Supprime! - C:\Program Files\WinZix\search_error.htm
    Supprime! - C:\Program Files\WinZix\SkinCrafterDll.dll
    Supprime! - C:\Program Files\WinZix\support_error.htm
    Supprime! - C:\Program Files\WinZix\t_bg.jpg
    Supprime! - C:\Program Files\WinZix\uninstall.exe
    Supprime! - C:\Program Files\WinZix\winzix.exe
    Supprime! - C:\DOCUME~1\Angelini\Cookies\angelini@advertstream[2].txt
    Supprime! - C:\DOCUME~1\Angelini\Bureau\WinZix.lnk
    Supprime! - C:\DOCUME~1\Angelini\Cookies\angelini@advertising[1].txt
    Supprime! - C:\DOCUME~1\Angelini\Cookies\angelini@banner.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\Angelini\Cookies\angelini@cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\Angelini\Cookies\angelini@www.cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\Angelini\Cookies\angelini@adopt.euroclick[1].txt
    Supprime! - C:\DOCUME~1\Angelini\Cookies\angelini@pacificpoker[2].txt
    Supprime! - C:\DOCUME~1\Angelini\Cookies\angelini@partypoker[2].txt
    Supprime! - C:\DOCUME~1\Angelini\Cookies\angelini@32vegas[2].txt
    Supprime! - C:\DOCUME~1\Angelini\Cookies\angelini@banner.32vegas[2].txt
    Supprime! - C:\DOCUME~1\Angelini\Cookies\angelini@serve.32vegas[2].txt
    Supprime! - C:\WINDOWS\Tasks\A8E0E5EA91DB9716.job
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave
    Supprime! - C:\DOCUME~1\Angelini\APPLIC~1\scrmai~1
    Supprime! - C:\Program Files\scrmai~1
    Supprime! - C:\Program Files\WinZix

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [05/05/2007|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [08/05/2007|11:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    [09/12/2007|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [24/12/2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [24/12/2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira(2)
    [28/01/2009|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
    [14/04/2006|10:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [24/11/2005|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [08/11/2006|15:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [15/10/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
    [27/09/2006|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Emjysoft
    [09/10/2008|17:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
    [30/11/2007|22:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
    [29/12/2008|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [10/11/2008|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [23/03/2006|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [25/12/2008|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar2
    [27/06/2007|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
    [27/06/2007|10:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [06/02/2009|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [30/04/2006|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
    [15/10/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Megaupload
    [20/03/2007|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [22/07/2008|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
    [22/07/2008|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
    [29/12/2008|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [11/12/2008|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [02/01/2006|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [11/10/2006|16:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
    [12/10/2007|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Musicnotes
    [16/12/2007|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [20/02/2006|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
    [21/11/2007|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [03/12/2005|13:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Samsung
    [31/12/2006|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [04/08/2003|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [27/11/2005|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [08/06/2007|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
    [31/12/2006|16:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
    [24/11/2005|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [31/01/2009|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [12/03/2006|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [09/10/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [24/11/2005|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [28/12/2008|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [13/04/2006|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
    [05/11/2006|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [08/03/2008|09:24] C:\DOCUME~1\Angelini\APPLIC~1\Adobe
    [24/01/2009|09:59] C:\DOCUME~1\Angelini\APPLIC~1\AdobeUM
    [10/12/2007|15:33] C:\DOCUME~1\Angelini\APPLIC~1\Ahead
    [20/04/2008|10:53] C:\DOCUME~1\Angelini\APPLIC~1\Anthropics
    [06/10/2006|17:36] C:\DOCUME~1\Angelini\APPLIC~1\ArcSoft
    [06/12/2005|12:17] C:\DOCUME~1\Angelini\APPLIC~1\Canon
    [23/03/2006|18:55] C:\DOCUME~1\Angelini\APPLIC~1\Corel
    [07/04/2008|08:51] C:\DOCUME~1\Angelini\APPLIC~1\cs
    [08/05/2008|22:03] C:\DOCUME~1\Angelini\APPLIC~1\DAEMON Tools
    [05/02/2007|15:10] C:\DOCUME~1\Angelini\APPLIC~1\DeepBurner
    [29/01/2009|17:09] C:\DOCUME~1\Angelini\APPLIC~1\DivX
    [02/09/2008|08:18] C:\DOCUME~1\Angelini\APPLIC~1\Documents and Settings
    [15/10/2008|15:37] C:\DOCUME~1\Angelini\APPLIC~1\EmailNotifier
    [06/02/2009|20:47] C:\DOCUME~1\Angelini\APPLIC~1\EPSON
    [27/12/2008|19:25] C:\DOCUME~1\Angelini\APPLIC~1\Google
    [29/11/2005|17:24] C:\DOCUME~1\Angelini\APPLIC~1\Help
    [14/08/2008|22:12] C:\DOCUME~1\Angelini\APPLIC~1\Identities
    [22/01/2006|16:48] C:\DOCUME~1\Angelini\APPLIC~1\iMesh
    [27/06/2007|10:44] C:\DOCUME~1\Angelini\APPLIC~1\InstallShield
    [04/08/2003|11:22] C:\DOCUME~1\Angelini\APPLIC~1\InterTrust
    [04/10/2008|09:54] C:\DOCUME~1\Angelini\APPLIC~1\JAM Software
    [09/05/2006|12:21] C:\DOCUME~1\Angelini\APPLIC~1\Jasc
    [22/01/2006|18:04] C:\DOCUME~1\Angelini\APPLIC~1\Kazaa Lite
    [19/04/2006|20:38] C:\DOCUME~1\Angelini\APPLIC~1\Leadertech
    [27/06/2007|10:46] C:\DOCUME~1\Angelini\APPLIC~1\Logitech
    [30/04/2006|16:45] C:\DOCUME~1\Angelini\APPLIC~1\Macromedia
    [26/07/2006|22:11] C:\DOCUME~1\Angelini\APPLIC~1\Media Player Classic
    [15/10/2008|15:37] C:\DOCUME~1\Angelini\APPLIC~1\Megaupload
    [08/11/2008|15:26] C:\DOCUME~1\Angelini\APPLIC~1\MegauploadToolbar
    [15/01/2009|19:24] C:\DOCUME~1\Angelini\APPLIC~1\Microsoft
    [25/12/2005|19:51] C:\DOCUME~1\Angelini\APPLIC~1\Microsoft Web Folders
    [12/11/2007|17:22] C:\DOCUME~1\Angelini\APPLIC~1\Mozilla
    [15/01/2006|14:54] C:\DOCUME~1\Angelini\APPLIC~1\MSN6
    [03/04/2007|15:17] C:\DOCUME~1\Angelini\APPLIC~1\OLYMPUS
    [06/02/2009|20:31] C:\DOCUME~1\Angelini\APPLIC~1\OpenOffice.org2
    [21/11/2007|19:33] C:\DOCUME~1\Angelini\APPLIC~1\PlayFirst
    [16/08/2008|21:54] C:\DOCUME~1\Angelini\APPLIC~1\Real
    [07/03/2008|22:59] C:\DOCUME~1\Angelini\APPLIC~1\Samsung
    [20/04/2007|12:28] C:\DOCUME~1\Angelini\APPLIC~1\Screenshot Sender
    [25/05/2007|09:44] C:\DOCUME~1\Angelini\APPLIC~1\SecondLife
    [04/11/2006|10:41] C:\DOCUME~1\Angelini\APPLIC~1\SecuROM
    [05/09/2006|22:11] C:\DOCUME~1\Angelini\APPLIC~1\SendPix
    [29/01/2007|12:38] C:\DOCUME~1\Angelini\APPLIC~1\Shareaza
    [28/12/2007|15:59] C:\DOCUME~1\Angelini\APPLIC~1\ShoppingReport
    [20/10/2007|11:35] C:\DOCUME~1\Angelini\APPLIC~1\Sibelius Software
    [21/08/2008|21:18] C:\DOCUME~1\Angelini\APPLIC~1\Skype
    [26/12/2006|11:01] C:\DOCUME~1\Angelini\APPLIC~1\SlySoft
    [08/06/2007|16:13] C:\DOCUME~1\Angelini\APPLIC~1\Sony Corporation
    [04/01/2006|22:19] C:\DOCUME~1\Angelini\APPLIC~1\Sun
    [04/08/2003|09:27] C:\DOCUME~1\Angelini\APPLIC~1\Symantec
    [14/10/2007|14:31] C:\DOCUME~1\Angelini\APPLIC~1\The Complete Genealogy Reporter - FTB
    [10/05/2007|20:23] C:\DOCUME~1\Angelini\APPLIC~1\Thunderbird
    [08/04/2008|16:15] C:\DOCUME~1\Angelini\APPLIC~1\U3
    [19/02/2006|13:33] C:\DOCUME~1\Angelini\APPLIC~1\vlc
    [25/07/2006|16:09] C:\DOCUME~1\Angelini\APPLIC~1\WebCompiler3
    [26/09/2008|15:12] C:\DOCUME~1\Angelini\APPLIC~1\WinButler
    [07/12/2005|16:52] C:\DOCUME~1\Angelini\APPLIC~1\XnView
    [14/08/2008|22:12] C:\DOCUME~1\Angelini\APPLIC~1\Zylom

    [04/08/2003|08:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [04/08/2003|11:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
    [02/12/2007|05:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [04/08/2003|09:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [29/01/2007|12:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [06/01/2008|10:25] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [07/02/2009 00:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/06/2007|12:04] C:\Program Files\2 Pic
    [18/03/2008|17:30] C:\Program Files\7-Zip
    [25/10/2008|13:30] C:\Program Files\802.11 Wireless LAN
    [09/10/2008|17:12] C:\Program Files\ABBYY FineReader 6.0 Sprint
    [01/05/2007|18:33] C:\Program Files\AbiSuite2
    [10/05/2007|20:00] C:\Program Files\Adobe
    [30/04/2006|11:11] C:\Program Files\AKVIS
    [24/11/2005|16:16] C:\Program Files\Alwil Software
    [24/12/2008|11:20] C:\Program Files\AntivirusPro2009
    [04/10/2008|10:52] C:\Program Files\Anuman Interactive
    [01/03/2008|12:32] C:\Program Files\ASIO4ALL v2
    [09/12/2007|10:47] C:\Program Files\AskTBar
    [05/02/2007|15:04] C:\Program Files\Astonsoft
    [04/08/2003|09:32] C:\Program Files\ATI Technologies
    [11/05/2007|09:12] C:\Program Files\AtomixMP3
    [23/06/2006|17:30] C:\Program Files\Auralog
    [03/09/2006|22:31] C:\Program Files\AV Vcs 4.0 DIAMOND
    [13/07/2006|23:58] C:\Program Files\AVI-GIF
    [31/12/2008|16:07] C:\Program Files\avijoin
    [24/12/2008|11:20] C:\Program Files\Avira
    [30/03/2007|21:09] C:\Program Files\Axon Data
    [11/11/2006|14:57] C:\Program Files\Bazooka Scanner
    [24/01/2007|20:25] C:\Program Files\BFG
    [28/01/2009|09:49] C:\Program Files\bfgclient
    [06/02/2009|22:59] C:\Program Files\BHODemon 2
    [01/06/2007|12:00] C:\Program Files\Boonty
    [12/08/2008|19:58] C:\Program Files\BoontyGames
    [26/11/2005|22:19] C:\Program Files\Canon
    [16/12/2007|13:54] C:\Program Files\CCleaner
    [04/08/2003|09:11] C:\Program Files\Common Files
    [04/08/2003|08:58] C:\Program Files\ComPlus Applications
    [17/11/2008|17:29] C:\Program Files\Conduit
    [09/12/2007|11:02] C:\Program Files\Corel
    [24/11/2005|14:16] C:\Program Files\CyberLink
    [05/04/2008|16:13] C:\Program Files\CyberMUT
    [14/01/2009|14:14] C:\Program Files\DivX
    [02/01/2006|16:13] C:\Program Files\D-Link
    [03/06/2007|16:29] C:\Program Files\Easy-TV
    [11/11/2006|14:38] C:\Program Files\ElcomSoft
    [27/09/2006|18:18] C:\Program Files\Emjysoft
    [09/01/2009|10:33] C:\Program Files\epson
    [10/10/2007|18:38] C:\Program Files\Everest Poker
    [14/02/2006|14:49] C:\Program Files\Every Toolbar 1.1
    [25/06/2006|16:40] C:\Program Files\EZFace
    [17/12/2008|18:22] C:\Program Files\Fichiers communs
    [22/08/2008|17:38] C:\Program Files\Finale NotePad 2008
    [13/12/2008|10:34] C:\Program Files\Freecorder
    [17/11/2008|17:54] C:\Program Files\Freecorder Toolbar
    [30/12/2008|20:52] C:\Program Files\Freeze.com
    [28/03/2007|14:50] C:\Program Files\GIMP-2.0
    [29/12/2008|15:14] C:\Program Files\Google
    [12/09/2006|14:25] C:\Program Files\Google Toolbar
    [24/04/2007|10:50] C:\Program Files\Grisoft
    [25/10/2008|13:55] C:\Program Files\Hercules
    [24/11/2005|14:08] C:\Program Files\HighMAT CD Writing Wizard
    [15/08/2008|12:38] C:\Program Files\Image-Line
    [22/01/2006|16:46] C:\Program Files\iMesh Applications
    [09/01/2009|15:45] C:\Program Files\InstallShield Installation Information
    [04/08/2003|09:38] C:\Program Files\Intel
    [03/02/2009|16:56] C:\Program Files\Intel Desktop Board
    [11/12/2008|21:46] C:\Program Files\Internet Explorer
    [16/06/2007|18:42] C:\Program Files\ISOpen
    [14/07/2006|00:07] C:\Program Files\Jasc Software Inc
    [29/12/2008|15:17] C:\Program Files\Java
    [14/09/2007|21:42] C:\Program Files\Kate's Video Converter
    [27/09/2006|18:29] C:\Program Files\KC Softwares
    [20/05/2008|22:10] C:\Program Files\Kiwee Toolbar2
    [07/07/2006|18:14] C:\Program Files\K-Lite Codec Pack
    [27/06/2007|10:44] C:\Program Files\Logitech
    [06/02/2009|21:00] C:\Program Files\ma-config.com
    [11/10/2008|10:15] C:\Program Files\Mega Bloc Notes
    [15/10/2008|15:37] C:\Program Files\Megaupload
    [15/10/2008|15:37] C:\Program Files\MegauploadToolbar
    [16/02/2006|11:50] C:\Program Files\Messager Wanadoo
    [24/12/2008|11:21] C:\Program Files\Messenger
    [30/12/2008|15:56] C:\Program Files\Messenger Plus! Live
    [29/12/2008|09:50] C:\Program Files\MessengerPlus! 3
    [11/02/2006|17:46] C:\Program Files\MF-FE500
    [24/12/2006|17:36] C:\Program Files\micronet-soft
    [17/12/2008|18:34] C:\Program Files\Microsoft
    [16/12/2007|13:56] C:\Program Files\Microsoft ActiveSync
    [08/05/2006|15:39] C:\Program Files\Microsoft AntiSpyware
    [25/12/2005|19:51] C:\Program Files\microsoft frontpage
    [28/02/2008|20:06] C:\Program Files\Microsoft Office
    [22/10/2008|09:07] C:\Program Files\Microsoft Silverlight
    [31/01/2008|13:20] C:\Program Files\Microsoft SQL Server Compact Edition
    [21/09/2008|17:25] C:\Program Files\Microsoft Works
    [21/09/2008|17:08] C:\Program Files\Microsoft.NET
    [12/09/2006|17:59] C:\Program Files\Mirror Magic
    [13/09/2008|08:31] C:\Program Files\Movie Maker
    [23/11/2008|10:31] C:\Program Files\Mozilla Firefox
    [07/02/2009|00:09] C:\Program Files\Mozilla Thunderbird
    [11/02/2006|17:46] C:\Program Files\MP3 Explorer
    [28/12/2008|16:48] C:\Program Files\MSECache
    [09/08/2006|08:21] C:\Program Files\MSN
    [24/12/2008|11:21] C:\Program Files\MSN Apps
    [04/08/2003|08:57] C:\Program Files\MSN Gaming Zone
    [28/04/2008|08:20] C:\Program Files\MSN Messenger
    [14/10/2006|23:11] C:\Program Files\MSXML 4.0
    [12/10/2006|09:24] C:\Program Files\MumboJumbo
    [08/10/2007|15:52] C:\Program Files\Musicnotes
    [31/01/2009|12:22] C:\Program Files\Mystery Case Files - Return to Ravenhearst
    [07/02/2009|00:14] C:\Program Files\Navilog1
    [09/12/2007|10:54] C:\Program Files\Nero
    [13/09/2008|08:23] C:\Program Files\NetMeeting
    [02/01/2006|18:46] C:\Program Files\Netscape
    [15/08/2008|12:37] C:\Program Files\Notation
    [03/04/2007|15:15] C:\Program Files\OLYMPUS
    [04/01/2007|18:15] C:\Program Files\OpenOffice.org 2.1
    [06/11/2006|18:04] C:\Program Files\orange
    [13/09/2008|08:23] C:\Program Files\Outlook Express
    [04/02/2009|15:40] C:\Program Files\P2Pcontrol
    [22/12/2008|21:26] C:\Program Files\PC Inspector File Recovery
    [24/01/2006|17:47] C:\Program Files\Photo Print Calendar from YOKOHAMA Ver.3.00E beta
    [09/04/2008|10:46] C:\Program Files\PhotoBox
    [03/04/2007|15:14] C:\Program Files\PIXELA
    [27/04/2007|10:41] C:\Program Files\Pizzicato 3
    [24/04/2006|15:40] C:\Program Files\Polaroid
    [20/04/2008|10:53] C:\Program Files\Portrait Professional 6
    [05/06/2008|22:45] C:\Program Files\QuickTime Alternative
    [09/07/2006|12:40] C:\Program Files\RADVideo
    [10/05/2007|19:59] C:\Program Files\Real
    [07/03/2008|22:55] C:\Program Files\Samsung
    [27/02/2008|15:18] C:\Program Files\sega
    [20/12/2005|12:33] C:\Program Files\Serif
    [04/08/2003|08:58] C:\Program Files\Services en ligne
    [31/03/2007|21:24] C:\Program Files\Shareaza
    [15/08/2008|12:36] C:\Program Files\Shockwave.com
    [10/11/2008|15:47] C:\Program Files\ShoppingReport
    [14/08/2006|18:05] C:\Program Files\Sibelius Software
    [20/12/2005|15:56] C:\Program Files\SimpleOCR
    [25/06/2007|14:22] C:\Program Files\Slickball
    [26/12/2006|18:51] C:\Program Files\SlySoft
    [29/01/2007|13:05] C:\Program Files\SoftwareRevenue.org
    [25/11/2007|10:59] C:\Program Files\sony
    [08/06/2007|16:09] C:\Program Files\Sony Corporation
    [07/01/2006|10:19] C:\Program Files\SpySpotter3
    [29/12/2008|18:25] C:\Program Files\Spyware Guard 2008
    [02/02/2007|10:40] C:\Program Files\Stardock
    [06/02/2009|23:00] C:\Program Files\Trend Micro
    [03/12/2005|13:39] C:\Program Files\Uninstall Information
    [26/02/2008|21:41] C:\Program Files\VCW VicMan's Photo Editor
    [03/12/2007|16:21] C:\Program Files\Veoh Networks
    [19/02/2006|13:31] C:\Program Files\VideoLAN
    [21/10/2007|14:38] C:\Program Files\VirtualDub
    [01/03/2008|12:38] C:\Program Files\VstPlugins
    [13/01/2006|23:00] C:\Program Files\Wanadoo
    [24/11/2005|14:09] C:\Program Files\Windows Journal Viewer
    [28/12/2008|16:45] C:\Program Files\Windows Live
    [04/02/2009|17:54] C:\Program Files\Windows Live Safety Center
    [22/12/2008|21:26] C:\Program Files\Windows Media Connect 2
    [13/09/2008|08:23] C:\Program Files\Windows Media Player
    [13/09/2008|08:23] C:\Program Files\Windows NT
    [04/08/2003|08:57] C:\Program Files\WindowsUpdate
    [09/03/2007|13:39] C:\Program Files\WinRAR
    [12/02/2006|17:49] C:\Program Files\WMPCI54G WLAN Monitor
    [04/08/2003|08:59] C:\Program Files\xerox
    [07/12/2005|16:54] C:\Program Files\XnView
    [13/04/2006|18:31] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [10/05/2007|20:01] C:\Program Files\Fichiers communs\Adobe
    [24/04/2007|21:21] C:\Program Files\Fichiers communs\Adobe Systems Shared
    [09/12/2007|10:57] C:\Program Files\Fichiers communs\Ahead
    [06/10/2006|15:21] C:\Program Files\Fichiers communs\ArcSoft
    [14/04/2006|10:53] C:\Program Files\Fichiers communs\BOONTY Shared
    [26/09/2008|17:12] C:\Program Files\Fichiers communs\Carlson
    [21/09/2008|17:24] C:\Program Files\Fichiers communs\DESIGNER
    [10/12/2005|19:08] C:\Program Files\Fichiers communs\GTK
    [23/03/2006|18:55] C:\Program Files\Fichiers communs\InstallShield
    [02/02/2007|10:24] C:\Program Files\Fichiers communs\InstallShield Shared
    [24/11/2005|14:08] C:\Program Files\Fichiers communs\Java
    [27/06/2007|10:44] C:\Program Files\Fichiers communs\Logitech
    [18/12/2008|18:49] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/08/2003|08:58] C:\Program Files\Fichiers communs\MSSoap
    [31/05/2007|09:49] C:\Program Files\Fichiers communs\Oberon Media
    [04/08/2003|09:55] C:\Program Files\Fichiers communs\ODBC
    [10/05/2007|19:59] C:\Program Files\Fichiers communs\Real
    [31/12/2006|16:46] C:\Program Files\Fichiers communs\Sandlot Shared
    [04/08/2003|08:58] C:\Program Files\Fichiers communs\Services
    [08/06/2007|16:09] C:\Program Files\Fichiers communs\Sony Shared
    [04/08/2003|09:55] C:\Program Files\Fichiers communs\SpeechEngines
    [24/11/2005|14:06] C:\Program Files\Fichiers communs\Symantec Shared
    [13/09/2008|08:23] C:\Program Files\Fichiers communs\System
    [02/04/2007|19:47] C:\Program Files\Fichiers communs\Vbox
    [17/12/2008|18:22] C:\Program Files\Fichiers communs\Windows Live
    [01/12/2007|17:58] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [10/05/2007|19:59] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 40 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-07 00:29:21
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 275

    --------------------\\ Recherche d'autres infections

    --------------------\\ ROGUES ..

    C:\DOCUME~1\Angelini\APPLIC~1\WinButler
    C:\PROGRA~1\Spyware Guard 2008

    --------------------\\ Suspect ..

    C:\WINDOWS\system32\TDSSbrsr.dll
    C:\WINDOWS\system32\TDSSlxwp.dll
    C:\WINDOWS\system32\TDSSoiqh.dll
    C:\WINDOWS\system32\TDSSosvd.dat
    C:\WINDOWS\system32\TDSSriqp.dll
    C:\WINDOWS\system32\TDSStkdv.log
    C:\WINDOWS\system32\TDSSxfum.dll

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Angelini\Application Data\Shareaza\Torrents\Bigfish.Games.-.Diner.Dash.-.Flo.On.The.Go.+.Crack.rar.torrent


    [F:11][D:12]-> C:\DOCUME~1\Angelini\LOCALS~1\Temp
    [F:237][D:0]-> C:\DOCUME~1\Angelini\Cookies
    [F:10395][D:12]-> C:\DOCUME~1\Angelini\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 07/02/2009| 0:21 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 07/02/2009| 0:31 - Option : [2]

    --------------------\\ Fin du rapport a 0:31:13
    m
    0
    l
    a c 295 8 Sécurité
    7 Février 2009 00:37:27

    Bien.

  • Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
  • Double-clique sur l'icône AD-Remover située sur ton Bureau.
  • Au menu principal, choisis l'option A.
  • Poste le rapport qui apparaît à la fin.

    (Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note :

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    m
    0
    l
    7 Février 2009 00:53:55

    Résultat Ad-Report :


    ------- LOGFILE OF AD-REMOVER 1.1.0.6 | ONLY XP/VISTA -------

    Updated by C_XX on 04/02/2009 at 17:00

    Start at: 0:46:24 | Sam 07/02/2009 | Microsoft® Windows XP™ SP3 (V5.1.2600)
    Boot mode: Normal
    Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
    Pc: ANGELINI2 | User: Angelini ( Current user is an administrator)
    Drive(s):
    - C:\ (File System: NTFS)
    - D:\ (File System: NTFS)
    System Drive: C:\
    Windows Directory: C:\WINDOWS\
    System Directory: C:\WINDOWS\System32\

    --- Running Processes: 41

    +--------------------| Boonty/Boonty Games Elements Found:

    Service: Boonty Games
    .
    HKCR\boontybox
    HKCU\SOFTWARE\Boonty
    HKLM\Software\Boonty
    HKLM\Software\Classes\boontybox
    HKLM\SYSTEM\ControlSet001\Services\Boonty Games
    HKLM\SYSTEM\CurrentControlSet\Services\Boonty Games
    HKLM\SYSTEM\ControlSet003\Services\Boonty Games
    .
    C:\Program Files\Boonty
    C:\Program Files\Boonty\Components
    C:\Program Files\BoontyGames
    C:\Program Files\BoontyGames\Big Kahuna Reef 2 Chain Reaction
    C:\Program Files\BoontyGames\Components
    C:\Program Files\BoontyGames\Diner Dash
    C:\Program Files\BoontyGames\MCFHuntsville
    C:\Program Files\BoontyGames\Mystery Case Files - Prime Suspects
    C:\Program Files\BoontyGames\Mystery Case Files Huntsville
    C:\Program Files\BoontyGames\Big Kahuna Reef 2 Chain Reaction\Levels
    C:\Program Files\BoontyGames\Big Kahuna Reef 2 Chain Reaction\SHELL_DEFAULT_HTML
    C:\Program Files\BoontyGames\Big Kahuna Reef 2 Chain Reaction\SHELL_DEFAULT_HTML\css
    C:\Program Files\BoontyGames\Big Kahuna Reef 2 Chain Reaction\SHELL_DEFAULT_HTML\Images
    C:\Program Files\BoontyGames\Big Kahuna Reef 2 Chain Reaction\SHELL_DEFAULT_HTML\js
    C:\Program Files\BoontyGames\Diner Dash\assets
    C:\Program Files\BoontyGames\Diner Dash\config
    C:\Program Files\BoontyGames\Diner Dash\ext
    C:\Program Files\BoontyGames\Diner Dash\gfx
    C:\Program Files\BoontyGames\Diner Dash\SHELL_DEFAULT_HTML
    C:\Program Files\BoontyGames\Diner Dash\snd
    C:\Program Files\BoontyGames\Diner Dash\Xtras
    C:\Program Files\BoontyGames\Diner Dash\assets\flash
    C:\Program Files\BoontyGames\Diner Dash\SHELL_DEFAULT_HTML\css
    C:\Program Files\BoontyGames\Diner Dash\SHELL_DEFAULT_HTML\Images
    C:\Program Files\BoontyGames\Diner Dash\SHELL_DEFAULT_HTML\js
    C:\Program Files\BoontyGames\MCFHuntsville\data
    C:\Program Files\BoontyGames\MCFHuntsville\SHELL_DEFAULT_HTML
    C:\Program Files\BoontyGames\MCFHuntsville\SHELL_DEFAULT_HTML\css
    C:\Program Files\BoontyGames\MCFHuntsville\SHELL_DEFAULT_HTML\Images
    C:\Program Files\BoontyGames\MCFHuntsville\SHELL_DEFAULT_HTML\js
    C:\Program Files\BoontyGames\Mystery Case Files Huntsville\Data
    C:\Program Files\BoontyGames\Mystery Case Files Huntsville\SHELL_DEFAULT_HTML
    C:\Program Files\BoontyGames\Mystery Case Files Huntsville\SHELL_DEFAULT_HTML\css
    C:\Program Files\BoontyGames\Mystery Case Files Huntsville\SHELL_DEFAULT_HTML\Images
    C:\Program Files\BoontyGames\Mystery Case Files Huntsville\SHELL_DEFAULT_HTML\js
    C:\Program Files\Fichiers communs\BOONTY Shared
    C:\Program Files\Fichiers communs\BOONTY Shared\Service

    +--------------------| Eorezo Elements Found:

    .

    +--------------------| Infected Poker Softwares Elements Found:

    HKCU\Software\Grand Virtual
    .
    C:\Program Files\Everest Poker

    +--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Found:

    .
    HKCR\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
    HKCR\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}
    HKCR\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}
    HKCR\MyWebSearch.HTMLPanel
    HKCR\MyWebSearch.HTMLPanel.1
    HKCR\MyWebSearch.PseudoTransparentPlugin
    HKCR\MyWebSearch.PseudoTransparentPlugin.1
    HKCU\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search
    HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
    .

    +--------------------| It's TV Elements Found:

    .

    +--------------------| Sweetim Elements Found:

    .

    +--------------------| Added Scan:

    ---- Mozilla FireFox Version 2.0.0.11 ----

    ProfilePath: k196msv1.default
    .
    Prefs.js: Browser.Search.DefaultEngineName: "Yahoo"
    Prefs.js: Browser.Search.SelectedEngine: "Ask"
    Prefs.js: Browser.Search.DefaultUrl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT106093..."
    Prefs.js: Browser.Startup.HomePage: "http://www2.firesearch.com/"
    .
    .
    .
    .
    .

    ---- Internet Explorer Version 7.0.5730.11 ----

    +-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start page: hxxp://www.estvideo.fr/
    Start page: hxxp://www.estvideo.fr/

    +-[HKEY_USERS\S-1-5-21-2467416731-2376577531-3148842207-1005\..\Internet Explorer\Main]

    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start page: hxxp://www.estvideo.fr/
    Start page: hxxp://www.estvideo.fr/

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: hxxp:\Documents and Settings\Angelini\Application Data\MegauploadToolbar\tabwelcome.html

    +---------------------------------------------------------------------------+

    [~5740 Bytes] - "C:\Ad-Report-Scan-07.02.2009.log"
    -

    End at: 0:48:19 | 07/02/2009
    .
    +--------------------| E.O.F - 116 Lines
    .
    m
    0
    l
    a c 295 8 Sécurité
    7 Février 2009 00:56:51

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur AD-Remover pour le lancer : au menu principal, choisis l'option B.

  • Coche A à l'écran de sélection :



  • Puis choisis S, le programme va travailler.

  • Poste le rapport qui apparaît à la fin.

    (Le rapport est sauvegardé aussi sous C:\Ad-report.log)

    /!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide) /!\
    m
    0
    l
    7 Février 2009 01:10:42

    Rapport 2 de Ad-Remover :


    ------- LOGFILE OF AD-REMOVER 1.1.0.6 | ONLY XP/VISTA -------

    Updated by C_XX on 04/02/2009 at 17:00

    *** LIMITED TO ***

    Boonty/BoontyGames
    Eorezo
    Infected Poker Softwares
    FunWebProduct/MyWay/MyWebSearch
    It's TV
    Sweetim

    ******************

    Start at: 1:01:50 | Sam 07/02/2009 | Microsoft® Windows XP™ SP3 (V5.1.2600)
    Boot mode: Normal
    Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
    Pc: ANGELINI2 | User: Angelini ( Current user is an administrator)
    Drive(s):
    - C:\ (File System: NTFS)
    - D:\ (File System: NTFS)
    System Drive: C:\
    Windows Directory: C:\WINDOWS\
    System Directory: C:\WINDOWS\System32\

    --- Running Processes: 41

    (!) ---- IE start pages/Tabs reset

    +--------------------| Boonty/Boonty Games Elements Deleted :

    Service: "Boonty Games"
    .
    HKCR\boontybox
    HKCU\SOFTWARE\Boonty
    HKLM\Software\Boonty
    HKLM\SYSTEM\ControlSet003\Services\Boonty Games
    .
    C:\Program Files\Boonty
    C:\Program Files\BoontyGames
    C:\Program Files\Fichiers communs\BOONTY Shared

    +--------------------| Eorezo Elements Deleted :

    .

    +--------------------| Infected Poker Softwares Elements Deleted :

    HKCU\Software\Grand Virtual
    .
    C:\Program Files\Everest Poker

    +--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :

    .
    HKCR\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
    HKCR\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}
    HKCR\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}
    HKCR\MyWebSearch.HTMLPanel
    HKCR\MyWebSearch.HTMLPanel.1
    HKCR\MyWebSearch.PseudoTransparentPlugin
    HKCR\MyWebSearch.PseudoTransparentPlugin.1
    HKCU\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search
    HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
    .

    +--------------------| It's TV Elements Deleted :

    .

    +--------------------| Sweetim Elements Deleted :

    .

    (!) ---- Temp files deleted.
    (!) ---- Recycle bin emptied in all drives.


    +--------------------| Added Scan :

    ---- Mozilla FireFox Version 2.0.0.11 ----

    ProfilePath: k196msv1.default
    .
    Prefs.js: Browser.Search.DefaultEngineName: "Yahoo"
    Prefs.js: Browser.Search.SelectedEngine: "Ask"
    Prefs.js: Browser.Search.DefaultUrl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT106093..."
    Prefs.js: Browser.Startup.HomePage: "http://www2.firesearch.com/"
    .
    .
    .
    .
    .

    ---- Internet Explorer Version 7.0.5730.11 ----

    +-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Start page: hxxp://www.estvideo.fr/

    +-[HKEY_USERS\S-1-5-21-2467416731-2376577531-3148842207-1005\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Start page: hxxp://www.estvideo.fr/

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start page: hxxp://fr.msn.com/

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: hxxp://ieframe.dll/tabswelcome.htm

    +---------------------------------------------------------------------------+

    [~4058 Bytes] - "C:\Ad-Report-Clean-07.02.2009.log"
    [~5876 Bytes] - "C:\Ad-Report-Scan-07.02.2009.log"
    -

    End at: 1:09:17 | 07/02/2009
    .
    +--------------------| E.O.F - 95 Lines
    .
    m
    0
    l
    a c 295 8 Sécurité
    7 Février 2009 01:19:18

  • Désinstalle AD-Remover.

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    m
    0
    l
    7 Février 2009 01:40:59

    Rapport de ComboFix :

    ComboFix 09-02-06.01 - Angelini 2009-02-07 1:34:56.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.511.197 [GMT 1:00]
    Lancé depuis: c:\documents and settings\Angelini\Bureau\ComboFix.exe
    AV: avast! antivirus 4.8.1335 [VPS 090206-0] *On-access scanning disabled* (Updated)
    AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Outdated)
    * Un nouveau point de restauration a été créé
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\c.cgm
    c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll
    c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\moduleie.dll
    c:\documents and settings\All Users\Application Data\Microsoft\Protect\svhost.exe
    c:\documents and settings\Angelini\Application Data\ShoppingReport
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\Config.xml
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\db\Aliases.dbs
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\db\Sites.dbs
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\report\aggr_storage.xml
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\report\send_storage.xml
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\res1\WhiteList.dbs
    c:\documents and settings\Angelini\err.log
    c:\program files\ShoppingReport
    c:\program files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
    c:\program files\Spyware Guard 2008
    c:\program files\Spyware Guard 2008\conf.cfg
    c:\program files\Spyware Guard 2008\mbase.vdb
    c:\program files\Spyware Guard 2008\quarantine.vdb
    c:\program files\Spyware Guard 2008\queue.vdb
    c:\program files\Spyware Guard 2008\spywareguard.exe
    c:\program files\Spyware Guard 2008\uninstall.exe
    c:\program files\Spyware Guard 2008\vbase.vdb
    c:\windows\reged.exe
    c:\windows\spoolsystem.exe
    c:\windows\sys.com
    c:\windows\syscert.exe
    c:\windows\sysexplorer.exe
    c:\windows\system32\404Fix.exe
    c:\windows\system32\dumphive.exe
    c:\windows\system32\IEDFix.C.exe
    c:\windows\system32\IEDFix.exe
    c:\windows\system32\Microsoft\backup.ftp
    c:\windows\system32\Microsoft\backup.tftp
    c:\windows\system32\o4Patch.exe
    c:\windows\system32\rnaph.dll
    c:\windows\system32\SrchSTS.exe
    c:\windows\system32\TDSSbrsr.dll
    c:\windows\system32\TDSSlxwp.dll
    c:\windows\system32\TDSSoiqh.dll
    c:\windows\system32\TDSSosvd.dat
    c:\windows\system32\TDSSriqp.dll
    c:\windows\system32\TDSStkdv.log
    c:\windows\system32\TDSSxfum.dll
    c:\windows\system32\tmp.reg
    c:\windows\system32\VACFix.exe
    c:\windows\system32\VCCLSID.exe
    c:\windows\system32\wini10891.exe
    c:\windows\system32\winscenter.exe
    c:\windows\system32\WS2Fix.exe
    c:\windows\system32\wsnpoem
    c:\windows\system32\wsnpoem\audio.dll.cla
    c:\windows\vmreg.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-01-07 au 2009-02-07 ))))))))))))))))))))))))))))))))))))
    .

    2009-02-07 00:45 . 2009-02-07 01:21 <REP> d-------- c:\program files\Ad-remover
    2009-02-07 00:15 . 2009-02-07 00:31 <REP> d-------- C:\Lop SD
    2009-02-06 23:16 . 2009-02-07 00:14 <REP> d-------- c:\program files\Navilog1
    2009-02-06 23:00 . 2009-02-06 23:00 <REP> d-------- C:\rsit
    2009-02-06 22:31 . 2009-02-06 22:59 <REP> d-------- c:\program files\BHODemon 2
    2009-02-06 21:00 . 2009-02-06 21:00 <REP> d-------- c:\program files\ma-config.com
    2009-02-06 21:00 . 2009-02-06 21:00 <REP> d----c--- c:\documents and settings\All Users\Application Data\ma-config.com
    2009-02-03 16:56 . 2009-02-03 16:56 <REP> d-------- c:\program files\Intel Desktop Board
    2009-02-02 10:33 . 2009-02-04 15:40 <REP> d-------- c:\program files\P2Pcontrol
    2009-02-02 10:32 . 2008-06-20 12:51 361,600 --a------ c:\windows\system32\drivers\tcpip.original
    2009-01-28 09:54 . 2009-01-31 12:22 <REP> d-------- c:\program files\Mystery Case Files - Return to Ravenhearst
    2009-01-20 19:34 . 2009-02-04 17:54 <REP> d-------- c:\program files\Windows Live Safety Center
    2009-01-14 22:36 . 2009-01-14 22:36 118 --a------ c:\windows\system32\MRT.INI

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-02-06 23:09 --------- d-----w c:\program files\Mozilla Thunderbird
    2009-02-06 22:00 --------- d-----w c:\program files\Trend Micro
    2009-02-06 19:47 --------- d-----w c:\documents and settings\Angelini\Application Data\EPSON
    2009-02-06 19:31 --------- d-----w c:\documents and settings\Angelini\Application Data\OpenOffice.org2
    2009-01-31 11:24 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
    2009-01-29 16:09 --------- d-----w c:\documents and settings\Angelini\Application Data\DivX
    2009-01-28 09:35 --------- dc----w c:\documents and settings\All Users\Application Data\BigFishGamesCache
    2009-01-28 08:49 --------- d-----w c:\program files\bfgclient
    2009-01-24 08:59 --------- d-----w c:\documents and settings\Angelini\Application Data\AdobeUM
    2009-01-14 13:14 --------- d-----w c:\program files\DivX
    2009-01-09 14:45 --------- d--h--w c:\program files\InstallShield Installation Information
    2009-01-09 09:33 --------- d-----w c:\program files\epson
    2008-12-31 15:07 --------- d-----w c:\program files\avijoin
    2008-12-30 19:52 --------- d-----w c:\program files\Freeze.com
    2008-12-30 14:56 --------- d-----w c:\program files\Messenger Plus! Live
    2008-12-29 17:47 410,984 ----a-w c:\windows\system32\deploytk.dll
    2008-12-29 14:17 --------- d-----w c:\program files\Java
    2008-12-29 14:14 --------- d-----w c:\program files\Google
    2008-12-29 08:50 --------- d-----w c:\program files\MessengerPlus! 3
    2008-12-28 15:48 --------- d-----w c:\program files\MSECache
    2008-12-28 15:45 --------- d-----w c:\program files\Windows Live
    2008-12-28 15:42 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
    2008-12-25 19:26 --------- dc----w c:\documents and settings\All Users\Application Data\Kiwee Toolbar2
    2008-12-24 10:21 --------- d-----w c:\program files\MSN Apps
    2008-12-24 10:20 --------- d-----w c:\program files\Avira
    2008-12-24 10:20 --------- d-----w c:\program files\AntivirusPro2009
    2008-12-24 10:20 --------- d-----w c:\documents and settings\All Users\Application Data\Avira(2)
    2008-12-24 10:20 --------- d-----w c:\documents and settings\All Users\Application Data\Avira
    2008-12-22 20:26 --------- d-----w c:\program files\Windows Media Connect 2
    2008-12-22 20:26 --------- d-----w c:\program files\PC Inspector File Recovery
    2008-12-17 17:34 --------- d-----w c:\program files\Microsoft
    2008-12-17 17:22 --------- d-----w c:\program files\Fichiers communs\Windows Live
    2008-12-13 09:34 --------- d-----w c:\program files\Freecorder
    2008-12-11 20:41 --------- dc----w c:\documents and settings\All Users\Application Data\Microsoft Help
    2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
    2008-12-02 21:37 49,480 ----a-w c:\windows\system32\sirenacm.dll
    2008-11-10 15:08 36,181 ----a-w c:\windows\Sysvxd.exe
    2008-11-10 10:42 18,491 ----a-w c:\program files\Fichiers communs\ahos.dat
    2008-11-10 10:42 18,143 ----a-w c:\windows\system32\vulufugym.pif
    2008-11-10 10:42 17,138 ----a-w c:\program files\Fichiers communs\ripy._sy
    2008-11-10 10:42 15,759 ----a-w c:\program files\Fichiers communs\yrav.vbs
    2008-11-10 10:42 13,575 ----a-w c:\documents and settings\Angelini\Application Data\ofuteka.scr
    2008-11-10 10:42 11,689 -c--a-w c:\documents and settings\All Users\Application Data\secezuh.dat
    2008-03-18 16:27 40 -c--a-w c:\documents and settings\Angelini\language.dat
    2008-12-29 17:25 767,488 ----a-w c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\qpbwpjdcnn.dll
    2007-12-28 15:38 67,696 -c--a-w c:\program files\mozilla firefox\components\jar50.dll
    2007-12-28 15:38 54,376 -c--a-w c:\program files\mozilla firefox\components\jsd3250.dll
    2007-12-28 15:38 34,952 -c--a-w c:\program files\mozilla firefox\components\myspell.dll
    2007-12-28 15:38 46,720 -c--a-w c:\program files\mozilla firefox\components\spellchk.dll
    2007-12-28 15:38 172,144 -c--a-w c:\program files\mozilla firefox\components\xpinstal.dll
    2006-04-22 19:52 88 -csh--r c:\windows\system32\99BEB52529.sys
    2006-04-26 15:48 3,350 -csha-w c:\windows\system32\KGyGaAvL.sys
    2008-09-13 09:45 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008091320080914\index.dat
    .

    ------- Sigcheck -------

    2005-05-25 20:07 359936 63fdfea54eb53de2d863ee454937ce1e c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
    2006-01-13 18:07 360448 5562cc0a47b2aef06d3417b733f3c195 c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
    2006-04-20 13:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
    2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
    2008-06-20 11:44 360960 744e57c99232201ae98c49168b918f48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
    2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
    2008-06-20 12:59 361600 ad978a1b783b5719720cff204b666c8e c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    2008-06-20 11:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\$NtServicePackUninstall$\tcpip.sys
    2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\$NtUninstallKB893066$\tcpip.sys
    2005-05-25 20:04 359808 88763a98a4c26c409741b4aa162720c9 c:\windows\$NtUninstallKB913446$\tcpip.sys
    2006-01-13 03:28 359808 583e063fdc888ca30d05c2724b0d7ef4 c:\windows\$NtUninstallKB917953$\tcpip.sys
    2006-04-20 12:51 359808 1dbf125862891817f374f407626967f4 c:\windows\$NtUninstallKB941644$\tcpip.sys
    2008-04-13 20:20 361344 93ea8d04ec73a85db02eb8805988f733 c:\windows\$NtUninstallKB951748$\tcpip.sys
    2007-10-30 18:20 360064 90caff4b094573449a0872a0f919b178 c:\windows\$NtUninstallKB951748_0$\tcpip.sys
    2008-04-13 20:20 361344 93ea8d04ec73a85db02eb8805988f733 c:\windows\ServicePackFiles\i386\tcpip.sys
    2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\system32\dllcache\tcpip.sys
    2008-06-20 12:51 361600 4afb3b0919649f95c1964aa1fad27d73 c:\windows\system32\drivers\tcpip.sys
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= "c:\program files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll" [2008-04-03 265360]
    "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre1.dll" [2008-12-13 1784856]

    [HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]
    [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
    [HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}]
    [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]

    [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
    2008-12-13 10:34 1784856 --a------ c:\program files\Freecorder\tbFre1.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= "c:\program files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll" [2008-04-03 265360]
    "{A057A204-BACC-4D26-C39E-35F1D2A32EC8}"= "c:\progra~1\MEGAUP~2\MEGAUP~1.DLL" [2008-08-04 1947080]
    "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre1.dll" [2008-12-13 1784856]

    [HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]
    [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
    [HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}]
    [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]

    [HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-c39e-35f1d2a32ec8}]
    [HKEY_CLASSES_ROOT\megauploadtoolbar.MEGAUPLOADTOOLBAR]

    [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= "c:\program files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll" [2008-04-03 265360]
    "{A057A204-BACC-4D26-C39E-35F1D2A32EC8}"= "c:\progra~1\MEGAUP~2\MEGAUP~1.DLL" [2008-08-04 1947080]
    "{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\tbFre1.dll" [2008-12-13 1784856]

    [HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]
    [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
    [HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}]
    [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]

    [HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-c39e-35f1d2a32ec8}]
    [HKEY_CLASSES_ROOT\megauploadtoolbar.MEGAUPLOADTOOLBAR]

    [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
    "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2008-12-29 190024]
    "OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2005-11-29 57344]
    "EPSON Stylus DX8400 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE" [2007-04-12 182272]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-29 39408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ezShieldProtector for Px"="c:\windows\System32\ezSP_Px.exe" [2002-08-20 40960]
    "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-07-06 335872]
    "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-04-02 4616192]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-29 136600]
    "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]
    "OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2005-11-29 40960]
    "SsAAD.exe"="c:\progra~1\sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
    "KiweeHook"="c:\program files\Kiwee Toolbar2\1.5.131\kwtbaim.exe" [2008-04-03 56456]
    "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
    "P2Pcontrol"="c:\program files\P2Pcontrol\p2control.exe" [2009-01-26 159744]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-07-22 c:\windows\AGRSMMSG.exe]
    "ATIModeChange"="Ati2mdxx.exe" [2001-09-04 c:\windows\system32\Ati2mdxx.exe]
    "nwiz"="nwiz.exe" [2003-04-02 c:\windows\system32\nwiz.exe]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 c:\windows\KHALMNPR.Exe]
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 c:\windows\KHALMNPR.Exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\Angelini\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-04-02 113664]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-04-02 113664]
    Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-06-27 692224]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
    2001-12-20 23:34 24576 c:\progra~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=wbsys.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.dvsd"= c:\progra~1\FICHIE~1\SONYSH~1\dvlib\sonydv.dll
    "VIDC.X264"= x264vfw.dll
    "VIDC.3iv2"= 3ivxVfWCodec.dll
    "VIDC.MJPG"= pvmjpg21.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
    "c:\\Program Files\\Shareaza\\Shareaza.exe"=
    "c:\\Program Files\\Real\\RealOne Player\\realplay.exe"=
    "d:\\Mélanie\\Mélanie images\\Jeux\\playstation\\ePSXe 1_6_0 Fr\\ePSXe.exe"=
    "d:\\alberto.angelini\\Phone\\Skype.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "c:\\Program Files\\P2Pcontrol\\p2control.exe"=

    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-02-06 114768]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-02-06 20560]
    R2 NwSapAgent;Agent SAP;c:\windows\system32\svchost.exe -k netsvcs [2003-08-04 14336]
    R3 ovt530;Webcam Deluxe;c:\windows\system32\drivers\ov530vid.sys [2006-10-06 161792]
    S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-01-24 216232]
    S3 QCAbsee;QuickCam Web Logitech (0801);c:\windows\system32\drivers\OVCA.sys [2005-11-26 25088]
    S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2008-10-25 162304]

    --- Autres Services/Pilotes en mémoire ---

    *NewlyCreated* - ASWUPDSV
    *NewlyCreated* - AVAST!_MAIL_SCANNER
    *NewlyCreated* - AVAST!_WEB_SCANNER
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-WOOKIT - c:\progra~1\Wanadoo\GestMaj.exe
    HKCU-Run-Cld2000.exe - c:\program files\Calendrier\Cld2000.exe
    HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    HKCU-Run-WinButler - c:\documents and settings\Angelini\Application Data\WinButler\WinButler.exe
    HKCU-Run-SfKg6wIPu - c:\documents and settings\Angelini\Application Data\Microsoft\Windows\rayio.exe
    HKLM-Run-NI.UWFX5V_0001_N57M1212 - c:\documents and settings\Angelini\Local Settings\Temporary Internet Files\Content.IE5\0JKCMEO7\WinFixer2005ScannerInstallFRA[1].exe
    HKLM-Run-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
    HKLM-Run-AppInstaller - c:\program files\Sony\VAIO Application Recovery Utility\InstExec.exe
    SSODL-rdihost-{A812C25C-9D78-4480-8BE3-BFD22AB0A567} - rdihost.dll


    .
    ------- Examen supplémentaire -------
    .
    uInternet Settings,ProxyOverride = <local>
    IE: Liens de téléchargement avec Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
    IE: {{776883A9-1EA8-4d8f-88B7-AA652FEF01A7} - c:\casino\Carnival Casino\casino.exe
    IE: {{C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} -
    Trusted Zone: sony-europe.com
    Trusted Zone: sonystyle-europe.com
    Trusted Zone: vaio-link.com
    DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
    DPF: Interface Chat Wanadoo - hxxp://chat9.x-echo.com/version6/Applet/wchatsign.cab
    DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
    DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} - hxxp://www8.photoweb.fr/telechargement/Photoweb_uploader.cab
    DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_1_1_0.cab
    DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
    DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader4.cab?20081222083646
    FF - ProfilePath - c:\documents and settings\Angelini\Application Data\Mozilla\Firefox\Profiles\k196msv1.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q=
    FF - prefs.js: browser.startup.homepage - hxxp://www2.firesearch.com/
    FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?ei=utf-8&fr=megaup&p=
    FF - prefs.js: browser.search.selectedEngine - Ask
    FF - component: c:\documents and settings\Angelini\Application Data\Mozilla\Firefox\Profiles\k196msv1.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\FFAlert.dll
    FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-07 01:36:48
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-2467416731-2376577531-3148842207-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:7a,b1,63,56,a6,85,b5,21,3a,7e,fe,5c,fa,49,0d,78,c9,07,cc,15,9f,cb,59,
    dd,bf,a0,cd,45,57,80,76,00,47,ab,ae,e5,6d,77,81,40,45,fa,d0,7a,78,d2,2a,3a,\
    "??"=hex:2f,5b,3f,89,3a,28,47,61,20,6c,dd,bc,f8,70,72,58
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(860)
    c:\progra~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
    .
    Heure de fin: 2009-02-07 1:39:48
    ComboFix-quarantined-files.txt 2009-02-07 00:39:05

    Avant-CF: 6 553 264 128 octets libres
    Après-CF: 6,528,561,152 octets libres

    WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn

    329 --- E O F --- 2009-01-14 21:38:21
    m
    0
    l
    a c 295 8 Sécurité
    7 Février 2009 01:45:34

    Ton PC va de mieux en mieux je parie mais il reste encore pas mal d'infections.

  • Télécharge Toolbar S&D (Team IDN) sur ton Bureau.
  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)
    m
    0
    l
    7 Février 2009 01:50:03

    Eh ben je me doutais pas qu'il serait autant infecté que ça mon pauvre PC...
    Mais comment tu sais toutes les manip qu'il y a à faire ?

    Rapport :

    ComboFix 09-02-06.01 - Angelini 2009-02-07 1:34:56.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.511.197 [GMT 1:00]
    Lancé depuis: c:\documents and settings\Angelini\Bureau\ComboFix.exe
    AV: avast! antivirus 4.8.1335 [VPS 090206-0] *On-access scanning disabled* (Updated)
    AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Outdated)
    * Un nouveau point de restauration a été créé
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\c.cgm
    c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll
    c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\moduleie.dll
    c:\documents and settings\All Users\Application Data\Microsoft\Protect\svhost.exe
    c:\documents and settings\Angelini\Application Data\ShoppingReport
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\Config.xml
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\db\Aliases.dbs
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\db\Sites.dbs
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\report\aggr_storage.xml
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\report\send_storage.xml
    c:\documents and settings\Angelini\Application Data\ShoppingReport\cs\res1\WhiteList.dbs
    c:\documents and settings\Angelini\err.log
    c:\program files\ShoppingReport
    c:\program files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
    c:\program files\Spyware Guard 2008
    c:\program files\Spyware Guard 2008\conf.cfg
    c:\program files\Spyware Guard 2008\mbase.vdb
    c:\program files\Spyware Guard 2008\quarantine.vdb
    c:\program files\Spyware Guard 2008\queue.vdb
    c:\program files\Spyware Guard 2008\spywareguard.exe
    c:\program files\Spyware Guard 2008\uninstall.exe
    c:\program files\Spyware Guard 2008\vbase.vdb
    c:\windows\reged.exe
    c:\windows\spoolsystem.exe
    c:\windows\sys.com
    c:\windows\syscert.exe
    c:\windows\sysexplorer.exe
    c:\windows\system32\404Fix.exe
    c:\windows\system32\dumphive.exe
    c:\windows\system32\IEDFix.C.exe
    c:\windows\system32\IEDFix.exe
    c:\windows\system32\Microsoft\backup.ftp
    c:\windows\system32\Microsoft\backup.tftp
    c:\windows\system32\o4Patch.exe
    c:\windows\system32\rnaph.dll
    c:\windows\system32\SrchSTS.exe
    c:\windows\system32\TDSSbrsr.dll
    c:\windows\system32\TDSSlxwp.dll
    c:\windows\system32\TDSSoiqh.dll
    c:\windows\system32\TDSSosvd.dat
    c:\windows\system32\TDSSriqp.dll
    c:\windows\system32\TDSStkdv.log
    c:\windows\system32\TDSSxfum.dll
    c:\windows\system32\tmp.reg
    c:\windows\system32\VACFix.exe
    c:\windows\system32\VCCLSID.exe
    c:\windows\system32\wini10891.exe
    c:\windows\system32\winscenter.exe
    c:\windows\system32\WS2Fix.exe
    c:\windows\system32\wsnpoem
    c:\windows\system32\wsnpoem\audio.dll.cla
    c:\windows\vmreg.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-01-07 au 2009-02-07 ))))))))))))))))))))))))))))))))))))
    .

    2009-02-07 00:45 . 2009-02-07 01:21 <REP> d-------- c:\program files\Ad-remover
    2009-02-07 00:15 . 2009-02-07 00:31 <REP> d-------- C:\Lop SD
    2009-02-06 23:16 . 2009-02-07 00:14 <REP> d-------- c:\program files\Navilog1
    2009-02-06 23:00 . 2009-02-06 23:00 <REP> d-------- C:\rsit
    2009-02-06 22:31 . 2009-02-06 22:59 <REP> d-------- c:\program files\BHODemon 2
    2009-02-06 21:00 . 2009-02-06 21:00 <REP> d-------- c:\program files\ma-config.com
    2009-02-06 21:00 . 2009-02-06 21:00 <REP> d----c--- c:\documents and settings\All Users\Application Data\ma-config.com
    2009-02-03 16:56 . 2009-02-03 16:56 <REP> d-------- c:\program files\Intel Desktop Board
    2009-02-02 10:33 . 2009-02-04 15:40 <REP> d-------- c:\program files\P2Pcontrol
    2009-02-02 10:32 . 2008-06-20 12:51 361,600 --a------ c:\windows\system32\drivers\tcpip.original
    2009-01-28 09:54 . 2009-01-31 12:22 <REP> d-------- c:\program files\Mystery Case Files - Return to Ravenhearst
    2009-01-20 19:34 . 2009-02-04 17:54 <REP> d-------- c:\program files\Windows Live Safety Center
    2009-01-14 22:36 . 2009-01-14 22:36 118 --a------ c:\windows\system32\MRT.INI

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-02-06 23:09 --------- d-----w c:\program files\Mozilla Thunderbird
    2009-02-06 22:00 --------- d-----w c:\program files\Trend Micro
    2009-02-06 19:47 --------- d-----w c:\documents and settings\Angelini\Application Data\EPSON
    2009-02-06 19:31 --------- d-----w c:\documents and settings\Angelini\Application Data\OpenOffice.org2
    2009-01-31 11:24 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
    2009-01-29 16:09 --------- d-----w c:\documents and settings\Angelini\Application Data\DivX
    2009-01-28 09:35 --------- dc----w c:\documents and settings\All Users\Application Data\BigFishGamesCache
    2009-01-28 08:49 --------- d-----w c:\program files\bfgclient
    2009-01-24 08:59 --------- d-----w c:\documents and settings\Angelini\Application Data\AdobeUM
    2009-01-14 13:14 --------- d-----w c:\program files\DivX
    2009-01-09 14:45 --------- d--h--w c:\program files\InstallShield Installation Information
    2009-01-09 09:33 --------- d-----w c:\program files\epson
    2008-12-31 15:07 --------- d-----w c:\program files\avijoin
    2008-12-30 19:52 --------- d-----w c:\program files\Freeze.com
    2008-12-30 14:56 --------- d-----w c:\program files\Messenger Plus! Live
    2008-12-29 17:47 410,984 ----a-w c:\windows\system32\deploytk.dll
    2008-12-29 14:17 --------- d-----w c:\program files\Java
    2008-12-29 14:14 --------- d-----w c:\program files\Google
    2008-12-29 08:50 --------- d-----w c:\program files\MessengerPlus! 3
    2008-12-28 15:48 --------- d-----w c:\program files\MSECache
    2008-12-28 15:45 --------- d-----w c:\program files\Windows Live
    2008-12-28 15:42 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
    2008-12-25 19:26 --------- dc----w c:\documents and settings\All Users\Application Data\Kiwee Toolbar2
    2008-12-24 10:21 --------- d-----w c:\program files\MSN Apps
    2008-12-24 10:20 --------- d-----w c:\program files\Avira
    2008-12-24 10:20 --------- d-----w c:\program files\AntivirusPro2009
    2008-12-24 10:20 --------- d-----w c:\documents and settings\All Users\Application Data\Avira(2)
    2008-12-24 10:20 --------- d-----w c:\documents and settings\All Users\Application Data\Avira
    2008-12-22 20:26 --------- d-----w c:\program files\Windows Media Connect 2
    2008-12-22 20:26 --------- d-----w c:\program files\PC Inspector File Recovery
    2008-12-17 17:34 --------- d-----w c:\program files\Microsoft
    2008-12-17 17:22 --------- d-----w c:\program files\Fichiers communs\Windows Live
    2008-12-13 09:34 --------- d-----w c:\program files\Freecorder
    2008-12-11 20:41 --------- dc----w c:\documents and settings\All Users\Application Data\Microsoft Help
    2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
    2008-12-02 21:37 49,480 ----a-w c:\windows\system32\sirenacm.dll
    2008-11-10 15:08 36,181 ----a-w c:\windows\Sysvxd.exe
    2008-11-10 10:42 18,491 ----a-w c:\program files\Fichiers communs\ahos.dat
    2008-11-10 10:42 18,143 ----a-w c:\windows\system32\vulufugym.pif
    2008-11-10 10:42 17,138 ----a-w c:\program files\Fichiers communs\ripy._sy
    2008-11-10 10:42 15,759 ----a-w c:\program files\Fichiers communs\yrav.vbs
    2008-11-10 10:42 13,575 ----a-w c:\documents and settings\Angelini\Application Data\ofuteka.scr
    2008-11-10 10:42 11,689 -c--a-w c:\documents and settings\All Users\Application Data\secezuh.dat
    2008-03-18 16:27 40 -c--a-w c:\documents and settings\Angelini\language.dat
    2008-12-29 17:25 767,488 ----a-w c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\qpbwpjdcnn.dll
    2007-12-28 15:38 67,696 -c--a-w c:\program files\mozilla firefox\components\jar50.dll
    2007-12-28 15:38 54,376 -c--a-w c:\program files\mozilla firefox\components\jsd3250.dll
    2007-12-28 15:38 34,952 -c--a-w c:\program files\mozilla firefox\components\myspell.dll
    2007-12-28 15:38 46,720 -c--a-w c:\program files\mozilla firefox\components\spellchk.dll
    2007-12-28 15:38 172,144 -c--a-w c:\program files\mozilla firefox\components\xpinstal.dll
    2006-04-22 19:52 88 -csh--r c:\windows\system32\99BEB52529.sys
    2006-04-26 15:48 3,350 -csha-w c:\windows\system32\KGyGaAvL.sys
    2008-09-13 09:45 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008091320080914\index.dat
    .

    ------- Sigcheck -------

    2005-05-25 20:07 359936 63fdfea54eb53de2d863ee454937ce1e c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
    2006-01-13 18:07 360448 5562cc0a47b2aef06d3417b733f3c195 c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
    2006-04-20 13:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
    2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
    2008-06-20 11:44 360960 744e57c99232201ae98c49168b918f48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
    2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
    2008-06-20 12:59 361600 ad978a1b783b5719720cff204b666c8e c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    2008-06-20 11:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\$NtServicePackUninstall$\tcpip.sys
    2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\$NtUninstallKB893066$\tcpip.sys
    2005-05-25 20:04 359808 88763a98a4c26c409741b4aa162720c9 c:\windows\$NtUninstallKB913446$\tcpip.sys
    2006-01-13 03:28 359808 583e063fdc888ca30d05c2724b0d7ef4 c:\windows\$NtUninstallKB917953$\tcpip.sys
    2006-04-20 12:51 359808 1dbf125862891817f374f407626967f4 c:\windows\$NtUninstallKB941644$\tcpip.sys
    2008-04-13 20:20 361344 93ea8d04ec73a85db02eb8805988f733 c:\windows\$NtUninstallKB951748$\tcpip.sys
    2007-10-30 18:20 360064 90caff4b094573449a0872a0f919b178 c:\windows\$NtUninstallKB951748_0$\tcpip.sys
    2008-04-13 20:20 361344 93ea8d04ec73a85db02eb8805988f733 c:\windows\ServicePackFiles\i386\tcpip.sys
    2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\system32\dllcache\tcpip.sys
    2008-06-20 12:51 361600 4afb3b0919649f95c1964aa1fad27d73 c:\windows\system32\drivers\tcpip.sys
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= "c:\program files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll" [2008-04-03 265360]
    "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre1.dll" [2008-12-13 1784856]

    [HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]
    [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
    [HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}]
    [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]

    [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
    2008-12-13 10:34 1784856 --a------ c:\program files\Freecorder\tbFre1.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= "c:\program files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll" [2008-04-03 265360]
    "{A057A204-BACC-4D26-C39E-35F1D2A32EC8}"= "c:\progra~1\MEGAUP~2\MEGAUP~1.DLL" [2008-08-04 1947080]
    "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre1.dll" [2008-12-13 1784856]

    [HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]
    [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
    [HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}]
    [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]

    [HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-c39e-35f1d2a32ec8}]
    [HKEY_CLASSES_ROOT\megauploadtoolbar.MEGAUPLOADTOOLBAR]

    [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= "c:\program files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll" [2008-04-03 265360]
    "{A057A204-BACC-4D26-C39E-35F1D2A32EC8}"= "c:\progra~1\MEGAUP~2\MEGAUP~1.DLL" [2008-08-04 1947080]
    "{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\tbFre1.dll" [2008-12-13 1784856]

    [HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]
    [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
    [HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}]
    [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]

    [HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-c39e-35f1d2a32ec8}]
    [HKEY_CLASSES_ROOT\megauploadtoolbar.MEGAUPLOADTOOLBAR]

    [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
    "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2008-12-29 190024]
    "OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2005-11-29 57344]
    "EPSON Stylus DX8400 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE" [2007-04-12 182272]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-29 39408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ezShieldProtector for Px"="c:\windows\System32\ezSP_Px.exe" [2002-08-20 40960]
    "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-07-06 335872]
    "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-04-02 4616192]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-29 136600]
    "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]
    "OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2005-11-29 40960]
    "SsAAD.exe"="c:\progra~1\sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
    "KiweeHook"="c:\program files\Kiwee Toolbar2\1.5.131\kwtbaim.exe" [2008-04-03 56456]
    "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
    "P2Pcontrol"="c:\program files\P2Pcontrol\p2control.exe" [2009-01-26 159744]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-07-22 c:\windows\AGRSMMSG.exe]
    "ATIModeChange"="Ati2mdxx.exe" [2001-09-04 c:\windows\system32\Ati2mdxx.exe]
    "nwiz"="nwiz.exe" [2003-04-02 c:\windows\system32\nwiz.exe]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 c:\windows\KHALMNPR.Exe]
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 c:\windows\KHALMNPR.Exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\Angelini\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-04-02 113664]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-04-02 113664]
    Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-06-27 692224]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
    2001-12-20 23:34 24576 c:\progra~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=wbsys.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.dvsd"= c:\progra~1\FICHIE~1\SONYSH~1\dvlib\sonydv.dll
    "VIDC.X264"= x264vfw.dll
    "VIDC.3iv2"= 3ivxVfWCodec.dll
    "VIDC.MJPG"= pvmjpg21.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
    "c:\\Program Files\\Shareaza\\Shareaza.exe"=
    "c:\\Program Files\\Real\\RealOne Player\\realplay.exe"=
    "d:\\Mélanie\\Mélanie images\\Jeux\\playstation\\ePSXe 1_6_0 Fr\\ePSXe.exe"=
    "d:\\alberto.angelini\\Phone\\Skype.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "c:\\Program Files\\P2Pcontrol\\p2control.exe"=

    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-02-06 114768]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-02-06 20560]
    R2 NwSapAgent;Agent SAP;c:\windows\system32\svchost.exe -k netsvcs [2003-08-04 14336]
    R3 ovt530;Webcam Deluxe;c:\windows\system32\drivers\ov530vid.sys [2006-10-06 161792]
    S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-01-24 216232]
    S3 QCAbsee;QuickCam Web Logitech (0801);c:\windows\system32\drivers\OVCA.sys [2005-11-26 25088]
    S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2008-10-25 162304]

    --- Autres Services/Pilotes en mémoire ---

    *NewlyCreated* - ASWUPDSV
    *NewlyCreated* - AVAST!_MAIL_SCANNER
    *NewlyCreated* - AVAST!_WEB_SCANNER
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-WOOKIT - c:\progra~1\Wanadoo\GestMaj.exe
    HKCU-Run-Cld2000.exe - c:\program files\Calendrier\Cld2000.exe
    HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    HKCU-Run-WinButler - c:\documents and settings\Angelini\Application Data\WinButler\WinButler.exe
    HKCU-Run-SfKg6wIPu - c:\documents and settings\Angelini\Application Data\Microsoft\Windows\rayio.exe
    HKLM-Run-NI.UWFX5V_0001_N57M1212 - c:\documents and settings\Angelini\Local Settings\Temporary Internet Files\Content.IE5\0JKCMEO7\WinFixer2005ScannerInstallFRA[1].exe
    HKLM-Run-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
    HKLM-Run-AppInstaller - c:\program files\Sony\VAIO Application Recovery Utility\InstExec.exe
    SSODL-rdihost-{A812C25C-9D78-4480-8BE3-BFD22AB0A567} - rdihost.dll


    .
    ------- Examen supplémentaire -------
    .
    uInternet Settings,ProxyOverride = <local>
    IE: Liens de téléchargement avec Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
    IE: {{776883A9-1EA8-4d8f-88B7-AA652FEF01A7} - c:\casino\Carnival Casino\casino.exe
    IE: {{C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} -
    Trusted Zone: sony-europe.com
    Trusted Zone: sonystyle-europe.com
    Trusted Zone: vaio-link.com
    DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
    DPF: Interface Chat Wanadoo - hxxp://chat9.x-echo.com/version6/Applet/wchatsign.cab
    DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
    DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} - hxxp://www8.photoweb.fr/telechargement/Photoweb_uploader.cab
    DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_1_1_0.cab
    DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
    DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader4.cab?20081222083646
    FF - ProfilePath - c:\documents and settings\Angelini\Application Data\Mozilla\Firefox\Profiles\k196msv1.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q=
    FF - prefs.js: browser.startup.homepage - hxxp://www2.firesearch.com/
    FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?ei=utf-8&fr=megaup&p=
    FF - prefs.js: browser.search.selectedEngine - Ask
    FF - component: c:\documents and settings\Angelini\Application Data\Mozilla\Firefox\Profiles\k196msv1.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\FFAlert.dll
    FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-07 01:36:48
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-2467416731-2376577531-3148842207-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:7a,b1,63,56,a6,85,b5,21,3a,7e,fe,5c,fa,49,0d,78,c9,07,cc,15,9f,cb,59,
    dd,bf,a0,cd,45,57,80,76,00,47,ab,ae,e5,6d,77,81,40,45,fa,d0,7a,78,d2,2a,3a,\
    "??"=hex:2f,5b,3f,89,3a,28,47,61,20,6c,dd,bc,f8,70,72,58
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(860)
    c:\progra~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
    .
    Heure de fin: 2009-02-07 1:39:48
    ComboFix-quarantined-files.txt 2009-02-07 00:39:05

    Avant-CF: 6 553 264 128 octets libres
    Après-CF: 6,528,561,152 octets libres

    WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn

    329 --- E O F --- 2009-01-14 21:38:21
    m
    0
    l
    7 Février 2009 01:51:48

    Oups je me suis plantée (la fatigue) j'ai re-collé le combofix... voilà le nouveau :


    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
    BIOS : BIOS Date: 09/19/03 10:23:50 Ver: 08.00.08
    USER : Angelini ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090206-0] 4.8.1335 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:27 Go (Free:6 Go)
    D:\ (Local Disk) - NTFS - Total:83 Go (Free:21 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [1] ( 07/02/2009| 1:47 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\AskTBar
    C:\Program Files\AskTBar\bar
    C:\Program Files\AskTBar\bar\Cache
    C:\Program Files\AskTBar\bar\History
    C:\Program Files\AskTBar\bar\Settings
    C:\Program Files\AskTBar\bar\Cache\002836CC
    C:\Program Files\AskTBar\bar\Cache\0028467C
    C:\Program Files\AskTBar\bar\Cache\00284803.bin
    C:\Program Files\AskTBar\bar\Cache\0028492B.bin
    C:\Program Files\AskTBar\bar\Cache\00284A54.bin
    C:\Program Files\AskTBar\bar\History\search2
    C:\Program Files\AskTBar\bar\Settings\prevcfg2.htm
    C:\DOCUME~1\Angelini\APPLIC~1\Microsoft\Internet Explorer\Quick Launch\Burn4Free.lnk

    -----------\\ Extensions

    (Angelini) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} => freecorder
    (Angelini) - {991A772A-BA13-4c1d-A9EF-F897F31DEC7D} => megaupload


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page Restore"="http://www.estvideo.fr/"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Start Page"="http://fr.msn.com/"
    "Update_Check_Page"="http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5...."
    "Search bar"="http://search.msn.com/spbasic.htm"


    --------------------\\ Recherche d'autres infections

    --------------------\\ ROGUES ..

    C:\DOCUME~1\Angelini\APPLIC~1\WinButler

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Angelini\Application Data\Shareaza\Torrents\Bigfish.Games.-.Diner.Dash.-.Flo.On.The.Go.+.Crack.rar.torrent



    1 - "C:\ToolBar SD\TB_1.txt" - 07/02/2009| 1:48 - Option : [1]

    -----------\\ Fin du rapport a 1:48:49,23

    m
    0
    l
    a c 295 8 Sécurité
    7 Février 2009 01:59:06

    Citation :
    Mais comment tu sais toutes les manip qu'il y a à faire ?

    ---> Il faut s'y intéresser :) 


    1/

  • Relance ToolBar S&D, fais l'option 2 et poste le rapport.


    2/

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher.
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    m
    0
    l
    7 Février 2009 02:21:11

    Rapport Toolbar :


    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
    BIOS : BIOS Date: 09/19/03 10:23:50 Ver: 08.00.08
    USER : Angelini ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090206-0] 4.8.1335 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:27 Go (Free:6 Go)
    D:\ (Local Disk) - NTFS - Total:83 Go (Free:21 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [1] ( 07/02/2009| 1:47 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\AskTBar
    C:\Program Files\AskTBar\bar
    C:\Program Files\AskTBar\bar\Cache
    C:\Program Files\AskTBar\bar\History
    C:\Program Files\AskTBar\bar\Settings
    C:\Program Files\AskTBar\bar\Cache\002836CC
    C:\Program Files\AskTBar\bar\Cache\0028467C
    C:\Program Files\AskTBar\bar\Cache\00284803.bin
    C:\Program Files\AskTBar\bar\Cache\0028492B.bin
    C:\Program Files\AskTBar\bar\Cache\00284A54.bin
    C:\Program Files\AskTBar\bar\History\search2
    C:\Program Files\AskTBar\bar\Settings\prevcfg2.htm
    C:\DOCUME~1\Angelini\APPLIC~1\Microsoft\Internet Explorer\Quick Launch\Burn4Free.lnk

    -----------\\ Extensions

    (Angelini) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} => freecorder
    (Angelini) - {991A772A-BA13-4c1d-A9EF-F897F31DEC7D} => megaupload


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page Restore"="http://www.estvideo.fr/"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Start Page"="http://fr.msn.com/"
    "Update_Check_Page"="http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5...."
    "Search bar"="http://search.msn.com/spbasic.htm"


    --------------------\\ Recherche d'autres infections

    --------------------\\ ROGUES ..

    C:\DOCUME~1\Angelini\APPLIC~1\WinButler

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Angelini\Application Data\Shareaza\Torrents\Bigfish.Games.-.Diner.Dash.-.Flo.On.The.Go.+.Crack.rar.torrent



    1 - "C:\ToolBar SD\TB_1.txt" - 07/02/2009| 1:48 - Option : [1]

    -----------\\ Fin du rapport a 1:48:49,23





    Et rapport Malware :

    Malwarebytes' Anti-Malware 1.33
    Version de la base de données: 1736
    Windows 5.1.2600 Service Pack 3

    07/02/2009 02:18:25
    mbam-log-2009-02-07 (02-18-25).txt

    Type de recherche: Examen rapide
    Eléments examinés: 54208
    Temps écoulé: 6 minute(s), 12 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 5
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 4
    Fichier(s) infecté(s): 15

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\antiviruspro2009 (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\antiviruspro2009 (Rogue.Antivirus2008) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\Fichiers communs\Carlson (Dialer) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009 (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009\data (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009\Microsoft.VC80.CRT (Rogue.Antivirus2008) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\AntivirusPro2009\AntivirusPro2009.cfg (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009\AntivirusPro2009.exe (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009\AVEngn.dll (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009\htmlayout.dll (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009\pthreadVC2.dll (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009\Uninstall.exe (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009\wscui.cpl (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009\Microsoft.VC80.CRT\msvcm80.dll (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009\Microsoft.VC80.CRT\msvcp80.dll (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Program Files\AntivirusPro2009\Microsoft.VC80.CRT\msvcr80.dll (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Angelini\Application Data\Microsoft\Internet Explorer\Quick Launch\AntivirusPro2009.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Menu Démarrer\carlton (Dialer) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\qpbwpjdcnn.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Angelini\Bureau\Spyware Guard 2008.lnk (Rogue.SpywareGuard) -> Quarantined and deleted successfully.




    Dis-moi que je suis plus infectée pitiéééééé

    m
    0
    l
    a c 295 8 Sécurité
    7 Février 2009 02:26:58

    Je vais dormir, on finira demain.

    Pour ToolBar S&D, ce n'est pas le bon rapport.

    ;) 
    m
    0
    l
    7 Février 2009 02:33:33

    Rhoo purée je me suis encore trompée ?

    A demain... ou après-demain si je travaille tard :/ 

    Et merci... ! 3h et demi quand-même, quelles saletés ces infections !
    m
    0
    l
    7 Février 2009 02:40:46

    Voilà le bon rapport Toolbar (normalement) :


    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
    BIOS : BIOS Date: 09/19/03 10:23:50 Ver: 08.00.08
    USER : Angelini ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090206-0] 4.8.1335 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:27 Go (Free:6 Go)
    D:\ (Local Disk) - NTFS - Total:83 Go (Free:21 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [2] ( 07/02/2009| 2:34 )

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ Extensions

    (Angelini) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} => freecorder
    (Angelini) - {991A772A-BA13-4c1d-A9EF-F897F31DEC7D} => megaupload


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page Restore"="http://www.estvideo.fr/"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Start Page"="http://www.msn.com/"
    "Update_Check_Page"="http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5...."
    "Search bar"="http://search.msn.com/spbasic.htm"


    --------------------\\ Recherche d'autres infections

    --------------------\\ ROGUES ..

    C:\DOCUME~1\Angelini\APPLIC~1\WinButler

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Angelini\Application Data\Shareaza\Torrents\Bigfish.Games.-.Diner.Dash.-.Flo.On.The.Go.+.Crack.rar.torrent



    1 - "C:\ToolBar SD\TB_1.txt" - 07/02/2009| 1:48 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 07/02/2009| 2:09 - Option : [2]
    3 - "C:\ToolBar SD\TB_3.txt" - 07/02/2009| 2:36 - Option : [2]

    -----------\\ Fin du rapport a 2:36:30,79

    m
    0
    l
    a c 295 8 Sécurité
    7 Février 2009 03:21:06

  • Désinstalle Kiwee Toolbar et SpySpotter.
  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\DOCUME~1\Angelini\APPLIC~1\WinButler
    C:\Program Files\SpySpotter3
    C:\Program Files\Every Toolbar 1.1
    c:\program files\Kiwee Toolbar2
    C:\Program Files\Fichiers communs\yrav.vbs
    C:\WINDOWS\opeq.bat
    C:\WINDOWS\sugoha.bat
    C:\Documents and Settings\Angelini\Application Data\fytoh.com
    c:\program files\Fichiers communs\ahos.dat
    c:\windows\system32\vulufugym.pif
    c:\program files\Fichiers communs\ripy._sy
    c:\documents and settings\Angelini\Application Data\ofuteka.scr
    c:\documents and settings\All Users\Application Data\secezuh.dat
    c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\qpbwpjdcnn.dll

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    m
    0
    l
    7 Février 2009 17:58:52

    Rapport OTmoveit :

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== FILES ==========
    C:\DOCUME~1\Angelini\APPLIC~1\WinButler moved successfully.
    File/Folder C:\Program Files\SpySpotter3 not found.
    C:\Program Files\Every Toolbar 1.1 moved successfully.
    File/Folder c:\program files\Kiwee Toolbar2 not found.
    C:\Program Files\Fichiers communs\yrav.vbs moved successfully.
    C:\WINDOWS\opeq.bat moved successfully.
    C:\WINDOWS\sugoha.bat moved successfully.
    C:\Documents and Settings\Angelini\Application Data\fytoh.com moved successfully.
    c:\program files\Fichiers communs\ahos.dat moved successfully.
    c:\windows\system32\vulufugym.pif moved successfully.
    c:\program files\Fichiers communs\ripy._sy moved successfully.
    c:\documents and settings\Angelini\Application Data\ofuteka.scr moved successfully.
    c:\documents and settings\All Users\Application Data\secezuh.dat moved successfully.
    File/Folder c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\qpbwpjdcnn.dll not found.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\d841e804b831046c04a8e25aad1c6f514988a83ef3c70\Harry Potter And The Half-Blood Prince.DVDRip XViD\Harry Potter And The Half-Blood Prince.DVDRip XViD.avi scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\b54124530d689a68ebda008976db77b5498c6965d1aae\Push Sci-Fi DiVX 2009\Push Sci-Fi DiVX 2009.avi scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\a105791dd0bd96032ccc9bc8162199974989c2d1acc27\Taken DVDRip 2009\Taken DVDRip 2009.avi scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\8b97b684173199bf3ac2f86bf5bea0b74988a8484e4b6\Push DVDScr 2009\Push DVDScr 2009.avi scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFE85B.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFE86E.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFF18E.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFF1A2.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_4c0.dat scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_6f0.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02072009_131152

    Files moved on Reboot...
    C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\d841e804b831046c04a8e25aad1c6f514988a83ef3c70\Harry Potter And The Half-Blood Prince.DVDRip XViD\Harry Potter And The Half-Blood Prince.DVDRip XViD.avi moved successfully.
    C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\b54124530d689a68ebda008976db77b5498c6965d1aae\Push Sci-Fi DiVX 2009\Push Sci-Fi DiVX 2009.avi moved successfully.
    C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\a105791dd0bd96032ccc9bc8162199974989c2d1acc27\Taken DVDRip 2009\Taken DVDRip 2009.avi moved successfully.
    C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\8b97b684173199bf3ac2f86bf5bea0b74988a8484e4b6\Push DVDScr 2009\Push DVDScr 2009.avi moved successfully.
    File C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFE85B.tmp not found!
    File C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFE86E.tmp not found!
    File C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFF18E.tmp not found!
    File C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFF1A2.tmp not found!
    C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat moved successfully.
    C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat moved successfully.
    C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat moved successfully.
    File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
    File C:\WINDOWS\temp\Perflib_Perfdata_4c0.dat not found!
    File C:\WINDOWS\temp\Perflib_Perfdata_6f0.dat not found!




    C'est quoi ces trucs ? :

    "DVDScr 2009\Push DVDScr 2009.avi moved successfully."
    "Harry Potter And The Half-Blood Prince.DVDRip XViD\Harry Potter And The Half-Blood Prince.DVDRip XViD.avi moved successfully."
    "Taken DVDRip 2009\Taken DVDRip 2009.avi moved successfully."

    J'ai même pas ces films sur mon ordi :??: 

    m
    0
    l
    a c 295 8 Sécurité
    7 Février 2009 18:15:02

    Citation :
    J'ai même pas ces films sur mon ordi :??: 

    ---> Ils sont dans tes dossiers temporaires.


    1/

  • Menu Démarrer > Exécuter > Tape combofix /u et valide.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparait à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit\.
    m
    0
    l
    8 Février 2009 12:54:33

    ToolsCleaner : (pas sûre que ce soit le bon car il n'avait pas le nom "Tcleaner.txt")

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== FILES ==========
    C:\DOCUME~1\Angelini\APPLIC~1\WinButler moved successfully.
    File/Folder C:\Program Files\SpySpotter3 not found.
    C:\Program Files\Every Toolbar 1.1 moved successfully.
    File/Folder c:\program files\Kiwee Toolbar2 not found.
    C:\Program Files\Fichiers communs\yrav.vbs moved successfully.
    C:\WINDOWS\opeq.bat moved successfully.
    C:\WINDOWS\sugoha.bat moved successfully.
    C:\Documents and Settings\Angelini\Application Data\fytoh.com moved successfully.
    c:\program files\Fichiers communs\ahos.dat moved successfully.
    c:\windows\system32\vulufugym.pif moved successfully.
    c:\program files\Fichiers communs\ripy._sy moved successfully.
    c:\documents and settings\Angelini\Application Data\ofuteka.scr moved successfully.
    c:\documents and settings\All Users\Application Data\secezuh.dat moved successfully.
    File/Folder c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\qpbwpjdcnn.dll not found.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\d841e804b831046c04a8e25aad1c6f514988a83ef3c70\Harry Potter And The Half-Blood Prince.DVDRip XViD\Harry Potter And The Half-Blood Prince.DVDRip XViD.avi scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\b54124530d689a68ebda008976db77b5498c6965d1aae\Push Sci-Fi DiVX 2009\Push Sci-Fi DiVX 2009.avi scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\a105791dd0bd96032ccc9bc8162199974989c2d1acc27\Taken DVDRip 2009\Taken DVDRip 2009.avi scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\8b97b684173199bf3ac2f86bf5bea0b74988a8484e4b6\Push DVDScr 2009\Push DVDScr 2009.avi scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFE85B.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFE86E.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFF18E.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFF1A2.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_4c0.dat scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_6f0.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02072009_131152

    Files moved on Reboot...
    C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\d841e804b831046c04a8e25aad1c6f514988a83ef3c70\Harry Potter And The Half-Blood Prince.DVDRip XViD\Harry Potter And The Half-Blood Prince.DVDRip XViD.avi moved successfully.
    C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\b54124530d689a68ebda008976db77b5498c6965d1aae\Push Sci-Fi DiVX 2009\Push Sci-Fi DiVX 2009.avi moved successfully.
    C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\a105791dd0bd96032ccc9bc8162199974989c2d1acc27\Taken DVDRip 2009\Taken DVDRip 2009.avi moved successfully.
    C:\DOCUME~1\Angelini\LOCALS~1\Temp\{7CCE09D6-03C8-41c5-9D33-7D7A92DD7A1F}\8b97b684173199bf3ac2f86bf5bea0b74988a8484e4b6\Push DVDScr 2009\Push DVDScr 2009.avi moved successfully.
    File C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFE85B.tmp not found!
    File C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFE86E.tmp not found!
    File C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFF18E.tmp not found!
    File C:\DOCUME~1\Angelini\LOCALS~1\Temp\~DFF1A2.tmp not found!
    C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat moved successfully.
    C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat moved successfully.
    C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat moved successfully.
    File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
    File C:\WINDOWS\temp\Perflib_Perfdata_4c0.dat not found!
    File C:\WINDOWS\temp\Perflib_Perfdata_6f0.dat not found!


    RSIT ("log") :

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Angelini at 2009-02-08 12:45:29
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 8 GB (28%) free of 29 GB
    Total RAM: 511 MB (42% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:53:22, on 08/02/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
    C:\Program Files\P2Pcontrol\p2control.exe
    C:\Program Files\sony\giga pocket\shwserv.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\sony\giga pocket\RM_SV.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Documents and Settings\Angelini\Bureau\RSIT.exe
    C:\Program Files\trend micro\Angelini.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.estvideo.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll (file missing)
    R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
    O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
    O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [P2Pcontrol] C:\Program Files\P2Pcontrol\p2control.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
    O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SC4.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O9 - Extra button: Carnival Casino - {776883A9-1EA8-4d8f-88B7-AA652FEF01A7} - C:\Casino\Carnival Casino\casino.exe (file missing)
    O9 - Extra 'Tools' menuitem: Carnival Casino - {776883A9-1EA8-4d8f-88B7-AA652FEF01A7} - C:\Casino\Carnival Casino\casino.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.estvideo.com/
    O15 - Trusted Zone: *.sony-europe.com
    O15 - Trusted Zone: *.sonystyle-europe.com
    O15 - Trusted Zone: *.vaio-link.com
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www8.photoweb.fr/telechargement/Photoweb_uploade...
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld...
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.ca...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://gelatigelati68.spaces.live.com/PhotoUpload/MsnPU...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPl...
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://assets.photobox.com/assets/aurigma/ImageUploader...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
    O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.fotodiscount.com/aurigma/ImageUploader4.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\sony\giga pocket\shwserv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\sony\giga pocket\halsv.exe
    O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\sony\giga pocket\RM_SV.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

    --
    End of file - 13429 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
    Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2008-12-13 1784856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-29 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2009-02-07 2436160]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-29 657904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-29 522224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-29 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-29 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-21 399424]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624]
    {D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-04-01 352256]
    {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]
    {1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2008-12-13 1784856]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2009-02-07 2436160]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "ezShieldProtector for Px"=C:\WINDOWS\System32\ezSP_Px.exe [2002-08-20 40960]
    "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-07-22 88361]
    "ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-07-06 335872]
    "NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-04-02 4616192]
    "nwiz"=nwiz.exe /installquiet []
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-29 136600]
    "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]
    "OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe [2005-11-29 40960]
    "SsAAD.exe"=C:\PROGRA~1\sony\SONICS~1\SsAAD.exe [2006-01-07 81920]
    "Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]
    "Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]
    "P2Pcontrol"=C:\Program Files\P2Pcontrol\p2control.exe [2009-01-26 159744]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2008-12-29 190024]
    "OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe [2005-11-29 57344]
    "EPSON Stylus DX8400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [2007-04-12 182272]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-29 39408]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

    C:\Documents and Settings\Angelini\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="wbsys.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
    C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll [2001-12-20 24576]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
    "C:\Program Files\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza"
    "C:\Program Files\Real\RealOne Player\realplay.exe"="C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player"
    "D:\Mélanie\Mélanie images\Jeux\playstation\ePSXe 1_6_0 Fr\ePSXe.exe"="D:\Mélanie\Mélanie images\Jeux\playstation\ePSXe 1_6_0 Fr\ePSXe.exe:*:Enabled:ePSXe"
    "D:\alberto.angelini\Phone\Skype.exe"="D:\alberto.angelini\Phone\Skype.exe:*:Enabled:Skype"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\P2Pcontrol\p2control.exe"="C:\Program Files\P2Pcontrol\p2control.exe:*:Enabled:p 2Control"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    ======File associations======

    .reg - edit -
    .reg - open - c:\Winnt\Regedit.exe %1

    ======List of files/folders created in the last 3 months======

    2009-02-08 12:45:29 ----D---- C:\rsit
    2009-02-07 19:06:22 ----A---- C:\TCleaner.txt
    2009-02-07 02:22:08 ----SHD---- C:\RECYCLER
    2009-02-07 02:10:50 ----D---- C:\Documents and Settings\Angelini\Application Data\Malwarebytes
    2009-02-07 02:10:44 ----DC---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-02-07 02:10:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-02-07 01:32:09 ----A---- C:\Boot.bak
    2009-02-07 01:31:56 ----RASHD---- C:\cmdcons
    2009-02-07 01:23:57 ----D---- C:\WINDOWS\ERDNT
    2009-02-07 00:45:52 ----D---- C:\Program Files\Ad-remover
    2009-02-06 22:31:10 ----D---- C:\Program Files\BHODemon 2
    2009-02-06 22:10:20 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2009-02-06 21:00:44 ----DC---- C:\Documents and Settings\All Users\Application Data\ma-config.com
    2009-02-06 21:00:44 ----D---- C:\Program Files\ma-config.com
    2009-02-03 16:56:02 ----D---- C:\Program Files\Intel Desktop Board
    2009-02-02 10:33:04 ----D---- C:\Program Files\P2Pcontrol
    2009-01-28 09:54:20 ----D---- C:\Program Files\Mystery Case Files - Return to Ravenhearst
    2009-01-20 19:34:42 ----D---- C:\Program Files\Windows Live Safety Center
    2009-01-14 22:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-01-14 22:36:52 ----A---- C:\WINDOWS\system32\MRT.INI
    2008-12-31 16:07:40 ----D---- C:\Program Files\avijoin
    2008-12-30 20:52:49 ----D---- C:\Program Files\Freeze.com
    2008-12-30 20:52:49 ----A---- C:\WINDOWS\vorbisfile.dll
    2008-12-30 20:52:49 ----A---- C:\WINDOWS\vorbis.dll
    2008-12-30 20:52:49 ----A---- C:\WINDOWS\ogg.dll
    2008-12-29 18:47:57 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-12-29 18:47:57 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-12-29 18:47:57 ----A---- C:\WINDOWS\system32\java.exe
    2008-12-29 18:47:57 ----A---- C:\WINDOWS\system32\deploytk.dll
    2008-12-28 16:42:42 ----D---- C:\Program Files\Windows Live
    2008-12-24 11:21:09 ----D---- C:\Program Files\MSN Apps
    2008-12-24 11:20:05 ----D---- C:\Program Files\Avira
    2008-12-24 11:20:04 ----D---- C:\Documents and Settings\All Users\Application Data\Avira(2)
    2008-12-24 11:20:04 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2008-12-17 18:34:42 ----D---- C:\Program Files\Microsoft
    2008-12-17 18:22:47 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2008-12-11 21:46:26 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
    2008-12-11 21:42:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2008-12-11 21:42:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2008-12-11 21:42:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2008-12-02 22:37:20 ----A---- C:\WINDOWS\system32\sirenacm.dll
    2008-11-17 17:29:18 ----D---- C:\Program Files\Conduit
    2008-11-17 17:29:17 ----D---- C:\Program Files\Freecorder
    2008-11-17 17:20:47 ----D---- C:\WINDOWS\Freecorder Toolbar
    2008-11-17 17:20:46 ----D---- C:\Program Files\Freecorder Toolbar
    2008-11-17 17:20:42 ----A---- C:\WINDOWS\Freecorder Toolbar Setup Log.txt
    2008-11-12 17:40:08 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2008-11-12 17:39:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
    2008-11-12 17:38:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2008-11-10 18:11:30 ----A---- C:\WINDOWS\system32\tmp.txt
    2008-11-10 18:11:23 ----A---- C:\rapport.txt
    2008-11-10 17:58:10 ----A---- C:\WINDOWS\ntbtlog.txt
    2008-11-10 13:55:39 ----A---- C:\WINDOWS\Sysvxd.exe
    2008-11-10 12:12:43 ----DC---- C:\Documents and Settings\All Users\Application Data\Grisoft

    ======List of files/folders modified in the last 3 months======

    2009-02-08 12:53:22 ----D---- C:\Program Files\Trend Micro
    2009-02-08 12:45:33 ----D---- C:\WINDOWS\Prefetch
    2009-02-08 12:08:55 ----D---- C:\Program Files\Mozilla Thunderbird
    2009-02-08 12:01:51 ----D---- C:\WINDOWS\Temp
    2009-02-08 12:01:30 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-02-08 00:00:46 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-02-07 22:55:49 ----SHD---- C:\WINDOWS\Installer
    2009-02-07 22:55:49 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-02-07 22:55:48 ----DC---- C:\Config.Msi
    2009-02-07 19:02:04 ----RD---- C:\Program Files
    2009-02-07 19:02:01 ----D---- C:\WINDOWS
    2009-02-07 18:56:06 ----SHD---- C:\System Volume Information
    2009-02-07 18:56:06 ----D---- C:\WINDOWS\system32\Restore
    2009-02-07 18:55:39 ----D---- C:\WINDOWS\system32
    2009-02-07 13:11:53 ----D---- C:\Program Files\Fichiers communs
    2009-02-07 12:36:43 ----D---- C:\Program Files\Google
    2009-02-07 12:36:41 ----DC---- C:\Documents and Settings\All Users\Application Data\Google
    2009-02-07 02:10:47 ----D---- C:\WINDOWS\system32\drivers
    2009-02-07 01:36:50 ----A---- C:\WINDOWS\system.ini
    2009-02-07 01:36:00 ----D---- C:\WINDOWS\AppPatch
    2009-02-07 01:35:06 ----SD---- C:\WINDOWS\system32\Microsoft
    2009-02-07 01:32:09 ----RASH---- C:\boot.ini
    2009-02-07 00:27:56 ----SD---- C:\WINDOWS\Tasks
    2009-02-07 00:03:55 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-02-06 20:59:58 ----HD---- C:\WINDOWS\inf
    2009-02-06 20:47:46 ----D---- C:\Documents and Settings\Angelini\Application Data\EPSON
    2009-02-06 20:31:24 ----D---- C:\Documents and Settings\Angelini\Application Data\OpenOffice.org2
    2009-02-03 11:26:30 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-02-02 11:19:33 ----D---- C:\games
    2009-02-02 10:33:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-01-31 12:24:40 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-01-29 17:09:00 ----D---- C:\Documents and Settings\Angelini\Application Data\DivX
    2009-01-28 10:35:30 ----DC---- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
    2009-01-28 09:49:24 ----D---- C:\Program Files\bfgclient
    2009-01-24 09:59:35 ----D---- C:\Documents and Settings\Angelini\Application Data\AdobeUM
    2009-01-15 19:24:45 ----SD---- C:\Documents and Settings\Angelini\Application Data\Microsoft
    2009-01-14 22:37:30 ----HD---- C:\WINDOWS\$hf_mig$
    2009-01-14 22:37:29 ----D---- C:\WINDOWS\system32\CatRoot
    2009-01-14 14:14:43 ----D---- C:\Program Files\DivX
    2009-01-11 13:03:28 ----D---- C:\WINDOWS\Debug
    2009-01-10 02:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-01-09 15:47:19 ----A---- C:\WINDOWS\imsins.BAK
    2009-01-09 10:33:36 ----D---- C:\Program Files\epson
    2009-01-04 19:24:41 ----A---- C:\WINDOWS\win.ini
    2009-01-02 09:22:15 ----D---- C:\WINDOWS\pss
    2008-12-30 15:56:51 ----D---- C:\Program Files\Messenger Plus! Live
    2008-12-29 18:36:04 ----D---- C:\WINDOWS\system32\config
    2008-12-29 18:35:39 ----D---- C:\WINDOWS\system32\wbem
    2008-12-29 18:35:39 ----D---- C:\WINDOWS\Registration
    2008-12-29 18:24:15 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2008-12-29 16:47:08 ----D---- C:\WINDOWS\Lhsp
    2008-12-29 15:17:12 ----D---- C:\Program Files\Java
    2008-12-29 09:50:58 ----D---- C:\Program Files\MessengerPlus! 3
    2008-12-28 16:48:21 ----D---- C:\Program Files\MSECache
    2008-12-28 16:45:21 ----D---- C:\WINDOWS\WinSxS
    2008-12-28 16:42:26 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-12-27 19:25:22 ----D---- C:\Documents and Settings\Angelini\Application Data\Google
    2008-12-26 14:18:06 ----D---- C:\WINDOWS\network diagnostic
    2008-12-24 13:42:11 ----AC---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt
    2008-12-24 11:21:19 ----D---- C:\WINDOWS\system32\DirectX
    2008-12-24 11:21:12 ----D---- C:\Program Files\Messenger
    2008-12-22 21:26:13 ----D---- C:\Program Files\Windows Media Connect 2
    2008-12-22 21:26:11 ----D---- C:\Program Files\PC Inspector File Recovery
    2008-12-18 22:56:18 ----D---- C:\WINDOWS\ie7updates
    2008-12-18 18:49:31 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2008-12-17 18:36:49 ----RSD---- C:\WINDOWS\assembly
    2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll
    2008-12-11 21:46:06 ----D---- C:\Program Files\Internet Explorer
    2008-12-11 21:41:20 ----DC---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-12-10 18:38:12 ----D---- C:\Casino
    2008-11-23 10:31:14 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-23 09:58:38 ----D---- C:\WINDOWS\system32\Macromed
    2008-11-20 12:37:25 ----D---- C:\WINDOWS\Help
    2008-11-19 19:50:55 ----RSD---- C:\WINDOWS\Fonts
    2008-11-12 16:51:09 ----D---- C:\WINDOWS\ShellNew
    2008-11-12 16:51:08 ----RD---- C:\WINDOWS\Web

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
    R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
    R1 DMICall;Sony DMI Call service; C:\WINDOWS\System32\DRIVERS\DMICall.sys [2000-12-05 3952]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
    R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-30 12032]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-10-12 21419]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
    R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
    R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2002-08-30 63232]
    R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2002-08-30 55936]
    R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
    R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
    R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2004-07-22 1268234]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-04-11 20496]
    R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-04-11 63248]
    R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
    R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
    R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-04-11 79376]
    R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-04-02 1265130]
    R3 ovt530;Webcam Deluxe; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
    R3 smrt;Sony MPEG RealTime encoder board; C:\WINDOWS\System32\DRIVERS\smrt.sys [2003-07-15 761472]
    R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-17 578752]
    R3 USB_RNDIS;USB Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    S1 lusbaudio;Microphone USB Logitech; C:\WINDOWS\system32\drivers\OVSound2.sys [2001-08-17 25216]
    S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
    S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
    S3 araw3776;araw3776; C:\WINDOWS\system32\drivers\araw3776.sys []
    S3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-07-06 587264]
    S3 BCM43XX;Wireless-G PCI Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2003-07-17 265728]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2003-03-04 145408]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 QCAbsee;QuickCam Web Logitech (0801); C:\WINDOWS\system32\DRIVERS\OVCA.sys [2001-08-17 25088]
    S3 RT2500USB;DWL-G122(rev.B) USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys []
    S3 RT73;Hercules Wireless USB Dongle Driver ; C:\WINDOWS\system32\DRIVERS\rt73.sys []
    S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-10-01 162304]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-05-23 80272]
    S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-05-23 10864]
    S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-05-23 137884]
    S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    R2 Giga Pocket Hardware Detector;Giga Pocket Hardware Detector; C:\Program Files\sony\giga pocket\shwserv.exe [2003-07-07 77824]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-29 152984]
    R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-04-02 69632]
    R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    R3 Sony TV Tuner Manager;Sony TV Tuner Manager; C:\Program Files\sony\giga pocket\RM_SV.exe [2003-07-07 90112]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-04-24 72704]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-29 137200]
    S3 InstallShield Licensing Service;InstallShield Licensing Service; C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe [2007-02-02 69632]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-01-24 216232]
    S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe [2005-11-24 53337]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe [2005-11-24 53337]
    S3 Sony TV Tuner Controller;Sony TV Tuner Controller; C:\Program Files\sony\giga pocket\halsv.exe [2003-07-07 118784]
    S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2005-11-24 69718]
    S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe [2006-01-06 69632]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

    -----------------EOF-----------------






    RSIT ("info") :

    info.txt logfile of random's system information tool 1.05 2009-02-08 12:53:28

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->Dummy
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x40c UNINSTALL
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93B80FB1-7A23-11D3-B250-00105A1F4184}\setup.exe"
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0019-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
    ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
    AbiWord 2.4.6 (remove only)-->C:\Program Files\AbiSuite2\UninstallAbiWord2.exe
    AbsoluCasino-->D:\\Uninst.exe /uGfedEurofr18F
    Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
    Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
    Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
    Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
    Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-2E257A25E34D}
    Adobe Premiere 6 LE-->C:\Program Files\Adobe\Premiere 6 LE\UNINST.EXE -f"C:\Program Files\Adobe\Premiere 6 LE\DeIsL1.isu" -c"C:\Program Files\Adobe\Premiere 6 LE\Uninst.dll"
    Adobe Reader 7.0.9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
    Agere Systems AC'97 Modem-->agrsmdel
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
    ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    AVI Joiner-->"C:\Program Files\avijoin\unins000.exe"
    AxCrypt (Désinstaller uniquement)-->"C:\Program Files\Axon Data\AxCrypt\AxCryptU.exe"
    Barre d'outils MSN-->C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\mtbs.exe c
    BaZik-->C:\WINDOWS\unin040c.exe -fC:\Delemme\BaZik\DeIsL1.isu -cC:\Delemme\BaZik\_ISREG32.DLL
    Bazooka Scanner-->"C:\Program Files\Bazooka Scanner\Uninstall.exe" "C:\Program Files\Bazooka Scanner\install.log"
    Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
    Bink and Smacker-->C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG
    Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}\SETUP.EXE" -l0x40c UNINST
    Canon MP Toolbox 4.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4669544E-20E4-4E56-8B44-2E6E1200051F}\Setup.exe" -l0x40c -Uninstall
    CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    CyberGestion-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C964A549-C74A-11D3-B88A-00A0C9379093}\setup.exe"
    Dance eJay 7 Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D74C204-0451-463E-8B8E-F2E11504A675}\setup.exe" -l0x40c -removeonly
    DeepBurner v1.8.0.224-->"C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log"
    Digimax Viewer 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A20EF228-8545-45D8-8E2E-6D067948727E}\Setup.exe"
    Diner Dash Flo on the Go-->"C:\Program Files\Diner Dash Flo on the Go\Uninstall.exe"
    Diner Dash fr-->"C:\Program Files\BoontyGames\Diner Dash\unins000.exe"
    Diner Dash Hometown Hero-->"C:\Program Files\Diner Dash Hometown Hero\ReflexiveArcade\unins000.exe"
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Easy-TV-->"C:\Program Files\Easy-TV\uninstall.exe"
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Enregistrement en ligne VAIO (Français)-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{668B1BD6-4593-4959-970E-249AFFE6F35C} /l1036
    EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
    EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}\SETUP.EXE" -l0x40c UNINST
    EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x40c UNINST
    EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
    EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel-->C:\Program Files\EPSON\TPMANUAL\ES_CX_DX\FRA\USE_G\DOCUNINS.EXE
    EZface ActiveX 208-->C:\PROGRA~1\EZFace\ActiveX\uninst.bat 208 C:\PROGRA~1\EZFace\ActiveX
    Finale NotePad 2008-->C:\Program Files\Finale NotePad 2008\uninstallNP.exe
    FL Studio 7-->C:\Program Files\Image-Line\FL Studio 7\uninstall.exe
    Freecorder Toolbar 3.02 Application-->"C:\WINDOWS\Freecorder Toolbar\uninstall.exe" "/U:C:\Program Files\Freecorder Toolbar\Uninstall\uninstall.xml"
    Freecorder Toolbar-->C:\PROGRA~1\FREECO~2\UNWISE.EXE C:\PROGRA~1\FREECO~2\INSTALL.LOG
    Giga Pocket 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B37D327-29D4-450C-A60A-946DB54E9DA9}\Setup.exe" -l0x40c
    Giga Pocket Demo Movie-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5F2CE2DD-5119-4860-9E46-6A0129A34FF1}\Setup.exe"
    Giga Pocket Hardware Library 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13031987-D1A5-4BED-99CF-327B6E8DBEBC}\setup.exe"
    Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    GTK+ 2.10.6-1 runtime environment-->"D:\gtk\setup\unins000.exe"
    Guide Routier France et Europe-->C:\PROGRA~1\ANUMAN~1\GUIDER~1\UNWISE.EXE C:\PROGRA~1\ANUMAN~1\GUIDER~1\INSTALL.LOG
    HDGraph-->MsiExec.exe /I{2AF12739-9725-4817-902A-1DF0FC270C1B}
    Hercules WebCam Station-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D208F4A7-6B73-4C2A-8B1E-8756FCBA831E}\Setup.exe" -l0x40c
    Hercules Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}\Setup.exe" -l0x40c
    HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Icy Tower v1.3.1-->"c:\games\icytower1.3\unins000.exe"
    IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
    ImageMixer VCD/DVD2 for OLYMPUS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}\Setup.exe" -l0x40c UNINSTALL
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe
    ISOpen V4.3-->"D:\ISOpen\unins000.exe"
    J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
    J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
    J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
    J2SE Runtime Environment 5.0 Update 8-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
    Kate's Video Converter 2.8.4-->"C:\Program Files\Kate's Video Converter\unins000.exe"
    KC Softwares IDPhotoStudio-->"C:\Program Files\KC Softwares\IDPhotoStudio\unins000.exe"
    KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
    Kiwee Toolbar-->MsiExec.exe /X{12403F20-DE27-4067-B083-A42E8A6432BA}
    K-Lite Codec Pack 2.72 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LG Electronics MF-FE500 MP3 Player-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{157D035D-1FA0-4F66-AA38-A79549B79CA9}\Setup.exe" -l0x9
    Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly
    Ma-Config.com-->MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1}
    Magellan POI File Editor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{104A059B-CD20-4632-A8F6-D8C80E14782D}\Setup.exe" -l0x40c
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    mediaSync-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9BB4325A-8E5A-42F1-8978-129172F4D615}\Setup.exe" -l0x9
    Mega Bloc Notes 5.2.0-->C:\Program Files\Mega Bloc Notes\desinstall.exe
    Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
    Megaupload Toolbar-->C:\Program Files\MegauploadToolbar\uninstall.exe
    Memory Stick Formatter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27337663-2619-11D4-99DC-0000F49094C7}\Setup.exe" -l0x40c /UNINSTALL
    Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    MessengerDiscovery Live 1.3.0310-->"C:\Program Files\MessengerDiscovery\unins000.exe"
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
    Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher 2007 Trial-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PUBLISHERR /dll OSETUP.DLL
    Microsoft Office Publisher 2007-->MsiExec.exe /X{91120000-0019-0000-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    MilkShape 3D 1.7.9-->"D:\MilkShape 3D 1.7.9\uninstall.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Trainin
    m
    0
    l
    a c 295 8 Sécurité
    8 Février 2009 16:21:40

    Le premier rapport est celui d'OTMoveIt3 et non de ToolsCleaner.

    Citation :
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
    O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

    ---> Je pense pas que tu aies besoin de 6 toolbars, fais le tri.

    Le logiciel P2P Control sert à quoi ?


  • Relance MBAM, va dans Quarantaine et supprime tout.

    ---> Télécharge JavaRa.zip (de Paul 'Prm753' McLain et Fred de Vries) sur ton Bureau.
    (Sur le site, il faut cliquer sur Download Windows Binary (.zip file))
  • Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
  • Double-clique sur le répertoire JavaRa.
  • Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
  • Choisis Français puis clique sur Select.
  • Clique sur Effacer les anciennes versions.
  • Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
  • Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
  • Ferme l'application.

    Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
    m
    0
    l
    8 Février 2009 18:22:17

    - Je ne sais pas à quoi sert le logiciel "P2P Control", je ne me souviens pas l'avoir téléchargé, pourquoi cette question ?
    - Est-ce qu'il reste encore beaucoup de manipulations à faire ?

    Rapport JavaRa :

    JavaRa 1.13 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Sun Feb 08 18:18:24 2009

    Found and removed: C:\Program Files\Java\jre1.5.0_04

    Found and removed: C:\Program Files\Java\jre1.5.0_06

    Found and removed: C:\Program Files\Java\jre1.5.0_08

    Found and removed: C:\Program Files\Java\jre1.5.0_11

    Found and removed: C:\Program Files\Java\jre1.6.0_01

    Found and removed: C:\Program Files\Java\jre1.6.0_02

    Found and removed: C:\Program Files\Java\jre1.6.0_03

    Found and removed: C:\Program Files\Java\jre1.6.0_05

    Found and removed: C:\Program Files\Java\jre1.6.0_07

    Found and removed: Software\JavaSoft\Java2D\1.5.0_04

    Found and removed: Software\JavaSoft\Java2D\1.5.0_06

    Found and removed: Software\JavaSoft\Java2D\1.5.0_08

    Found and removed: Software\JavaSoft\Java2D\1.5.0_11

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510004

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510008

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511001

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510004

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510008

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511001

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510004

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510008

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511001

    Found and removed: SOFTWARE\Classes\JavaPlugin.150_04

    Found and removed: SOFTWARE\Classes\JavaPlugin.150_06

    Found and removed: SOFTWARE\Classes\JavaPlugin.150_08

    Found and removed: SOFTWARE\Classes\JavaPlugin.150_11

    Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_04

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_08

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_11

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_04

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_08

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_11

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510004

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510008

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510004

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510008

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150040}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150080}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_01

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_02

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_03

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_05

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_04

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_08

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_11

    Found and removed: Software\Classes\JavaPlugin.160_01

    Found and removed: Software\Classes\JavaPlugin.160_02

    Found and removed: Software\Classes\JavaPlugin.160_03

    Found and removed: Software\Classes\JavaPlugin.160_05

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05

    Found and removed: Software\JavaSoft\Java2D\1.6.0_01

    Found and removed: Software\JavaSoft\Java2D\1.6.0_02

    Found and removed: Software\JavaSoft\Java2D\1.6.0_03

    Found and removed: Software\JavaSoft\Java2D\1.6.0_05

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_04\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_08\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_11\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\

    JavaRa 1.13 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Sun Feb 08 18:19:33 2009

    ------------------------------------

    Finished reporting.



    m
    0
    l
    a c 295 8 Sécurité
    8 Février 2009 18:39:42

    Citation :
    - Je ne sais pas à quoi sert le logiciel "P2P Control", je ne me souviens pas l'avoir téléchargé, pourquoi cette question ?

    ---> Il est installé, c'est pour ça. Si ça ne sert à rien, désinstalle-le.

  • Supprime JavaRa et désinstalle Avast.

  • Installe Antivir et mets-le à jour.
  • Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.
  • Dans Antivir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.
  • Fais un scan complet et poste le rapport.
    m
    0
    l
    9 Février 2009 13:19:04

    Salut,

    Enfait on vient tout juste de parvenir à désinstaller "Avira Antivir" et de réinstaller Avast donc je vais peut-être pas refaire la manipulation inverse...
    Dois-je faire un scan en utilisant Avast ?
    m
    0
    l
    a c 295 8 Sécurité
    9 Février 2009 14:59:09

    Personnellement, je trouve qu'Antivir est mieux.

    Fais un scan complet avec l'antivirus de ton choix.
    m
    0
    l
    10 Février 2009 19:42:44

    J'ai fait un scan avec Avast et il ne m'a pas trouvé de fichier infecté (et il ne m'a pas ouvert de rapport). Par contre j'ai toujours "Winzix" dans la quarantaine, dois-je le supprimer ?
    m
    0
    l
    a c 295 8 Sécurité
    10 Février 2009 19:52:31

    Citation :
    Par contre j'ai toujours "Winzix" dans la quarantaine, dois-je le supprimer ?

    ---> Oui.

    Tu peux me poster un rapport HijackThis ?
    m
    0
    l
    11 Février 2009 13:40:22

    J'ai supprimé Winzix.
    Rapport HiJackThis :

    Logfile of HijackThis v1.99.1
    Scan saved at 13:38:29, on 11/02/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\sony\giga pocket\shwserv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\sony\giga pocket\RM_SV.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\Angelini\Bureau\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.estvideo.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll (file missing)
    O2 - BHO: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
    O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SC4.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O9 - Extra button: Carnival Casino - {776883A9-1EA8-4d8f-88B7-AA652FEF01A7} - C:\Casino\Carnival Casino\casino.exe (file missing)
    O9 - Extra 'Tools' menuitem: Carnival Casino - {776883A9-1EA8-4d8f-88B7-AA652FEF01A7} - C:\Casino\Carnival Casino\casino.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.estvideo.com/
    O15 - Trusted Zone: *.sony-europe.com
    O15 - Trusted Zone: *.sonystyle-europe.com
    O15 - Trusted Zone: *.vaio-link.com
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www8.photoweb.fr/telechargement/Photoweb_uploade...
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld...
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.ca...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://gelatigelati68.spaces.live.com/PhotoUpload/MsnPU...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPl...
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://assets.photobox.com/assets/aurigma/ImageUploader...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
    O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.fotodiscount.com/aurigma/ImageUploader4.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (file missing)
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\sony\giga pocket\shwserv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\sony\giga pocket\halsv.exe
    O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\sony\giga pocket\RM_SV.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe



    Alors c'est bon je suis guérie ? :) 
    m
    0
    l
    a c 295 8 Sécurité
    11 Février 2009 14:55:24

    Ta version d'HijackThis n'est pas à jour.

  • Télécharge HijackThis v2.0.2 sur ton Bureau.
  • Double-clique sur HJTInstall afin de lancer l'installation.
  • Clique sur Install ensuite sur I Accept.
  • Clique sur Do a system scan and save a logfile.
  • Le Bloc-notes s'ouvrira, fais un copier/coller de tout son contenu ici dans ton prochain message.
    m
    0
    l
    11 Février 2009 22:53:22

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:51:51, on 11/02/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\sony\giga pocket\shwserv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\sony\giga pocket\RM_SV.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.estvideo.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll (file missing)
    O2 - BHO: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
    O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SC4.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O9 - Extra button: Carnival Casino - {776883A9-1EA8-4d8f-88B7-AA652FEF01A7} - C:\Casino\Carnival Casino\casino.exe (file missing)
    O9 - Extra 'Tools' menuitem: Carnival Casino - {776883A9-1EA8-4d8f-88B7-AA652FEF01A7} - C:\Casino\Carnival Casino\casino.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.estvideo.com/
    O15 - Trusted Zone: *.sony-europe.com
    O15 - Trusted Zone: *.sonystyle-europe.com
    O15 - Trusted Zone: *.vaio-link.com
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www8.photoweb.fr/telechargement/Photoweb_uploade...
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld...
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.ca...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://gelatigelati68.spaces.live.com/PhotoUpload/MsnPU...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPl...
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://assets.photobox.com/assets/aurigma/ImageUploader...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
    O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.fotodiscount.com/aurigma/ImageUploader4.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\sony\giga pocket\shwserv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\sony\giga pocket\halsv.exe
    O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\sony\giga pocket\RM_SV.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

    --
    End of file - 12429 bytes
    m
    0
    l
    a c 295 8 Sécurité
    14 Février 2009 00:17:08

    Désolé pour l'attente.

  • Lance HijackThis.
  • Choisis Do a system scan only.
  • Coche les cases qui sont devant les lignes suivantes :

    R3 - URLSearchHook: (no name) - - (no file)

    R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll (file missing)

    O2 - BHO: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O9 - Extra button: Carnival Casino - {776883A9-1EA8-4d8f-88B7-AA652FEF01A7} - C:\Casino\Carnival Casino\casino.exe (file missing)

    O9 - Extra 'Tools' menuitem: Carnival Casino - {776883A9-1EA8-4d8f-88B7-AA652FEF01A7} - C:\Casino\Carnival Casino\casino.exe (file missing)

  • Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
  • Ferme HijackThis.
  • Poste un nouveau rapport HijackThis avec l'option Do a system scan and save a logfile.
    m
    0
    l
    14 Février 2009 13:13:09

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:11:33, on 14/02/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\sony\giga pocket\shwserv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\sony\giga pocket\RM_SV.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.estvideo.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
    O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SC4.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.estvideo.com/
    O15 - Trusted Zone: *.sony-europe.com
    O15 - Trusted Zone: *.sonystyle-europe.com
    O15 - Trusted Zone: *.vaio-link.com
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www8.photoweb.fr/telechargement/Photoweb_uploade...
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld...
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.ca...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://gelatigelati68.spaces.live.com/PhotoUpload/MsnPU...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPl...
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://assets.photobox.com/assets/aurigma/ImageUploader...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
    O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.fotodiscount.com/aurigma/ImageUploader4.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\sony\giga pocket\shwserv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\sony\giga pocket\halsv.exe
    O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\sony\giga pocket\RM_SV.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

    --
    End of file - 11710 bytes
    m
    0
    l
    a c 295 8 Sécurité
    14 Février 2009 14:01:41

  • Mets à jour Adobe Reader.

    Ton PC va comment ?
    m
    0
    l
    15 Février 2009 01:17:44

    Je mettrai à jour demain, mais le PC (pas celui sur lequel je suis maintenant) va beaucoup mieux, merci :D 
    m
    0
    l
    a c 295 8 Sécurité
    15 Février 2009 02:05:51

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar).
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
  • Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.

  • Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).

    Tu peux aussi modifier le fichier Hosts pour améliorer la sécurité de ton PC : Lien

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    Si tu estimes que ton problème est résolu :

    ---> Ajoute maintenant [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Rajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant sur Internet ;) 
    m
    0
    l
    15 Février 2009 23:27:21

    Ok, merci pour tout ! ^^
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS