Besoin d'aide pour désinfection

Sparfell · le 8 avril 2010

Voilàààààààà, c'est terminé :

Lop S&D

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : AMD Athlon XP 3000+ )

BIOS : BIOS Date: 07/30/04 21:10:10 Ver: 08.00.09

USER : didi ( Administrator )

BOOT : Normal boot

Antivirus : AntiVir Desktop 9.0.1.32 (Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:149 Go (Free:57 Go)

D:\ (CD or DVD)

E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [2] ( 2010-04-08|22:02 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\WINDOWS\Tasks\A33AF60891856E88.job

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\settings blue film frag

Supprime! - C:\DOCUME~1\didi\APPLIC~1\chicfl~1

Supprime! - C:\Program Files\chicfl~1

Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[2004-10-01|08:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities

[2008-04-12|20:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes

[2007-12-01|00:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[2008-04-15|18:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla

[2010-01-17|21:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[2005-02-03|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead

[2007-01-20|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL

[2008-04-05|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[2010-02-09|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira

[2008-10-24|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software

[2010-03-11|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations

[2010-02-09|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure

[2010-01-11|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[2008-04-17|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft

[2007-12-01|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard

[2009-01-09|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM

[2009-01-09|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail

[2008-04-17|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft

[2007-03-31|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech

[2010-02-09|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com

[2008-04-09|09:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes

[2010-03-14|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[2009-11-25|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[2005-02-03|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games

[2004-11-04|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6

[2009-04-25|22:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies

[2009-10-19|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software

[2009-09-19|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound

[2010-02-12|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Norton

[2009-08-30|18:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller

[2009-03-30|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS

[2004-10-30|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles

[2007-07-17|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm

[2004-11-19|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime

[2004-10-01|08:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI

[2009-10-19|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline

[2008-05-03|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[2010-04-01|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun

[2009-08-30|18:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[2008-05-07|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[2010-03-10|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Toolbar4

[2010-03-09|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia

[2009-03-29|13:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems

[2006-12-20|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[2006-12-13|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[2008-12-17|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller

[2008-12-28|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[2008-07-05|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[2007-05-02|19:33] C:\DOCUME~1\ANNEPA~1\APPLIC~1\ZangoToolbar

[2004-10-01|08:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[2009-12-02|17:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia

[2007-12-01|00:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[2009-12-02|17:08] C:\DOCUME~1\didi\APPLIC~1\Adobe

[2009-03-04|19:30] C:\DOCUME~1\didi\APPLIC~1\AdobeUM

[2008-02-03|14:38] C:\DOCUME~1\didi\APPLIC~1\Ahead

[2006-04-05|17:43] C:\DOCUME~1\didi\APPLIC~1\AOL

[2009-12-03|18:51] C:\DOCUME~1\didi\APPLIC~1\app

[2008-01-13|13:09] C:\DOCUME~1\didi\APPLIC~1\Apple Computer

[2009-09-22|18:54] C:\DOCUME~1\didi\APPLIC~1\DataCast

[2008-08-31|13:32] C:\DOCUME~1\didi\APPLIC~1\DivX

[2009-12-06|16:17] C:\DOCUME~1\didi\APPLIC~1\Dofus 2

[2009-12-03|18:50] C:\DOCUME~1\didi\APPLIC~1\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

[2009-12-04|18:00] C:\DOCUME~1\didi\APPLIC~1\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

[2009-12-04|18:03] C:\DOCUME~1\didi\APPLIC~1\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

[2009-12-06|13:27] C:\DOCUME~1\didi\APPLIC~1\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

[2010-03-21|18:58] C:\DOCUME~1\didi\APPLIC~1\dvdcss

[2008-04-26|10:55] C:\DOCUME~1\didi\APPLIC~1\EoRezo

[2005-02-03|13:09] C:\DOCUME~1\didi\APPLIC~1\FUJIFILM

[2010-01-11|18:54] C:\DOCUME~1\didi\APPLIC~1\Google

[2005-02-03|13:08] C:\DOCUME~1\didi\APPLIC~1\Help

[2004-10-01|08:37] C:\DOCUME~1\didi\APPLIC~1\Identities

[2008-10-24|19:06] C:\DOCUME~1\didi\APPLIC~1\InstallShield

[2005-02-03|13:09] C:\DOCUME~1\didi\APPLIC~1\InterTrust

[2005-02-15|19:52] C:\DOCUME~1\didi\APPLIC~1\InterVideo

[2007-09-30|12:13] C:\DOCUME~1\didi\APPLIC~1\ItsLabel

[2007-05-26|19:25] C:\DOCUME~1\didi\APPLIC~1\Jasc

[2010-04-08|21:34] C:\DOCUME~1\didi\APPLIC~1\LimeWire

[2007-08-24|15:47] C:\DOCUME~1\didi\APPLIC~1\Macromedia

[2008-04-09|09:52] C:\DOCUME~1\didi\APPLIC~1\Malwarebytes

[2010-01-17|00:26] C:\DOCUME~1\didi\APPLIC~1\Microsoft

[2005-02-03|13:09] C:\DOCUME~1\didi\APPLIC~1\Microsoft Games

[2008-07-29|19:43] C:\DOCUME~1\didi\APPLIC~1\Mozilla

[2006-12-13|17:35] C:\DOCUME~1\didi\APPLIC~1\MSN6

[2009-04-26|16:47] C:\DOCUME~1\didi\APPLIC~1\muvee Technologies

[2009-10-19|19:05] C:\DOCUME~1\didi\APPLIC~1\NCH Software

[2010-03-19|19:30] C:\DOCUME~1\didi\APPLIC~1\OfferBox

[2009-12-23|12:54] C:\DOCUME~1\didi\APPLIC~1\OpenOffice.org

[2008-11-04|15:21] C:\DOCUME~1\didi\APPLIC~1\OpenOffice.org2

[2008-05-03|16:03] C:\DOCUME~1\didi\APPLIC~1\PCToolsFirewallPlus

[2009-12-03|18:51] C:\DOCUME~1\didi\APPLIC~1\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

[2008-11-26|20:30] C:\DOCUME~1\didi\APPLIC~1\Samsung

[2007-05-07|18:11] C:\DOCUME~1\didi\APPLIC~1\Screenshot Sender

[2009-12-26|19:15] C:\DOCUME~1\didi\APPLIC~1\Sony Corporation

[2008-03-28|07:57] C:\DOCUME~1\didi\APPLIC~1\Sun

[2004-11-06|20:30] C:\DOCUME~1\didi\APPLIC~1\Template

[2008-07-29|19:43] C:\DOCUME~1\didi\APPLIC~1\TomTom

[2009-10-25|19:21] C:\DOCUME~1\didi\APPLIC~1\vlc

[2009-10-23|19:51] C:\DOCUME~1\didi\APPLIC~1\vlc(2)

[2008-07-05|15:16] C:\DOCUME~1\didi\APPLIC~1\Yahoo!

[2004-10-01|08:37] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities

[2005-05-04|17:28] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft

[2005-05-04|15:02] C:\DOCUME~1\INVIT~1\APPLIC~1\Template

[2008-04-25|11:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe

[2007-02-11|20:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[2010-01-27|20:50] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[2010-04-08 22:01][--a------] C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

[2010-04-08 20:56][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{D82DB382-6017-4362-A809-4832D7E899A4}.job

[2010-04-08 21:39][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010-04-08 21:29][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010-04-08 21:29][--ah-----] C:\WINDOWS\tasks\SA.DAT

[2002-08-30 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ MsgPlus SPONSOR INSTALLED !

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]

"SponsorInstalled"=dword:00000000

--------------------\\ Listing des dossiers dans C:\Program Files

[2004-10-30|20:10] C:\Program Files\%ALLUSERSPROFILE%

[2007-01-29|20:48] C:\Program Files\3B Software

[2009-03-30|13:53] C:\Program Files\Adobe

[2005-02-03|13:00] C:\Program Files\Ahead

[2008-04-05|19:03] C:\Program Files\Alwil Software

[2010-02-09|17:51] C:\Program Files\Antivirus

[2006-04-01|11:27] C:\Program Files\AOL 9.0

[2008-11-15|20:26] C:\Program Files\ArcSoft

[2010-02-09|16:08] C:\Program Files\Ask Search Assistant

[2010-03-20|14:27] C:\Program Files\Ask.com

[2009-04-25|22:46] C:\Program Files\Autofr

[2008-07-20|14:12] C:\Program Files\Avanquest update

[2010-02-09|15:54] C:\Program Files\Avira

[2007-05-26|19:56] C:\Program Files\Beneton Software

[2010-04-03|12:12] C:\Program Files\CCleaner

[2010-03-10|15:27] C:\Program Files\ChercherMP3

[2008-03-07|20:10] C:\Program Files\Clic-Go 150 000 Cliparts Volume 2

[2007-06-13|16:16] C:\Program Files\CoffeeCup Software

[2004-10-01|09:11] C:\Program Files\Common Files

[2004-10-01|08:33] C:\Program Files\ComPlus Applications

[2005-09-17|16:33] C:\Program Files\Core Design

[2009-05-01|14:13] C:\Program Files\Data Design Interactive

[2005-07-07|16:49] C:\Program Files\directx

[2009-10-19|19:28] C:\Program Files\DivX

[2010-03-16|21:53] C:\Program Files\Dofus

[2007-04-07|12:34] C:\Program Files\Empire Interactive

[2009-02-08|21:58] C:\Program Files\eMule

[2010-04-01|15:06] C:\Program Files\Fichiers communs

[2007-04-12|20:03] C:\Program Files\FinePixViewer

[2006-12-27|19:47] C:\Program Files\Fisher-Price

[2009-12-18|19:28] C:\Program Files\GameSpy Arcade

[2008-05-03|14:02] C:\Program Files\Gazel-NT

[2005-10-31|18:17] C:\Program Files\GIMP-2.2

[2010-02-05|20:03] C:\Program Files\Google

[2007-12-01|19:57] C:\Program Files\Hewlett-Packard

[2008-04-28|19:23] C:\Program Files\HijackThis

[2007-12-01|19:57] C:\Program Files\HP

[2007-04-12|20:03] C:\Program Files\Humour Toolbar

[2008-07-20|14:12] C:\Program Files\Icone

[2009-10-19|19:17] C:\Program Files\IncrediMail

[2005-12-05|19:34] C:\Program Files\Infogrames

[2010-03-11|19:47] C:\Program Files\InstallShield Installation Information

[2010-04-01|20:03] C:\Program Files\Internet Explorer

[2008-05-28|19:06] C:\Program Files\InterVideo

[2006-12-04|20:21] C:\Program Files\Inventel

[2008-02-26|19:02] C:\Program Files\Its Label

[2008-05-03|20:43] C:\Program Files\ItsLabel

[2006-12-30|17:23] C:\Program Files\J.H.C. SoftWare

[2007-05-26|18:58] C:\Program Files\Jasc Software Inc

[2010-04-01|15:05] C:\Program Files\Java

[2004-11-19|20:18] C:\Program Files\JavaSoft

[2008-11-15|20:31] C:\Program Files\JL2005C

[2009-12-23|12:47] C:\Program Files\JRE

[2010-03-26|21:56] C:\Program Files\Landwirtschafts-Simulator 2009 Demo

[2008-06-27|19:54] C:\Program Files\LETMIN

[2010-03-20|14:23] C:\Program Files\LimeWire

[2008-04-26|11:10] C:\Program Files\Logitech

[2006-05-16|17:20] C:\Program Files\LucasArts

[2010-02-09|17:43] C:\Program Files\ma-config.com

[2008-12-25|11:05] C:\Program Files\MarkAny

[2005-01-15|16:57] C:\Program Files\Maxis

[2008-10-12|11:02] C:\Program Files\Messenger

[2010-03-14|18:30] C:\Program Files\Messenger Plus! Live

[2006-12-13|15:28] C:\Program Files\MessengerPlus! 3

[2006-09-24|19:23] C:\Program Files\Micro Application

[2009-11-25|22:13] C:\Program Files\Microsoft

[2007-07-04|21:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[2006-07-07|19:16] C:\Program Files\microsoft frontpage

[2007-01-18|18:12] C:\Program Files\Microsoft Games

[2008-12-24|19:43] C:\Program Files\Microsoft Office

[2010-01-20|19:27] C:\Program Files\Microsoft Silverlight

[2008-12-28|17:52] C:\Program Files\Microsoft SQL Server Compact Edition

[2009-11-25|22:22] C:\Program Files\Microsoft Sync Framework

[2008-07-20|14:13] C:\Program Files\Microsoft Works

[2005-06-16|18:00] C:\Program Files\Monte Cristo

[2010-03-10|11:55] C:\Program Files\Movie Maker

[2010-04-08|21:10] C:\Program Files\Mozilla Firefox

[2009-08-06|16:05] C:\Program Files\MSBuild

[2008-11-28|20:48] C:\Program Files\MSECache

[2006-11-19|13:40] C:\Program Files\MSN

[2004-10-01|08:32] C:\Program Files\MSN Gaming Zone

[2007-12-23|21:02] C:\Program Files\MSN Messenger

[2007-01-08|22:25] C:\Program Files\MSXML 4.0

[2006-01-05|11:24] C:\Program Files\MUSICMATCH

[2009-04-25|22:53] C:\Program Files\muvee Technologies

[2009-09-09|17:03] C:\Program Files\MyFree Codec

[2010-04-08|21:26] C:\Program Files\navilog1

[2009-10-19|19:12] C:\Program Files\NCH Software

[2009-09-19|13:00] C:\Program Files\NCH Swift Sound

[2008-10-12|10:31] C:\Program Files\NetMeeting

[2010-02-12|19:27] C:\Program Files\Norton Security Scan

[2009-03-30|17:30] C:\Program Files\NOS

[2008-01-13|12:19] C:\Program Files\OLYMPUS

[2008-11-04|20:48] C:\Program Files\OpenOffice.org 2.3

[2009-12-23|12:47] C:\Program Files\OpenOffice.org 3

[2009-10-24|17:05] C:\Program Files\Orange

[2009-08-13|08:48] C:\Program Files\Outlook Express

[2010-04-03|15:49] C:\Program Files\Panda Security

[2007-06-27|18:19] C:\Program Files\PhotoFiltre

[2004-12-11|12:30] C:\Program Files\PIXELA

[2009-08-06|16:05] C:\Program Files\Reference Assemblies

[2005-02-03|13:08] C:\Program Files\REGSHAVE

[2009-09-22|18:54] C:\Program Files\Samsung

[2009-06-04|18:08] C:\Program Files\Securitoo

[2004-10-01|08:33] C:\Program Files\Services en ligne

[2009-10-19|18:27] C:\Program Files\SimTractor 4.0

[2010-01-06|22:08] C:\Program Files\SimTractor 4.1

[2009-12-26|18:39] C:\Program Files\Sony

[2006-09-29|17:49] C:\Program Files\The Adventure Company

[2005-01-15|19:40] C:\Program Files\TLC-Edusoft

[2007-07-15|17:48] C:\Program Files\TomTom DesktopSuite

[2008-11-07|20:40] C:\Program Files\TomTom HOME

[2008-11-07|20:46] C:\Program Files\TomTom HOME 2

[2009-04-26|21:45] C:\Program Files\TomTom International B.V

[2010-04-03|11:42] C:\Program Files\trend micro

[2005-10-23|18:49] C:\Program Files\Ubi Soft

[2005-10-23|18:39] C:\Program Files\UbiSoft

[2009-03-29|13:24] C:\Program Files\Ulead Systems

[2005-02-03|12:59] C:\Program Files\Uninstall Information

[2008-07-02|21:23] C:\Program Files\Veoh Networks

[2009-03-28|15:30] C:\Program Files\VideoLAN

[2008-11-26|18:09] C:\Program Files\Virtools

[2005-02-03|13:09] C:\Program Files\Visite

[2006-12-28|21:54] C:\Program Files\VK Mobile

[2009-06-03|18:54] C:\Program Files\Wanadoo

[2009-11-25|22:23] C:\Program Files\Windows Live

[2008-12-17|16:32] C:\Program Files\Windows Live SkyDrive

[2008-12-17|16:35] C:\Program Files\Windows Live Toolbar

[2007-05-05|15:03] C:\Program Files\Windows Media Connect 2

[2009-01-24|22:22] C:\Program Files\Windows Media Player

[2008-10-12|10:31] C:\Program Files\Windows NT

[2006-12-14|16:22] C:\Program Files\WindowsUpdate

[2007-10-10|20:00] C:\Program Files\WinRAR

[2004-10-01|08:34] C:\Program Files\xerox

[2008-07-03|14:34] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[2010-01-17|21:25] C:\Program Files\Fichiers communs\Adobe

[2009-12-02|17:08] C:\Program Files\Fichiers communs\Adobe AIR

[2005-02-03|13:00] C:\Program Files\Fichiers communs\Ahead

[2007-01-20|12:03] C:\Program Files\Fichiers communs\AOL

[2007-01-20|12:02] C:\Program Files\Fichiers communs\aolshare

[2008-11-15|20:27] C:\Program Files\Fichiers communs\ArcSoft

[2005-02-23|18:49] C:\Program Files\Fichiers communs\DirectX

[2009-03-28|15:20] C:\Program Files\Fichiers communs\DivX Shared

[2004-12-29|19:31] C:\Program Files\Fichiers communs\GTK

[2004-11-13|17:32] C:\Program Files\Fichiers communs\Hewlett-Packard

[2007-08-07|12:30] C:\Program Files\Fichiers communs\HP

[2007-06-05|19:24] C:\Program Files\Fichiers communs\InstallShield

[2010-04-01|15:06] C:\Program Files\Fichiers communs\Java

[2008-01-15|19:41] C:\Program Files\Fichiers communs\logishrd

[2008-01-15|19:44] C:\Program Files\Fichiers communs\Logitech

[2009-03-05|22:07] C:\Program Files\Fichiers communs\Microsoft Shared

[2004-10-01|08:33] C:\Program Files\Fichiers communs\MSSoap

[2009-10-19|19:20] C:\Program Files\Fichiers communs\muvee Technologies

[2004-10-01|09:31] C:\Program Files\Fichiers communs\ODBC

[2004-10-01|08:33] C:\Program Files\Fichiers communs\Services

[2004-10-01|09:31] C:\Program Files\Fichiers communs\SpeechEngines

[2005-09-24|11:46] C:\Program Files\Fichiers communs\SWF Studio

[2009-12-18|19:29] C:\Program Files\Fichiers communs\Symantec Shared

[2008-10-12|10:31] C:\Program Files\Fichiers communs\System

[2008-12-17|16:18] C:\Program Files\Fichiers communs\Windows Live

[2008-12-28|17:39] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 43 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-04-08 22:03:28

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 7109

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\didi\Mes documents\OPHELIE\image de Oph‚lie\Image\Images\tenniscrack4_3.jpg

[F:70][D:7]-> C:\DOCUME~1\didi\LOCALS~1\Temp

[F:9][D:0]-> C:\DOCUME~1\didi\Cookies

[F:12][D:5]-> C:\DOCUME~1\didi\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 2010-04-08|21:56 - Option : [1]

2 - "C:\Lop SD\LopR_2.txt" - 2010-04-08|22:09 - Option : [2]

--------------------\\ Fin du rapport a 22:09:31

et le log de RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by didi at 2010-04-08 22:10:39

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 59 GB (39%) free of 153 GB

Total RAM: 703 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:10, on 2010-04-08

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\System32\svchost.exe

C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Samsung\EmoDio\SMSTray.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\Orange\MailNotifier\MailNotifier.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\cmd.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\didi\Mes documents\Téléchargements\RSIT(2).exe

C:\Program Files\trend micro\didi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherchermp3.com/bar

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cherchermp3.com/results.html?q=...10&ie=UTF-8

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} - (no file)

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

R3 - URLSearchHook: (no name) - {402C9DAE-1B66-11DD-B3DE-22D556D89593} - (no file)

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll (file missing)

R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\ChercherMP3\cherchermp3.exe\Streaming_Chercher_MP3_Toolbar\tbhelper.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: TBSB07458 - {5B839A5A-753B-4CFA-9330-071FC5B60471} - C:\Program Files\ChercherMP3\cherchermp3.exe\Streaming_Chercher_MP3_Toolbar\tbcore3.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: PrivBar - {300BC64A-BF32-4cc8-8917-91148CEFE700} - C:\DropMyRights\PrivBar.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Streaming_Chercher_MP3_Toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - C:\Program Files\ChercherMP3\cherchermp3.exe\Streaming_Chercher_MP3_Toolbar\tbcore3.dll

O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'Default user')

O4 - S-1-5-18 Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: Outil de détection de support PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (User 'Default user')

O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')

O4 - .DEFAULT Startup: Outil de détection de support PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (User 'Default user')

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: Outil de détection de support PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

O8 - Extra context menu item: &Search - ?p=ZNxmk142YYFR

O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\DOCUME~1\didi\LOCALS~1\Temp\cce10D.html

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O8 - Extra context menu item: Orange - C:\DOCUME~1\didi\LOCALS~1\Temp\cce4C7C.html

O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ace98d55c5bd42f2a10d0c1bec107423

O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ace98d55c5bd42f2a10d0c1bec107423

O8 - Extra context menu item: traduire la page - C:\DOCUME~1\didi\LOCALS~1\Temp\cce10B.html

O8 - Extra context menu item: traduire le texte sélectionné - C:\DOCUME~1\didi\LOCALS~1\Temp\cce10C.html

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Streaming_Chercher_MP3_Toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll

O9 - Extra 'Tools' menuitem: Streaming_Chercher_MP3_Toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://www.kaspersky.com

O15 - Trusted Zone: http://logicielsgratuits.orange.fr

O15 - Trusted Zone: http://*.secuser.com

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secu.../fslauncher.cab

O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} (OrangeInstaller_ModuleIE Control) - http://logicielsgratuits.orange.fr/downloa...geInstaller.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader4.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O20 - Winlogon Notify: khfETnLb - C:\WINDOWS\

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

O23 - Service: Service Google Update (gupdate1c9afa81e35714) (gupdate1c9afa81e35714) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMEService.exe

--

End of file - 16245 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{D82DB382-6017-4362-A809-4832D7E899A4}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B839A5A-753B-4CFA-9330-071FC5B60471}]

TBSB07458 Class - C:\Program Files\ChercherMP3\cherchermp3.exe\Streaming_Chercher_MP3_Toolbar\tbcore3.dll [2010-02-24 2772800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-05 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-05 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-01 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{300BC64A-BF32-4cc8-8917-91148CEFE700} - PrivBar - C:\DropMyRights\PrivBar.dll [2005-10-14 233472]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

{D3028143-6145-4318-99D3-3EDCE54A95A9} - barre d'outils Orange - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll [2009-08-05 2268464]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-05 279664]

{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - Streaming_Chercher_MP3_Toolbar - C:\Program Files\ChercherMP3\cherchermp3.exe\Streaming_Chercher_MP3_Toolbar\tbcore3.dll [2010-02-24 2772800]

{D4027C7F-154A-4066-A1AD-4243D8127440} - LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-08-02 4493312]

"nwiz"=nwiz.exe /install []

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-08-02 86016]

"SMSTray"=C:\Program Files\Samsung\EmoDio\SMSTray.exe [2009-04-16 479232]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx []

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

"Antivirus"=C:\Program Files\VAV\vav.exe []

"TomTomHOME.exe"=C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

"MailNotifier"=C:\Program Files\Orange\MailNotifier\MailNotifier.exe [2009-10-12 692224]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-11-11 39408]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bat Poke]

C:\DOCUME~1\didi\APPLIC~1\CHICFL~1\save trust less.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bend logo clock film]

C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Deaf Bias.exe []

C:\Documents and Settings\didi\Menu Démarrer\Programmes\Démarrage

LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe

OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

Outil de détection de support PMB.lnk - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\khfETnLb]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"RunStartupScriptSync"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"RunStartupScriptSync"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=95000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=

"NoDriveTypeAutoRun"=

"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"

"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"

"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"

"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

"C:\Documents and Settings\didi\Mes documents\Téléchargements\PICT0074553.JPG-www-facebook-com.scr"="C:\Documents and Settings\didi\Mes documents\Téléchargements\PICT0074553.JPG-www-facebook-com.scr:*:Enabled:Userinit"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{677136f6-e056-11db-8de4-00038a000015}]

shell\AutoRun\command - F:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d48cb450-373c-11de-92a4-00038a000015}]

shell\AutoRun\command - F:\LaunchU3.exe -a

======List of files/folders created in the last 1 months======

2010-04-08 22:10:10 ----A---- C:\lopR0408-2210.txt

2010-04-08 21:48:03 ----A---- C:\lopR.txt

2010-04-08 21:47:15 ----D---- C:\Lop SD

2010-04-08 21:39:31 ----A---- C:\cleannavi0408-2139.txt

2010-04-08 21:25:58 ----D---- C:\Program Files\navilog1

2010-04-08 21:23:37 ----A---- C:\cleannavi.txt

2010-04-08 21:22:56 ----AD---- C:\Navilog1

2010-04-01 15:27:17 ----D---- C:\Program Files\Panda Security

2010-04-01 15:25:41 ----D---- C:\WINDOWS\system32\Kaspersky Lab

2010-04-01 15:06:15 ----D---- C:\Documents and Settings\All Users\Application Data\Sun

2010-04-01 15:06:12 ----D---- C:\Program Files\Fichiers communs\Java

2010-04-01 15:05:32 ----A---- C:\WINDOWS\system32\javaws.exe

2010-04-01 15:05:32 ----A---- C:\WINDOWS\system32\javaw.exe

2010-04-01 15:05:32 ----A---- C:\WINDOWS\system32\java.exe

2010-04-01 15:05:05 ----D---- C:\Program Files\Java

2010-04-01 15:02:08 ----A---- C:\WINDOWS\system32\RENC3.tmp

2010-04-01 15:02:08 ----A---- C:\WINDOWS\system32\RENC2.tmp

2010-03-30 15:36:50 ----D---- C:\Program Files\trend micro

2010-03-30 15:36:45 ----D---- C:\rsit

2010-03-30 14:31:05 ----A---- C:\mbam-error.txt

2010-03-26 21:54:21 ----D---- C:\Program Files\Landwirtschafts-Simulator 2009 Demo

2010-03-20 14:25:57 ----D---- C:\Program Files\Ask.com

2010-03-16 21:23:01 ----A---- C:\WINDOWS\system32\ztvunrar36.dll

2010-03-16 21:23:01 ----A---- C:\WINDOWS\system32\ztvunace26.dll

2010-03-16 21:23:01 ----A---- C:\WINDOWS\system32\ztvcabinet.dll

2010-03-16 21:21:54 ----D---- C:\Documents and Settings\didi\Application Data\OfferBox

2010-03-16 21:17:36 ----D---- C:\Program Files\Dofus

2010-03-11 20:09:14 ----D---- C:\Documents and Settings\All Users\Application Data\Downloaded Installations

2010-03-10 15:28:01 ----D---- C:\Documents and Settings\All Users\Application Data\Toolbar4

2010-03-10 15:27:52 ----D---- C:\Program Files\ChercherMP3

2010-03-10 11:54:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$

2010-03-09 19:36:23 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia

======List of files/folders modified in the last 1 months======

2010-04-08 22:02:19 ----SD---- C:\WINDOWS\Tasks

2010-04-08 22:02:19 ----RD---- C:\Program Files

2010-04-08 21:49:34 ----D---- C:\WINDOWS\TEMP

2010-04-08 21:36:52 ----SHD---- C:\WINDOWS\Installer

2010-04-08 21:36:51 ----HD---- C:\Config.Msi

2010-04-08 21:35:32 ----AD---- C:\WINDOWS\system32

2010-04-08 21:34:41 ----D---- C:\Documents and Settings\didi\Application Data\LimeWire

2010-04-08 21:33:06 ----D---- C:\WINDOWS\Prefetch

2010-04-08 21:30:22 ----D---- C:\WINDOWS\system32\CatRoot2

2010-04-08 21:30:11 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt

2010-04-08 21:30:11 ----A---- C:\WINDOWS\ModemLog_Modem standard.txt

2010-04-08 21:28:49 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-04-08 21:10:18 ----D---- C:\Program Files\Mozilla Firefox

2010-04-08 20:54:51 ----D---- C:\WINDOWS

2010-04-03 15:49:28 ----D---- C:\WINDOWS\system32\drivers

2010-04-03 15:49:25 ----SD---- C:\WINDOWS\Downloaded Program Files

2010-04-03 12:12:29 ----D---- C:\Program Files\CCleaner

2010-04-01 20:03:21 ----D---- C:\Program Files\Internet Explorer

2010-04-01 19:02:53 ----HD---- C:\WINDOWS\inf

2010-04-01 19:02:44 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-04-01 19:02:23 ----D---- C:\WINDOWS\ie8updates

2010-04-01 19:01:04 ----HD---- C:\WINDOWS\$hf_mig$

2010-04-01 15:51:13 ----D---- C:\WINDOWS\BDOSCAN8

2010-04-01 15:06:12 ----D---- C:\Program Files\Fichiers communs

2010-04-01 15:05:09 ----A---- C:\WINDOWS\system32\deploytk.dll

2010-03-31 07:33:30 ----D---- C:\tmp

2010-03-30 04:24:06 ----D---- C:\WINDOWS\ServicePackFiles

2010-03-29 23:58:51 ----D---- C:\WINDOWS\Logs

2010-03-29 20:07:53 ----D---- C:\WINDOWS\Minidump

2010-03-29 20:07:53 ----D---- C:\WINDOWS\Debug

2010-03-28 11:13:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2010-03-26 15:52:35 ----D---- C:\WINDOWS\system32\FxsTmp

2010-03-21 21:03:31 ----D---- C:\Documents and Settings

2010-03-21 18:58:14 ----D---- C:\Documents and Settings\didi\Application Data\dvdcss

2010-03-20 14:23:24 ----D---- C:\Program Files\LimeWire

2010-03-14 22:13:09 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!

2010-03-14 18:30:07 ----D---- C:\Program Files\Messenger Plus! Live

2010-03-14 13:14:45 ----AH---- C:\a.txt

2010-03-11 19:47:45 ----HD---- C:\Program Files\InstallShield Installation Information

2010-03-10 11:55:01 ----D---- C:\Program Files\Movie Maker

2010-03-09 19:25:33 ----A---- C:\WINDOWS\NeroDigital.ini

2010-03-09 19:20:17 ----D---- C:\WINDOWS\system32\DirectX

2010-03-09 19:19:45 ----RSD---- C:\WINDOWS\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]

R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-11-26 5632]

R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [2008-06-20 225856]

R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]

R2 irda;Protocole IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]

R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]

R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2006-06-26 23472]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]

R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]

R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-02 2627328]

R3 nvax;Service for NVIDIA® nForce Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2004-03-03 40832]

R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2003-08-15 72771]

R3 nvnforce;Service for NVIDIA® nForce Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2004-03-03 320640]

R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]

R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-30 5888]

R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]

R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]

R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]

R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]

R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys [2003-01-10 33588]

S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

S3 catchme;catchme; \??\C:\DOCUME~1\didi\LOCALS~1\Temp\catchme.sys []

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []

S3 FINEPIX_PCC;FinePix Digital Camera 030305; C:\WINDOWS\System32\Drivers\V4CB0125.SYS [2002-05-07 81700]

S3 Gisdnpci;Pilote Gazel PnP; C:\WINDOWS\system32\DRIVERS\gisdnpnp.sys []

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2004-06-21 51088]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2004-06-21 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2004-06-21 21744]

S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-02-06 1691808]

S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-02-06 1964064]

S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-02-03 41504]

S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\System32\DRIVERS\NMnt.sys [2008-04-13 40320]

S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]

S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]

S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []

S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []

S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2007-02-03 14240]

S3 PID_08A0;Logitech QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2006-06-23 720176]

S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-02-03 938272]

S3 RecAgent;recagent; \??\C:\WINDOWS\system32\DRIVERS\RecAgent.sys []

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]

S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]

S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]

S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]

S3 STIrUsb;STIrUsb.sys SigmaTel USB-IrDA Adapter; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2003-12-12 31048]

S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]

R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]

R2 Irmon;Moniteur infrarouge; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-01 153376]

R2 LVPrcSrv;Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2006-06-26 99888]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-08-02 114755]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]

R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]

R2 TomTomHOMEService;TomTomHOMEService; C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]

S2 gupdate1c9afa81e35714;Service Google Update (gupdate1c9afa81e35714); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-28 133104]

S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-05 182768]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-12-17 243056]

S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2004-03-18 65536]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Ce sera probablement tout pour moi pour ce soir, merci , bonne nuit et à demain pour la suite

Modifié le 8 avril 2010 par Sparfell

Apollo · le 8 avril 2010

Ok, alors je vais te laisser les instructions pour demain; je devrais être là vers 17 ou 18 heures.

Télécharge Ad-Remover de C-XX et Enregistre-le sur le bureau.

Ferme toutes les applications ouvertes pour l'installer.

Sous Vista: Désactiver provisoirement l'UAC comme expliqué ICI

Double-clique (Clic droit/exécuter comme administrateur pour Vista) sur l'icône placée sur le bureau.

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

Clique sur Scanner.

Le rapport se trouve aussi sous C:\Ad-Report.

Copie/colle-le dans ta réponse stp.

-----------------------------------------------------------------------------------------------

2) Double-clique (Clic droit/exécuter comme administrateur pour Vista) sur l'icône placée sur le bureau.

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

Clique sur Nettoyer.

Le bureau va disparaitre, c'est normal!

Le rapport se trouve aussi sous C:\Ad-Report Clean.

Copie/colle-le dans ta réponse stp.

Réactiver l'UAC de Vista. (Si Vista bien sûr!).

La page d'accueil sera peut-être changée; il suffit de remettre sa page habituelle via les options internet.

---------------------------------------------

3) Étape 1: rkill (de Grinler), téléchargement

Télécharger rkill depuis l'un des liens ci-dessous:

Enregistrer le fichier sur le Bureau.

Étape 2: Pas de processus de contrôle en temps réel

Désactiver le module résident de l'antivirus et celui de l'antispyware.

Étape 3: rkill (de Grinler), exécution

Faire un double clic sur le fichier rkill téléchargé pour lancer l'outil.

Pour Vista, faire un clic droit sur le fichier rkill téléchargé puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

Une fenêtre à fond noir va apparaître brièvement, puis disparaître.

Si rien ne se passe, ou si l'outil ne se lance pas, télécharger l'outil depuis un autre des quatre liens ci-dessus et faire une nouvelle tentative d'exécution.

Si aucun des outils téléchargés depuis les quatre liens ci-dessus ne semble fonctionner, ne pas continuer le nettoyage, et me prévenir sur le forum.

Le rapport se trouve sous C:\rkill/txt --> Poste-le stp.

-----------------------------------------------------------

4) Télécharge Malwarebytes' Anti-Malware (MBAM)

Si MBAM est déjà installé, aller directement à la mise à jour puis à l'analyse.

Ce logiciel est à garder.

Uniquement en cas de problème de mise à jour:

Télécharger mises à jour MBAM

Exécute le fichier après l'installation de MBAM

Connecter les supports amovibles (clés usb etc.) avant de lancer l'analyse.

Double clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
Sélectionne "Exécuter un examen complet"
Clique sur "Rechercher"
L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Si MBAM demande à redémarrer le pc, fais-le.

!!! Ne pas vider la quarantaine de MBAM sans avis !!! (en cas de faux-positifs toujours possibles.)

Poste également un nouveau log RSIT après tout ça stp.

Bonne nuit

@++

Modifié le 8 avril 2010 par Apollo

Sparfell · le 9 avril 2010

Bonjour Apollo,

La nuit a été studieuse , voici le 1er rapport Ad-R

.
======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 =======

.

Mis à jour par C_XX le 31/03/10 à 21:30

Contact: AdRemover.contact@gmail.com

Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

.

Lancé à: 22:27:25 le 08/04/2010 | Mode normal | Option: SCAN

Exécuté de: C:\Ad-Remover\ADR.exe

SE: Microsoft® Windows XP™ Service Pack 3 - X86

Nom du PC: NOËL | Utilisateur actuel: didi (Administrateur)

.

============== ÉLÉMENT(S) TROUVÉ(S) ==============

.

.

C:\Documents and Settings\All Users\Application Data\Trymedia

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ItsLabel

C:\Documents and Settings\anne paule\Application Data\ZangoToolbar

C:\Documents and Settings\anne paule\Application Data\ZangoToolbar\v3.0\ZangoToolbar

C:\Documents and Settings\didi\Application Data\EoRezo

C:\Documents and Settings\didi\Application Data\ItsLabel

C:\Documents and Settings\didi\Application Data\Mozilla\FireFox\Profiles\2376qupx.default\extensions\toolbar@ask.com

C:\Documents and Settings\didi\Application Data\Mozilla\FireFox\Profiles\2376qupx.default\searchplugins\askcom.xml

C:\Documents and Settings\didi\Local Settings\Application Data\AskToolbar

C:\Documents and Settings\didi\Menu Démarrer\Programmes\Ask Search Assistant

C:\Program Files\Ask Search Assistant

C:\Program Files\Ask.com

C:\Program Files\Its Label

C:\Program Files\ItsLabel

C:\Program Files\Letmin

C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

.

HKCU\Software\AppDataLow\AskToolbarInfo

HKCU\Software\Ask.com

HKCU\Software\AskToolbar

HKCU\Software\EoRezo

HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search

HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

HKLM\Software\Classes\AppID\GenericAskToolbar.DLL

HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

HKLM\Software\Classes\ComObject.DeskbarEnabler

HKLM\Software\Classes\ComObject.DeskbarEnabler.1

HKLM\Software\Classes\EoRezoBHO.EoBho

HKLM\Software\Classes\EoRezoBHO.EoBho.1

HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd

HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1

HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}

HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}

HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook

HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1

HKLM\Software\ItsLabel

HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\AskSearchAsst.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant

HKLM\Software\Trymedia Systems

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}

HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}

.

.

============== SCAN ADDITIONNEL ==============

.

* Mozilla FireFox Version 3.6.3 (fr) *

.

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\didi\\Mes documents\\tmp

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - browser.search.defaultenginename: Ask.com

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - browser.search.defaulturl: hxxp://www.bing.com/search?FORM=IEFM1&q=

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - browser.search.selectedEngine: Ask.com

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - browser.startup.homepage: hxxp://www.plusnetwork.com

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16050&locale=fr_FR&q=

.

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("browser.search.defaultengine", "Ask.com");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("browser.search.defaultenginename", "Ask.com");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("browser.search.order.1", "Ask.com");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("browser.search.selectedEngine", "Ask.com");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.cbid", "OF");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.fresh-install", false);

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.l", "dis");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.last-config-req", "1270126410314");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.locale", "fr_FR");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.o", "16050");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.overlay-reloaded-using-restart", true);

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.qsrc", "2871");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.r", "2");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.to", "16105");

TROUVÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16050&locale=fr_FR&q=");

.

* Internet Explorer Version 8.0.6001.18702 *

.

[HKCU\Software\Microsoft\Internet Explorer\Main]

.

AutoHide: yes

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Show_ToolBar: yes

Start Page: hxxp://www.plusnetwork.com

Use Search Asst: no

.

[HKLM\Software\Microsoft\Internet Explorer\Main]

.

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157

Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Delete_Temp_Files_On_Exit: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Start Page: hxxp://www.cherchermp3.com/bar

.

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

.

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

.

========================================

.

C:\DOCUME~1\didi\LOCALS~1\Temp: 56 Fichier(s), 8 Dossier(s)

C:\WINDOWS\temp: 2 Fichier(s), 0 Dossier(s)

Temporary Internet Files: 10 Fichier(s), 6 Dossier(s)

.

C:\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Ad-Remover\Backup: 1 Fichier(s)

.

C:\Ad-Report-SCAN[1].txt - 8616 Octet(s)

.

Fin à: 22:37:06, 08/04/2010

.

============== E.O.F - SCAN[1] ==============

A suivre ...

Sparfell · le 9 avril 2010

2e rapport Ad-R

.
======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 =======

.

Mis à jour par C_XX le 31/03/10 à 21:30

Contact: AdRemover.contact@gmail.com

Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

.

Lancé à: 04:31:14 le 09/04/2010 | Mode normal | Option: CLEAN

Exécuté de: C:\Ad-Remover\ADR.exe

SE: Microsoft® Windows XP™ Service Pack 3 - X86

Nom du PC: NOËL | Utilisateur actuel: didi (Administrateur)

.

============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============

.

.

C:\Documents and Settings\All Users\Application Data\Trymedia

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ItsLabel

C:\Documents and Settings\anne paule\Application Data\ZangoToolbar

C:\Documents and Settings\didi\Application Data\EoRezo

C:\Documents and Settings\didi\Application Data\ItsLabel

C:\Documents and Settings\didi\Application Data\Mozilla\FireFox\Profiles\2376qupx.default\extensions\toolbar@ask.com

C:\Documents and Settings\didi\Application Data\Mozilla\FireFox\Profiles\2376qupx.default\searchplugins\askcom.xml

C:\Documents and Settings\didi\Local Settings\Application Data\AskToolbar

C:\Documents and Settings\didi\Menu Démarrer\Programmes\Ask Search Assistant

C:\Program Files\Ask Search Assistant

C:\Program Files\Ask.com

C:\Program Files\Its Label

C:\Program Files\ItsLabel

C:\Program Files\Letmin

C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

(!) -- Fichiers temporaires supprimés.

.

HKCU\Software\AppDataLow\AskToolbarInfo

HKCU\Software\Ask.com

HKCU\Software\AskToolbar

HKCU\Software\EoRezo

HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search

HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

HKLM\Software\Classes\AppID\GenericAskToolbar.DLL

HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

HKLM\Software\Classes\ComObject.DeskbarEnabler

HKLM\Software\Classes\ComObject.DeskbarEnabler.1

HKLM\Software\Classes\EoRezoBHO.EoBho

HKLM\Software\Classes\EoRezoBHO.EoBho.1

HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd

HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1

HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}

HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}

HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook

HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1

HKLM\Software\ItsLabel

HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\AskSearchAsst.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant

HKLM\Software\Trymedia Systems

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}

HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}

.

(Orpheline) HKCU,Run - Antivirus - C:\Program Files\VAV\vav.exe (Fichier manquant)

(Orpheline) BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} (CLSID manquant)

.

============== SCAN ADDITIONNEL ==============

.

* Mozilla FireFox Version 3.6.3 (fr) *

.

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\didi\\Bureau

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - browser.search.defaultenginename: Ask.com

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - browser.search.defaulturl: hxxp://www.bing.com/search?FORM=IEFM1&q=

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - browser.search.selectedEngine: Ask.com

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - browser.startup.homepage: hxxp://www.plusnetwork.com

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3

C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16050&locale=fr_FR&q=

.

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("browser.search.defaultengine", "Ask.com");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("browser.search.defaultenginename", "Ask.com");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("browser.search.order.1", "Ask.com");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("browser.search.selectedEngine", "Ask.com");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.cbid", "OF");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.fresh-install", false);

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.l", "dis");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.last-config-req", "1270126410314");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.locale", "fr_FR");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.o", "16050");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.overlay-reloaded-using-restart", true);

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.qsrc", "2871");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.r", "2");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("extensions.asktb.to", "16105");

EFFACÉ: C:\Documents and Settings\didi\..\2376qupx.default\prefs.js - user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16050&locale=fr_FR&q=");

.

* Internet Explorer Version 8.0.6001.18702 *

.

[HKCU\Software\Microsoft\Internet Explorer\Main]

.

AutoHide: yes

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896

Show_ToolBar: yes

Start Page: hxxp://fr.msn.com/

Use Search Asst: no

.

[HKLM\Software\Microsoft\Internet Explorer\Main]

.

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://fr.msn.com/

.

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

.

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

.

========================================

.

C:\DOCUME~1\didi\LOCALS~1\Temp: 0 Fichier(s), 8 Dossier(s)

C:\WINDOWS\temp: 2 Fichier(s), 0 Dossier(s)

Temporary Internet Files: 2 Fichier(s), 6 Dossier(s)

.

C:\Ad-Remover\Quarantine: 2 Fichier(s)

C:\Ad-Remover\Backup: 14 Fichier(s)

.

C:\Ad-Report-CLEAN[1].txt - 8950 Octet(s)

C:\Ad-Report-SCAN[1].txt - 8740 Octet(s)

.

Fin à: 04:42:56, 09/04/2010

.

============== E.O.F - CLEAN[1] ==============

A suivre ...

Sparfell · le 9 avril 2010

et le rapport rkill

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.

Otherwise you can close this log when you wish.

Ran as didi on 2010-04-09 at 5:17:30.

Processes terminated by Rkill or while it was running:

C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMERunner.exe

C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMEService.exe

C:\Documents and Settings\didi\Bureau\rkill.exe

Rkill completed on 2010-04-09 at 5:17:33.

A ce soir

O'Neil · le 9 avril 2010

Bonjour tt le monde ! Je me présente : O'Neil et je souhaiterais avoir de l'aide car je m'y connais très très peu en ordi ! Donc j'ai plusieur prog sur l'ordi dont : Malwarebytes, Spybot, ccleaner et avast .

Après pas mal de recherche les avis sur divers forum donnés de bonne critique . Qu'en pensez-vous?

Sinon j'ai fais un scan complet avec ses prog dont un scan au démarrage avec avast et ils ont trouvés plusieurs choses et je me suis posé la question :" si mtn je supprime tt ça, vais-je créer d'autre probleme puisque je ne sais pas ce que je supprime " donc je me tourne vers vous en espérant avoir une rép de votre part ! Merci .

Voici les choses affichées:

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-11cf-aax5-81cx1c635612} (Trojan.Agent) -> No action taken.

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost.exe (Trojan.Downloader) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\meet great active lies (Trojan.Swizzor) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows data serivce (Malware.Trace) -> No action taken.

Dossier(s) infecté(s):

C:\WINDOWS\system32\lowsec (Stolen.data) -> No action taken.

Fichier(s) infecté(s):

C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> No action taken.

C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> No action taken.

C:\Documents and Settings\Audrey\Application Data\Microsoft\svchost.exe (Trojan.Downloader) -> No action taken.

C:\WINDOWS\Temp\7.exe (Worm.AutoRun) -> No action taken.

C:\Documents and Settings\Audrey\nigzss.txt (Malware.Trace) -> No action taken.

Apollo · le 9 avril 2010

Bonjour O'Neil et bienvenue sur les forums zébulon.

Il ne faut pas poster dans le sujet d'un autre membre.

S'il te plaît, crée-toi un sujet personnel en cliquant sur le bouton .

Donne un titre le plus explicite possible, décris les problèmes rencontrés et poste les rapports que tu as en ta possession.

Tu seras alors pris en charge par l'un ou l'autre membre du groupe sécurité du forum.

Dans ton topic personnel, tu devras utiliser le bouton répondre, celui qui se trouve entre "Flash" et "Nouveau", ceci afin de ne pas citer chaque fois le post précédent.

Merci.

@++

Sparfell · le 9 avril 2010

Re coucou

Voici enfin la suite, rapport mbam clean :

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Version de la base de données: 3972

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

2010-04-09 17:19:25

mbam-log-2010-04-09 (17-19-25).txt

Type d'examen: Examen complet (C:\|)

Elément(s) analysé(s): 262217

Temps écoulé: 1 heure(s), 45 minute(s), 12 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

et rapport RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by didi at 2010-04-09 20:03:56

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 60 GB (39%) free of 153 GB

Total RAM: 703 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:04, on 2010-04-09

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Samsung\EmoDio\SMSTray.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\Orange\MailNotifier\MailNotifier.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\System32\svchost.exe

C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMEService.exe

C:\WINDOWS\System32\svchost.exe

C:\Documents and Settings\didi\Bureau\RSIT(2).exe

C:\Program Files\trend micro\didi.exe

C:\WINDOWS\system32\msfeedssync.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} - (no file)

R3 - URLSearchHook: (no name) - {402C9DAE-1B66-11DD-B3DE-22D556D89593} - (no file)

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll (file missing)

R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\ChercherMP3\cherchermp3.exe\Streaming_Chercher_MP3_Toolbar\tbhelper.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: TBSB07458 - {5B839A5A-753B-4CFA-9330-071FC5B60471} - C:\Program Files\ChercherMP3\cherchermp3.exe\Streaming_Chercher_MP3_Toolbar\tbcore3.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: PrivBar - {300BC64A-BF32-4cc8-8917-91148CEFE700} - C:\DropMyRights\PrivBar.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Streaming_Chercher_MP3_Toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - C:\Program Files\ChercherMP3\cherchermp3.exe\Streaming_Chercher_MP3_Toolbar\tbcore3.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'Default user')

O4 - S-1-5-18 Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: Outil de détection de support PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (User 'Default user')

O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')

O4 - .DEFAULT Startup: Outil de détection de support PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (User 'Default user')

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: Outil de détection de support PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\DOCUME~1\didi\LOCALS~1\Temp\cce10D.html

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O8 - Extra context menu item: Orange - C:\DOCUME~1\didi\LOCALS~1\Temp\cce4C7C.html

O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ace98d55c5bd42f2a10d0c1bec107423

O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ace98d55c5bd42f2a10d0c1bec107423

O8 - Extra context menu item: traduire la page - C:\DOCUME~1\didi\LOCALS~1\Temp\cce10B.html

O8 - Extra context menu item: traduire le texte sélectionné - C:\DOCUME~1\didi\LOCALS~1\Temp\cce10C.html

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Streaming_Chercher_MP3_Toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll

O9 - Extra 'Tools' menuitem: Streaming_Chercher_MP3_Toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://www.kaspersky.com

O15 - Trusted Zone: http://logicielsgratuits.orange.fr

O15 - Trusted Zone: http://*.secuser.com

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secu.../fslauncher.cab

O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} (OrangeInstaller_ModuleIE Control) - http://logicielsgratuits.orange.fr/downloa...geInstaller.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader4.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O20 - Winlogon Notify: khfETnLb - C:\WINDOWS\

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

O23 - Service: Service Google Update (gupdate1c9afa81e35714) (gupdate1c9afa81e35714) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMEService.exe

--

End of file - 15222 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{D82DB382-6017-4362-A809-4832D7E899A4}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B839A5A-753B-4CFA-9330-071FC5B60471}]

TBSB07458 Class - C:\Program Files\ChercherMP3\cherchermp3.exe\Streaming_Chercher_MP3_Toolbar\tbcore3.dll [2010-02-24 2772800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-05 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-05 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-01 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{300BC64A-BF32-4cc8-8917-91148CEFE700} - PrivBar - C:\DropMyRights\PrivBar.dll [2005-10-14 233472]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

{D3028143-6145-4318-99D3-3EDCE54A95A9} - barre d'outils Orange - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll [2009-08-05 2268464]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-05 279664]

{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - Streaming_Chercher_MP3_Toolbar - C:\Program Files\ChercherMP3\cherchermp3.exe\Streaming_Chercher_MP3_Toolbar\tbcore3.dll [2010-02-24 2772800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-08-02 4493312]

"nwiz"=nwiz.exe /install []

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-08-02 86016]

"SMSTray"=C:\Program Files\Samsung\EmoDio\SMSTray.exe [2009-04-16 479232]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx []

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

"TomTomHOME.exe"=C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

"MailNotifier"=C:\Program Files\Orange\MailNotifier\MailNotifier.exe [2009-10-12 692224]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-11-11 39408]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bat Poke]

C:\DOCUME~1\didi\APPLIC~1\CHICFL~1\save trust less.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bend logo clock film]

C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Deaf Bias.exe []

C:\Documents and Settings\didi\Menu Démarrer\Programmes\Démarrage

LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe

OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

Outil de détection de support PMB.lnk - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\khfETnLb]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"RunStartupScriptSync"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"RunStartupScriptSync"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=95000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=

"NoDriveTypeAutoRun"=

"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"

"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"

"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"

"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

"C:\Documents and Settings\didi\Mes documents\Téléchargements\PICT0074553.JPG-www-facebook-com.scr"="C:\Documents and Settings\didi\Mes documents\Téléchargements\PICT0074553.JPG-www-facebook-com.scr:*:Enabled:Userinit"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{677136f6-e056-11db-8de4-00038a000015}]

shell\AutoRun\command - F:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d48cb450-373c-11de-92a4-00038a000015}]

shell\AutoRun\command - F:\LaunchU3.exe -a

======List of files/folders created in the last 1 months======

2010-04-09 04:31:22 ----A---- C:\Ad-Report-CLEAN[1].txt

2010-04-08 22:27:37 ----A---- C:\Ad-Report-SCAN[1].txt

2010-04-08 22:27:25 ----D---- C:\Ad-Remover

2010-04-08 22:10:10 ----A---- C:\lopR0408-2210.txt

2010-04-08 21:48:03 ----A---- C:\lopR.txt

2010-04-08 21:47:15 ----D---- C:\Lop SD

2010-04-08 21:39:31 ----A---- C:\cleannavi0408-2139.txt

2010-04-08 21:25:58 ----D---- C:\Program Files\navilog1

2010-04-08 21:23:37 ----A---- C:\cleannavi.txt

2010-04-08 21:22:56 ----AD---- C:\Navilog1

2010-04-01 15:27:17 ----D---- C:\Program Files\Panda Security

2010-04-01 15:25:41 ----D---- C:\WINDOWS\system32\Kaspersky Lab

2010-04-01 15:06:15 ----D---- C:\Documents and Settings\All Users\Application Data\Sun

2010-04-01 15:06:12 ----D---- C:\Program Files\Fichiers communs\Java

2010-04-01 15:05:32 ----A---- C:\WINDOWS\system32\javaws.exe

2010-04-01 15:05:32 ----A---- C:\WINDOWS\system32\javaw.exe

2010-04-01 15:05:32 ----A---- C:\WINDOWS\system32\java.exe

2010-04-01 15:05:05 ----D---- C:\Program Files\Java

2010-04-01 15:02:08 ----A---- C:\WINDOWS\system32\RENC3.tmp

2010-04-01 15:02:08 ----A---- C:\WINDOWS\system32\RENC2.tmp

2010-03-30 15:36:50 ----D---- C:\Program Files\trend micro

2010-03-30 15:36:45 ----D---- C:\rsit

2010-03-30 14:31:05 ----A---- C:\mbam-error.txt

2010-03-26 21:54:21 ----D---- C:\Program Files\Landwirtschafts-Simulator 2009 Demo

2010-03-16 21:23:01 ----A---- C:\WINDOWS\system32\ztvunrar36.dll

2010-03-16 21:23:01 ----A---- C:\WINDOWS\system32\ztvunace26.dll

2010-03-16 21:23:01 ----A---- C:\WINDOWS\system32\ztvcabinet.dll

2010-03-16 21:21:54 ----D---- C:\Documents and Settings\didi\Application Data\OfferBox

2010-03-16 21:17:36 ----D---- C:\Program Files\Dofus

2010-03-11 20:09:14 ----D---- C:\Documents and Settings\All Users\Application Data\Downloaded Installations

2010-03-10 15:28:01 ----D---- C:\Documents and Settings\All Users\Application Data\Toolbar4

2010-03-10 15:27:52 ----D---- C:\Program Files\ChercherMP3

2010-03-10 11:54:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$

======List of files/folders modified in the last 1 months======

2010-04-09 20:02:48 ----D---- C:\WINDOWS\Prefetch

2010-04-09 15:18:04 ----D---- C:\WINDOWS\TEMP

2010-04-09 15:17:12 ----D---- C:\WINDOWS\system32\CatRoot2

2010-04-09 15:17:04 ----D---- C:\Documents and Settings\didi\Application Data\LimeWire

2010-04-09 15:16:51 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt

2010-04-09 15:16:51 ----A---- C:\WINDOWS\ModemLog_Modem standard.txt

2010-04-09 05:20:22 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-04-09 04:42:29 ----SHD---- C:\WINDOWS\Installer

2010-04-09 04:42:29 ----SD---- C:\WINDOWS\Tasks

2010-04-09 04:42:29 ----RD---- C:\Program Files

2010-04-08 21:36:51 ----HD---- C:\Config.Msi

2010-04-08 21:35:32 ----AD---- C:\WINDOWS\system32

2010-04-08 21:10:18 ----D---- C:\Program Files\Mozilla Firefox

2010-04-08 20:54:51 ----D---- C:\WINDOWS

2010-04-03 15:49:28 ----D---- C:\WINDOWS\system32\drivers

2010-04-03 15:49:25 ----SD---- C:\WINDOWS\Downloaded Program Files

2010-04-03 12:12:29 ----D---- C:\Program Files\CCleaner

2010-04-01 20:03:21 ----D---- C:\Program Files\Internet Explorer

2010-04-01 19:02:53 ----HD---- C:\WINDOWS\inf

2010-04-01 19:02:44 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-04-01 19:02:23 ----D---- C:\WINDOWS\ie8updates

2010-04-01 19:01:04 ----HD---- C:\WINDOWS\$hf_mig$

2010-04-01 15:51:13 ----D---- C:\WINDOWS\BDOSCAN8

2010-04-01 15:06:12 ----D---- C:\Program Files\Fichiers communs

2010-04-01 15:05:09 ----A---- C:\WINDOWS\system32\deploytk.dll

2010-03-31 07:33:30 ----D---- C:\tmp

2010-03-30 04:24:06 ----D---- C:\WINDOWS\ServicePackFiles

2010-03-29 23:58:51 ----D---- C:\WINDOWS\Logs

2010-03-29 20:07:53 ----D---- C:\WINDOWS\Minidump

2010-03-29 20:07:53 ----D---- C:\WINDOWS\Debug

2010-03-28 11:13:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2010-03-26 15:52:35 ----D---- C:\WINDOWS\system32\FxsTmp

2010-03-21 21:03:31 ----D---- C:\Documents and Settings

2010-03-21 18:58:14 ----D---- C:\Documents and Settings\didi\Application Data\dvdcss

2010-03-20 14:23:24 ----D---- C:\Program Files\LimeWire

2010-03-14 22:13:09 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!

2010-03-14 18:30:07 ----D---- C:\Program Files\Messenger Plus! Live

2010-03-14 13:14:45 ----AH---- C:\a.txt

2010-03-11 19:47:45 ----HD---- C:\Program Files\InstallShield Installation Information

2010-03-10 11:55:01 ----D---- C:\Program Files\Movie Maker

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]

R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-11-26 5632]

R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [2008-06-20 225856]

R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]

R2 irda;Protocole IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]

R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]

R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2006-06-26 23472]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]

R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]

R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-02 2627328]

R3 nvax;Service for NVIDIA® nForce Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2004-03-03 40832]

R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2003-08-15 72771]

R3 nvnforce;Service for NVIDIA® nForce Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2004-03-03 320640]

R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]

R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-30 5888]

R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]

R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]

R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]

R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]

R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys [2003-01-10 33588]

S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

S3 catchme;catchme; \??\C:\DOCUME~1\didi\LOCALS~1\Temp\catchme.sys []

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []

S3 FINEPIX_PCC;FinePix Digital Camera 030305; C:\WINDOWS\System32\Drivers\V4CB0125.SYS [2002-05-07 81700]

S3 Gisdnpci;Pilote Gazel PnP; C:\WINDOWS\system32\DRIVERS\gisdnpnp.sys []

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2004-06-21 51088]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2004-06-21 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2004-06-21 21744]

S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-02-06 1691808]

S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-02-06 1964064]

S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-02-03 41504]

S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\System32\DRIVERS\NMnt.sys [2008-04-13 40320]

S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]

S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]

S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []

S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []

S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2007-02-03 14240]

S3 PID_08A0;Logitech QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2006-06-23 720176]

S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-02-03 938272]

S3 RecAgent;recagent; \??\C:\WINDOWS\system32\DRIVERS\RecAgent.sys []

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]

S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]

S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]

S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]

S3 STIrUsb;STIrUsb.sys SigmaTel USB-IrDA Adapter; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2003-12-12 31048]

S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]

R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]

R2 Irmon;Moniteur infrarouge; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-01 153376]

R2 LVPrcSrv;Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2006-06-26 99888]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-08-02 114755]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]

R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]

R2 TomTomHOMEService;TomTomHOMEService; C:\Documents and Settings\didi\Mes documents\TomTom\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]

S2 gupdate1c9afa81e35714;Service Google Update (gupdate1c9afa81e35714); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-28 133104]

S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-05 182768]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-12-17 243056]

S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2004-03-18 65536]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Je rajouterais que le comportement du PC n'a rien de bizarre, en dehors d'un boot trèèèèèèèèèèès long quand même (tiens, je reboote pour voir si c'est pareil que ce matin).

Modifié le 9 avril 2010 par Sparfell

Sparfell · le 9 avril 2010

Mouais, bon, plus d' 1 min 30 à vue de nez pour booter, c'est long mais finalement pas franchement alarmant.

Alors, Docteur, et maintenant, où en sommes nous ?

Sparfell · le 9 avril 2010

Oups , j'ai oublié de préciser pour le rapport rkill de ce matin, la première, fois j'ai oublié de désactiver Antivir Guard comme préconisé. J'ai donc rebooté et recommencé, mais de toute façon le rapport racontait la même chose.

Connexion

Pas encore inscrit ?

Besoin d'aide pour désinfection

Messages recommandés

Sparfell

Apollo

Sparfell

Sparfell

Sparfell

O'Neil

Apollo

Sparfell

Sparfell

Sparfell

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer