> Tous les forumsSécurité

 virus: fichier devenus raccourcis???
Statut du sujet : NON RESOLU Imprimer
 silasol
  Posté le 12/09/2010 @ 13:17  
 Petite astucienne

85 Messages

salut tt le monde

a cause d'un virus mes fichiers dans mes disques amovibles sont devenus des raccourcis et je ne peux plus y acceder

alors que la taille des disque est toujours la meme n'a pas changée et quand je fais analyse antivirus avec avast et avira ils m'affichent les contenus des fichiers veut dire ils sont cachés sous ses raccourcis qui donnent l'impression à des fichjier raccourcis vide d'une taille de 1ko, alors que les disque affichent leurs taille relle?

que dois je faire pour regler ce probleme de virus et quel antivirus vous me conseillez SVP

aussi quand j'essaye d'ouvrir mes disque un message me dit que windows ne trouve pas VUAXUH.EXE ???? je pense que c'est l autorun.exe qui est attacké par ce virus???

J'attend de l'aide

merci bcp

salam

 
 Aller en bas de la page  
 
Publicité
 Anonyme  Posté le 12/09/2010 à 14:04  
  Maître astucien

11806 Messages

Bonjour,

*Télécharge RSIT (merci random/random) sur le Bureau : Ici
Double-clique sur RSIT.exe, il ne nécessite pas d' installation.
Clique Continue à l' écran Disclaimer si tu acceptes les conditions.
-Si HijackThis est non détecté sur ton Pc, il le téléchargera (autorise l' accès dans ton pare-feu si demandé et accepte la licence).
Lorsque l' analyse sera terminée, deux fichiers texte s' ouvriront.
Poste le contenu de log.txt (celui qui s' ouvre) ainsi que info.txt qui est dans la Barre des Tâches
Tuto : http://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm

NB : Ces rapports sont enregistrés dans le dossier C:\rsit

A+

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 silasol  Posté le 13/09/2010 à 16:43  
Petite astucienne

85 Messages

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrateur at 2010-09-13 15:06:53
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 1 GB (4%) free of 38 GB
Total RAM: 1150 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:07:18, on 13/09/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1005MC.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\hporclnr.exe
C:\program files\folder lockit\fl.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\MAGIC830\SPNSRV9X.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Gigabyte\Gigabyte Super Wireless LAN Card\Installer\Winxp\GNConfig.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Makayama Interactive\Easy WiFi Radar\Easy WIFI Radar.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Administrateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - (no file)
R3 - URLSearchHook: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - (no file)
R3 - URLSearchHook: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
R3 - URLSearchHook: BTjunkie Toolbar - {1a71246c-3eb0-4d6c-af77-3ab756017c3a} - C:\Program Files\BTjunkie\tbBTju.dll
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BTjunkie Toolbar - {1a71246c-3eb0-4d6c-af77-3ab756017c3a} - C:\Program Files\BTjunkie\tbBTju.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - (no file)
O2 - BHO: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {55c1486a-9ecc-4729-88d4-55dd6aa5bc24} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {69D72956-317C-44bd-B369-8E44D4EF9801} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon Plug In - {A057A204-BACC-4D26-9E83-2DB586E27190} - (no file)
O2 - BHO: (no name) - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - (no file)
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll (file missing)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - (no file)
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll (file missing)
O3 - Toolbar: Babylon Plug In - {A057A204-BACC-4D26-9E83-2DB586E27190} - (no file)
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: BTjunkie Toolbar - {1a71246c-3eb0-4d6c-af77-3ab756017c3a} - C:\Program Files\BTjunkie\tbBTju.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HP OrderReminder Cleaner] C:\WINDOWS\hporclnr.exe
O4 - HKLM\..\Run: [_flbinaryfile_] c:\program files\folder lockit\fl.exe
O4 - HKLM\..\Run: [nohosst] C:\WINDOWS\nohost.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [spnsrv9x] C:\MAGIC830\SPNSRV9X.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [GNConfig] "C:\Program Files\Gigabyte\Gigabyte Super Wireless LAN Card\Installer\Winxp\GNConfig.exe" -nogui
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real Alternative\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [vuaxuh] C:\Documents and Settings\Administrateur\vuaxuh.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\Policies\Explorer\Run: [DELL] .vbe
O4 - HKLM\..\Policies\Explorer\Run: [] 
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Search - ?p=ZKxdm022YYDZ
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - Software - (no file)
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_13.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.50 85.255.112.221
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0FO\kloehk.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 18216 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Programme d'arrêt du système de l'onduleur.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2010-01-20 181680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
Ask Search Assistant BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1a71246c-3eb0-4d6c-af77-3ab756017c3a}]
BTjunkie Toolbar - C:\Program Files\BTjunkie\tbBTju.dll [2009-11-03 2331672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
MyPlayCity Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
Softonic_France Toolbar - C:\Program Files\Softonic_France\tbSof1.dll [2010-07-06 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55c1486a-9ecc-4729-88d4-55dd6aa5bc24}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69D72956-317C-44bd-B369-8E44D4EF9801}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9E83-2DB586E27190}]
Babylon Plug In

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-21 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-06-01 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
myBabylon English Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]
{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} -
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll []
{A057A204-BACC-4D26-9E83-2DB586E27190} -
{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} -
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{1a71246c-3eb0-4d6c-af77-3ab756017c3a} - BTjunkie Toolbar - C:\Program Files\BTjunkie\tbBTju.dll [2009-11-03 2331672]
{4daac69c-cba7-45e2-9bc8-1044483d3352} - Softonic_France Toolbar - C:\Program Files\Softonic_France\tbSof1.dll [2010-07-06 2515552]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-21 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP OrderReminder Cleaner"=C:\WINDOWS\hporclnr.exe [2006-08-11 104960]
"_flbinaryfile_"=c:\program files\folder lockit\fl.exe [2002-09-13 385024]
"nohosst"=C:\WINDOWS\nohost.exe []
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-03-31 413696]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2010-07-14 190024]
"CleanUp"= []
"spnsrv9x"=C:\MAGIC830\S [2005-10-12 14336]
"SoundMan"=SOUNDMAN.EXE []
"OrderReminder"=C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [2005-12-22 98304]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
"GNConfig"=C:\Program Files\Gigabyte\Gigabyte Super Wireless LAN Card\Installer\Winxp\GNConfig.exe [2006-03-08 380928]
"AdaptecDirectCD"=C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe [2002-12-17 684032]
"TkBellExe"=C:\Program Files\Real Alternative\Update_OB\realsched.exe [2009-09-30 180269]
"EoEngine"= []
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2010-03-12 311680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"DELL"=.vbe []
""=1 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-02-11 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"vuaxuh"=C:\Documents and Settings\Administrateur\vuaxuh.exe []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APVXDWIN]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LClock]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedOptimizer]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Distillr\acrotray.exe [2003-05-15 217193]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TPSrv"=2
"PSIMSVC"=2
"PSHost"=2
"PAVSRV"=2
"PAVFNSVR"=2
"Panda Software Controller"=2

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0FO\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]
avldr.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2010-03-12 219736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=lsass.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=0
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NofolderOptions"=0
"NoFind"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=0
"NoFolderOptions"=0
"NoDriveTypeAutoRun_KL_saved"=149

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe"="C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe:*:Enabled:MessengerDiscovery 2.exe"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE"="C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE:*:Enabled:SMLMProxy Module - HP1005MC.EXE"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\MAGIC830\spnsrv9x.exe"="C:\MAGIC830\spnsrv9x.exe:*:Disabled:spnsrv9x"
"C:\Program Files\Wysigot\Wysigot.exe"="C:\Program Files\Wysigot\Wysigot.exe:*:Enabled:Wysigot Web Browser"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\Program Files\Le Robert\Le Petit Robert 2009\RobertHA.exe"="C:\Program Files\Le Robert\Le Petit Robert 2009\RobertHA.exe:*:Enabled:Le Petit Robert Hyperappel"
"C:\Program Files\Le Robert\Le Petit Robert 2009\prnet.exe"="C:\Program Files\Le Robert\Le Petit Robert 2009\prnet.exe:*:Enabled:Le Petit Robert 2008"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2010-09-13 15:06:53 ----D---- C:\rsit
2010-09-13 12:42:06 ----D---- C:\Program Files\Kaspersky Lab
2010-09-13 12:41:37 ----A---- C:\WINDOWS\system32\drivers\klif.sys
2010-09-13 12:39:13 ----D---- C:\KAV
2010-09-13 12:37:06 ----D---- C:\Documents and Settings\Administrateur\Application Data\Kasper-Key_Sharing_Networ
2010-09-13 09:50:22 ----D---- C:\Program Files\Trend Micro
2010-09-13 09:46:59 ----D---- C:\Program Files\Emsisoft Anti-Malware
2010-09-12 15:14:01 ----A---- C:\WINDOWS\Bcowob.exe
2010-09-12 15:13:52 ----A---- C:\WINDOWS\Bcowoa.exe
2010-09-12 14:21:56 ----D---- C:\Program Files\Alwil Software
2010-09-12 12:42:44 ----D---- C:\Program Files\VS Revo Group
2010-09-09 11:46:57 ----D---- C:\WINDOWS\BDOSCAN8
2010-09-09 10:38:04 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-09 10:38:02 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-07 13:38:57 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2010-08-25 15:40:03 ----A---- C:\WINDOWS\system32\idmmbc.dll

======List of files/folders modified in the last 1 months======

2010-09-13 15:06:56 ----D---- C:\WINDOWS\Temp
2010-09-13 15:06:24 ----SHD---- C:\WINDOWS\Installer
2010-09-13 15:06:24 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2010-09-13 15:06:21 ----HD---- C:\Config.Msi
2010-09-13 14:56:21 ----D---- C:\WINDOWS\system32\drivers
2010-09-13 14:55:31 ----D---- C:\Documents and Settings\Administrateur\Application Data\IDM
2010-09-13 14:55:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\DMCache
2010-09-13 14:18:19 ----SD---- C:\Mes documents
2010-09-13 13:42:19 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2010-09-13 13:41:41 ----D---- C:\WINDOWS
2010-09-13 13:39:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-13 13:08:50 ----D---- C:\MAGIC830
2010-09-13 12:43:13 ----HD---- C:\WINDOWS\inf
2010-09-13 12:43:05 ----D---- C:\WINDOWS\system32
2010-09-13 12:42:07 ----SHD---- C:\System Volume Information
2010-09-13 12:42:06 ----SD---- C:\Program Files
2010-09-13 12:33:44 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-13 12:13:33 ----D---- C:\WINDOWS\Prefetch
2010-09-13 12:11:10 ----D---- C:\WINDOWS\RegisteredPackages
2010-09-13 10:55:11 ----D---- C:\Program Files\Google
2010-09-13 10:23:07 ----D---- C:\DAS2005
2010-09-13 09:05:43 ----SD---- C:\WINDOWS\Tasks
2010-09-13 07:54:37 ----D---- C:\Program Files\Barre_Algerie_Chat
2010-09-13 07:54:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2010-09-13 07:54:21 ----D---- C:\WINDOWS\Corel
2010-09-12 15:20:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-12 14:22:56 ----D---- C:\WINDOWS\WinSxS
2010-09-12 14:21:56 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-09-12 13:56:26 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-09-12 13:09:10 ----A---- C:\WINDOWS\wininit.ini
2010-09-12 12:55:31 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8
2010-09-12 10:08:32 ----D---- C:\WINDOWS\system32\IDMs
2010-09-12 08:50:30 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-12 08:48:28 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-09-09 11:47:08 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-09-09 11:23:04 ----D---- C:\WINDOWS\system32\NtmsData
2010-09-09 11:01:21 ----D---- C:\WINDOWS\Debug
2010-09-09 10:38:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-09 09:57:40 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-09-09 09:41:49 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe
2010-09-07 14:45:10 ----D---- C:\Program Files\Internet Download Manager
2010-09-07 13:15:36 ----D---- C:\WINDOWS\Registration
2010-09-06 13:19:16 ----D---- C:\Program Files\CleanUp
2010-09-06 13:18:36 ----D---- C:\WINDOWS\Help
2010-09-06 13:18:36 ----D---- C:\WINDOWS\Adobe Illustrator CS
2010-09-06 13:18:36 ----D---- C:\Program Files\Internet Explorer
2010-09-05 14:03:39 ----D---- C:\Documents and Settings\All Users\Application Data\AutoHideIP
2010-08-25 12:39:46 ----D---- C:\Documents and Settings\Administrateur\Application Data\MessengerDiscovery 2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-11-10 691696]
R1 a2injectiondriver;a2injectiondriver; \??\C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys []
R1 a2util;a-squared Malware-IDS utility driver; \??\C:\Program Files\Emsisoft Anti-Malware\a2util32.sys []
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-08-16 2432]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-08-16 2560]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2002-12-17 241152]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320]
R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-09-13 226320]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2007-04-16 143834]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2007-04-16 206464]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.1.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-11-09 19915]
R2 dmsmbios;dmsmbios; \??\C:\WINDOWS\system32\dmsmbios.sys []
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-05-14 76288]
R3 a2acc;a2acc; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AR5211;Gigabyte Super Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-11-04 487552]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2009-09-03 24848]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272]
R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2007-04-16 30630]
R3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys [2005-08-03 32512]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-07 5888]
R3 SMBios;Intel (R) System Managment BIOS Service; C:\WINDOWS\system32\DRIVERS\SMBios.sys [2003-06-17 35012]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-06 580992]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
S3 alp9z2qc;alp9z2qc; C:\WINDOWS\system32\drivers\alp9z2qc.sys []
S3 aun1mmwo;aun1mmwo; C:\WINDOWS\system32\drivers\aun1mmwo.sys []
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2007-04-16 25898]
S3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-11-16 165496]
S3 FXDrv32;FXDrv32; \??\E:\FXDrv32.sys []
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2002-09-07 9600]
S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-03 161020]
S3 Messidelvhe;Messidelvhe; C:\WINDOWS\system32\drivers\Messidelvhe.sys []
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-09-05 12212864]
S3 SNTNLUSB;Rainbow USB SuperPro; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2004-05-07 26120]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-01-15 30464]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mc2434.tmp []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-07 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2010-07-28 1935656]
R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2005-10-18 376917]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]
R2 AVP;Kaspersky Anti-Virus 6.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2010-03-12 311680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2002-07-17 94208]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-11 135664]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-04-28 68096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-11 182768]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE []
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-08-23 261120]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-08-16 98672]

-----------------EOF-----------------

et aussi ça:

info.txt logfile of random's system information tool 1.08 2010-09-13 15:07:26

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Real Alternative\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
Emsisoft Anti-Malware 5.0-->"C:\Program Files\Emsisoft Anti-Malware\unins000.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_223E2B8E7BAD9544.exe" /uninstall
idman5.19 5.19-->C:\Program Files\idman\idman5.19\Uninstall.exe
Internet Download Manager 5.19-->C:\Program Files\IDM\Internet Download Manager\Uninstall.exe
Internet Download Manager-->C:\Program Files\IDM\Internet Download Manager\Uninstall.exe
Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}
Kaspersky Anti-Virus 6.0 for Windows Workstations-->MsiExec.exe /I{8F023021-A7EB-45D3-9269-D65264C81729}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
MessengerDiscovery 2.5.95-->"C:\Program Files\MessengerDiscovery 2\unins000.exe"
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-0409-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Revo Uninstaller 1.89-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
Windows Live Call-->MsiExec.exe /I{E6158D07-2637-4ECF-B576-37C489669174}
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}
Windows Live Family Safety-->MsiExec.exe /X{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}
Windows Live Mail-->MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87}
Windows Live Messenger-->MsiExec.exe /X{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}
Windows Live Photo Gallery-->MsiExec.exe /X{EE39FFBD-544E-49E4-A999-6819828EAE91}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Sync-->MsiExec.exe /X{B10914FD-8812-47A4-85A1-50FCDE7F1F33}
Windows Live Toolbar-->MsiExec.exe /X{1BD07DF4-FB06-41BA-B896-B2DA59000C96}
Windows Live Writer-->MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985}

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Panda Antivirus + Firewall 2007
AV: Kaspersky Anti-Virus
AV: Emsisoft Anti-Malware (disabled)
FW: Panda Antivirus 2007 Personal Firewall
FW: Kaspersky Anti-Virus

======System event log======

Computer Name: DELL
Event Code: 1003
Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 001A4D22CC44. Il s'est
produit l'erreur suivante :
Le délai de temporisation de sémaphore a expiré.
.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).

Record Number: 12491
Source Name: Dhcp
Time Written: 20100816123335.000000+060
Event Type: warning
User:

Computer Name: DELL
Event Code: 7024
Message: Le service Distributed Transaction Coordinator s'est arrêté avec l'erreur service particulière 3221229584 (0xC0001010).

Record Number: 12485
Source Name: Service Control Manager
Time Written: 20100816122729.000000+060
Event Type: error
User:

Computer Name: DELL
Event Code: 18
Message:
Record Number: 12476
Source Name: avgntflt
Time Written: 20100816121506.000000+060
Event Type: warning
User:

Computer Name: DELL
Event Code: 1003
Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 001A4D22CC44. Il s'est
produit l'erreur suivante :
Le délai de temporisation de sémaphore a expiré.
.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).

Record Number: 12473
Source Name: Dhcp
Time Written: 20100816120621.000000+060
Event Type: warning
User:

Computer Name: DELL
Event Code: 1003
Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 001A4D22CC44. Il s'est
produit l'erreur suivante :
L'opération a été annulée par l'utilisateur.
.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).

Record Number: 12471
Source Name: Dhcp
Time Written: 20100816120541.000000+060
Event Type: warning
User:

=====Application event log=====

Computer Name: DELL
Event Code: 1041
Message: Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}.

Record Number: 10
Source Name: Userenv
Time Written: 20100811103952.000000+060
Event Type: error
User: AUTORITE NT\SYSTEM

Computer Name: DELL
Event Code: 1041
Message: Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre pour {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}.

Record Number: 9
Source Name: Userenv
Time Written: 20100811103950.000000+060
Event Type: error
User: AUTORITE NT\SYSTEM

Computer Name: DELL
Event Code: 1041
Message: Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}.

Record Number: 8
Source Name: Userenv
Time Written: 20100811103950.000000+060
Event Type: error
User: AUTORITE NT\SYSTEM

Computer Name: DELL
Event Code: 1041
Message: Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre pour {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}.

Record Number: 2
Source Name: Userenv
Time Written: 20100811103009.000000+060
Event Type: error
User: AUTORITE NT\SYSTEM

Computer Name: DELL
Event Code: 1041
Message: Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}.

Record Number: 1
Source Name: Userenv
Time Written: 20100811103009.000000+060
Event Type: error
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0304
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"Path"=%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\DivX Shared\

-----------------EOF-----------------

MERCI A VOUS

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 Anonyme  Posté le 13/09/2010 à 20:55  
  Maître astucien

11806 Messages

Bonjour,

ton Pc est surinfecté...

1) Télécharge :
Malwarebytes' Anti-Malware : Ici

2) Lance-le :
Tuto : http://forum.pcastuces.com/malwarebytes_anti_malware____scan_rapide-f31s27.htm

3) Poste le rapport.

A+

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 silasol  Posté le 14/09/2010 à 16:07  
Petite astucienne

85 Messages

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4613

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

14/09/2010 14:56:30
mbam-log-2010-09-14 (14-56-30).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 137514
Temps écoulé: 11 minute(s), 6 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 Anonyme  Posté le 14/09/2010 à 20:43  
  Maître astucien

11806 Messages

Bonjour,

le rapport MBAM indique Aucune action entreprise
Refais la manip' avec et supprime tout ce qu' il trouve...


A+

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 
Publicité
 silasol  Posté le 15/09/2010 à 10:36  
Petite astucienne

85 Messages

bonjour, merci à vous

voila le rapport avant suppression des virus

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4613

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

15/09/2010 09:31:38
mbam-log-2010-09-15 (09-31-38).txt

Type d'examen: Examen complet (C:\|G:\|)
Elément(s) analysé(s): 229586
Temps écoulé: 1 heure(s), 16 minute(s), 21 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 35

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{75E2319A-5AEE-4995-BC59-7D4513312B5C}\RP481\A0964916.exe (Adware.ADON) -> No action taken.
C:\System Volume Information\_restore{75E2319A-5AEE-4995-BC59-7D4513312B5C}\RP481\A0964917.exe (Rogue.Eorezo) -> No action taken.
C:\System Volume Information\_restore{75E2319A-5AEE-4995-BC59-7D4513312B5C}\RP481\A0964918.dll (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MSN Messenger\sexglasses.exe (Backdoor.Bifrose) -> No action taken.
C:\Program Files\Skype\hh.exe (Backdoor.Bifrose) -> No action taken.
C:\download\Prototype(TM)+v1.0.0.1+++12+Plus+Trainer.exe (Trojan.Dropper) -> No action taken.
C:\Downloads\secheot.exe (Backdoor.Hupigon) -> No action taken.
C:\Mes documents\downloads\csrss.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\csrss.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\ctfmon.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\ctfmon.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\dllhost.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\dllhost.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\Explorer.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\Explorer.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\lsass.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\lsass.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\msiexec.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\msiexec.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\rundll32.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\rundll32.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\Services.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\Services.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\smss.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\smss.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\svchost*.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\svchost*.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\svchost.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\svchost.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\Userinit.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\Userinit.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Mes documents\downloads\Winlogon.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Downloads\Winlogon.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.

et apres la suppression de la selection:

voici le rapport qui s'affiche:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4613

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

15/09/2010 09:35:18
mbam-log-2010-09-15 (09-35-18).txt

Type d'examen: Examen complet (C:\|G:\|)
Elément(s) analysé(s): 229586
Temps écoulé: 1 heure(s), 16 minute(s), 21 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 35

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{75E2319A-5AEE-4995-BC59-7D4513312B5C}\RP481\A0964916.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{75E2319A-5AEE-4995-BC59-7D4513312B5C}\RP481\A0964917.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{75E2319A-5AEE-4995-BC59-7D4513312B5C}\RP481\A0964918.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MSN Messenger\sexglasses.exe (Backdoor.Bifrose) -> Delete on reboot.
C:\Program Files\Skype\hh.exe (Backdoor.Bifrose) -> Delete on reboot.
C:\download\Prototype(TM)+v1.0.0.1+++12+Plus+Trainer.exe (Trojan.Dropper) -> Delete on reboot.
C:\Downloads\secheot.exe (Backdoor.Hupigon) -> Delete on reboot.
C:\Mes documents\downloads\csrss.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\csrss.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\ctfmon.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\ctfmon.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\dllhost.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\dllhost.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\Explorer.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\Explorer.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\lsass.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\lsass.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\msiexec.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\msiexec.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\rundll32.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\rundll32.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\Services.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\Services.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\smss.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\smss.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\svchost*.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\svchost*.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\svchost.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\svchost.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\Userinit.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\Userinit.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\Winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\Winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4613

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

15/09/2010 09:35:18
mbam-log-2010-09-15 (09-35-18).txt

Type d'examen: Examen complet (C:\|G:\|)
Elément(s) analysé(s): 229586
Temps écoulé: 1 heure(s), 16 minute(s), 21 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 35

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{75E2319A-5AEE-4995-BC59-7D4513312B5C}\RP481\A0964916.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{75E2319A-5AEE-4995-BC59-7D4513312B5C}\RP481\A0964917.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{75E2319A-5AEE-4995-BC59-7D4513312B5C}\RP481\A0964918.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MSN Messenger\sexglasses.exe (Backdoor.Bifrose) -> Delete on reboot.
C:\Program Files\Skype\hh.exe (Backdoor.Bifrose) -> Delete on reboot.
C:\download\Prototype(TM)+v1.0.0.1+++12+Plus+Trainer.exe (Trojan.Dropper) -> Delete on reboot.
C:\Downloads\secheot.exe (Backdoor.Hupigon) -> Delete on reboot.
C:\Mes documents\downloads\csrss.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\csrss.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\ctfmon.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\ctfmon.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\dllhost.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\dllhost.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\Explorer.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\Explorer.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\lsass.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\lsass.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\msiexec.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\msiexec.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\rundll32.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\rundll32.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\Services.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\Services.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\smss.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\smss.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\svchost*.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\svchost*.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\svchost.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\svchost.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\Userinit.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\Userinit.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Mes documents\downloads\Winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
C:\Downloads\Winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 Anonyme  Posté le 15/09/2010 à 11:23  
  Maître astucien

11806 Messages

Bonjour,

fais la manip' d' Ad-Remover (merci C_XX) et poste le rapport : Ici

A+

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 silasol  Posté le 15/09/2010 à 12:18  
Petite astucienne

85 Messages
ok d'accord merci
 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 silasol  Posté le 15/09/2010 à 12:55  
Petite astucienne

85 Messages

======= RAPPORT D'AD-REMOVER 2.0.0.1,E | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 06/09/10 à 15:20
Contact: AdRemover.contact[AT]gmail.com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 11:47:07 le 15/09/2010, Mode normal

Microsoft Windows XP Professionnel Service Pack 2 (X86)
Administrateur@DELL ( )

============== RECHERCHE ==============


0,Dossier trouvé: C:\Documents and Settings\Administrateur\Application Data\AD ON Multimedia
0,Dossier trouvé: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Conduit
0,Dossier trouvé: C:\Program Files\Conduit
0,Dossier trouvé: C:\Documents and Settings\Administrateur\Application Data\EoRezo

1,Clé trouvée: HKLM\Software\Classes\CLSID\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}
1,Clé trouvée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
1,Clé trouvée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
0,Clé trouvée: HKLM\Software\Classes\BandooCore.BandooCore
0,Clé trouvée: HKLM\Software\Classes\BandooCore.BandooCore.1
0,Clé trouvée: HKLM\Software\Classes\BandooCore.ResourcesMngr
0,Clé trouvée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
0,Clé trouvée: HKLM\Software\Classes\BandooCore.SettingsMngr
0,Clé trouvée: HKLM\Software\Classes\BandooCore.SettingsMngr.1
0,Clé trouvée: HKLM\Software\Classes\BandooCore.StatisticMngr
0,Clé trouvée: HKLM\Software\Classes\BandooCore.StatisticMngr.1
0,Clé trouvée: HKLM\Software\Classes\EoRezoBHO.EoBHO
0,Clé trouvée: HKLM\Software\Classes\EoRezoBHO.EoBHO.1
0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT1460988
0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT1529850
0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT2095689
0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT2542115
0,Clé trouvée: HKLM\Software\Classes\AppID\BandooCore.EXE
1,Clé trouvée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
0,Clé trouvée: HKLM\Software\Classes\AppID\EoRezoBHO.DLL
1,Clé trouvée: HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
0,Clé trouvée: HKLM\Software\Conduit
0,Clé trouvée: HKLM\Software\PopCap
0,Clé trouvée: HKCU\Software\Conduit
0,Clé trouvée: HKCU\Software\EoRezo
3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
0,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall

0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine
0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{0579B4B6-0293-4D73-B02D-5EBB0BA0F0A2}
0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

** Internet Explorer Version [6.0.2900.2180] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Show_ToolBar: yes
Start Page: about:blank
Use Custom Search URL: 1
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.yahoo.com

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: hxxp://y.lo.st
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 15/09/2010 (4330 Octet(s))

Fin à: 11:52:56, 15/09/2010

============== E.O.F ==============

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 silasol  Posté le 15/09/2010 à 13:29  
Petite astucienne

85 Messages

voici le deuxieme rapport:

j'attend de l'aide SVP

======= RAPPORT D'AD-REMOVER 2.0.0.1,E | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 06/09/10 à 15:20
Contact: AdRemover.contact[AT]gmail.com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 11:57:22 le 15/09/2010, Mode normal

Microsoft Windows XP Professionnel Service Pack 2 (X86)
Administrateur@DELL ( )

============== ACTION(S) ==============


0,Dossier supprimé: C:\Documents and Settings\Administrateur\Application Data\AD ON Multimedia
0,Dossier supprimé: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Conduit
0,Dossier supprimé: C:\Program Files\Conduit
0,Dossier supprimé: C:\Documents and Settings\Administrateur\Application Data\EoRezo

(!) -- Fichiers temporaires supprimés.


1,Clé supprimée: HKLM\Software\Classes\CLSID\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}
1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}
1,Clé supprimée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
1,Clé supprimée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
0,Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore
0,Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore.1
0,Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr
0,Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
0,Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr
0,Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr.1
0,Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr
0,Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr.1
0,Clé supprimée: HKLM\Software\Classes\EoRezoBHO.EoBHO
0,Clé supprimée: HKLM\Software\Classes\EoRezoBHO.EoBHO.1
0,Clé supprimée: HKLM\Software\Classes\Toolbar.CT1460988
0,Clé supprimée: HKLM\Software\Classes\Toolbar.CT1529850
0,Clé supprimée: HKLM\Software\Classes\Toolbar.CT2095689
0,Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
0,Clé supprimée: HKLM\Software\Classes\AppID\BandooCore.EXE
1,Clé supprimée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
0,Clé supprimée: HKLM\Software\Classes\AppID\EoRezoBHO.DLL
1,Clé supprimée: HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
0,Clé supprimée: HKLM\Software\Conduit
0,Clé supprimée: HKLM\Software\PopCap
0,Clé supprimée: HKCU\Software\Conduit
0,Clé supprimée: HKCU\Software\EoRezo
3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
0,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall

0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{0579B4B6-0293-4D73-B02D-5EBB0BA0F0A2}
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

** Internet Explorer Version [6.0.2900.2180] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 94 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 15/09/2010 (4573 Octet(s))
C:\Ad-Report-SCAN[1].txt - 15/09/2010 (4459 Octet(s))

Fin à: 12:03:03, 15/09/2010

============== E.O.F ==============

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 
Publicité
 Anonyme  Posté le 15/09/2010 à 20:26  
  Maître astucien

11806 Messages

Re,

fais la manip' de ComboFix (merci sUBs) et poste le rapport : Ici

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 silasol  Posté le 16/09/2010 à 13:03  
Petite astucienne

85 Messages

voici le rapport demandé:

ComboFix 10-09-15.01 - Administrateur 16/09/2010 11:08:52.1.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1256.20.1036.18.1150.760 [GMT 1:00]
Running from: c:\documents and settings\Administrateur\Bureau\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Panda Antivirus + Firewall 2007 *On-access scanning enabled* (Updated) {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}
FW: Kaspersky Anti-Virus *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Panda Antivirus 2007 Personal Firewall *enabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Menu Démarrer\Programmes\CleanUp
c:\documents and settings\All Users\Menu Démarrer\Programmes\CleanUp\CleanUp.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\CleanUp\FullDisk Help.lnk
c:\program files\CleanUp
c:\program files\CleanUp\Cleanup.cnt
c:\program files\CleanUp\Cleanup.exe
c:\program files\CleanUp\Cleanup.GID
c:\program files\CleanUp\Cleanup.hlp
c:\program files\CleanUp\License.txt
c:\program files\CleanUp\Readme.txt
c:\program files\CleanUp\Uninst.isu
c:\windows\a3kebook.ini
c:\windows\akebook.ini
c:\windows\ANS2000.INI
c:\windows\d4s.hst
c:\windows\system32\drivers\npf.sys
c:\windows\system32\logs
c:\windows\system32\Microsoft\backup.ftp
c:\windows\system32\Microsoft\backup.tftp
c:\windows\system32\Packet.dll
c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
c:\windows\system32\tmp.reg
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AFPANSI
-------\Legacy_NPF
-------\Legacy_SSHNAS
-------\Legacy_USNJSVC
-------\Service_AFPAnsi
-------\Service_NPF
-------\Service_usnjsvc


((((((((((((((((((((((((( Files Created from 2010-08-16 to 2010-09-16 )))))))))))))))))))))))))))))))
.

2010-09-15 10:47 . 2010-09-15 11:02 -------- d-----w- c:\program files\Ad-Remover
2010-09-14 11:00 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-14 11:00 . 2010-09-14 11:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-14 11:00 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-13 14:06 . 2010-09-13 14:07 -------- d-----w- C:\rsit
2010-09-13 11:43 . 2010-09-13 13:56 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-09-13 11:43 . 2010-09-13 13:56 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-09-13 11:42 . 2010-09-13 11:42 -------- d-----w- c:\program files\Kaspersky Lab
2010-09-13 11:39 . 2010-09-13 11:39 -------- d-----w- C:\KAV
2010-09-13 11:37 . 2010-09-13 11:37 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Kasper-Key_Sharing_Networ
2010-09-13 08:50 . 2010-09-13 14:07 -------- d-----w- c:\program files\Trend Micro
2010-09-13 08:46 . 2010-09-15 10:43 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2010-09-12 13:21 . 2010-09-12 13:21 -------- d-----w- c:\program files\Alwil Software
2010-09-12 11:42 . 2010-09-12 11:42 -------- d-----w- c:\program files\VS Revo Group
2010-09-09 10:46 . 2010-09-09 11:07 -------- d-----w- c:\windows\BDOSCAN8
2010-09-07 12:38 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-08-25 14:40 . 2009-09-09 09:43 210352 ----a-w- c:\windows\system32\idmmbc.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-16 10:22 . 2007-10-24 12:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2010-09-16 06:59 . 2008-12-03 12:57 -------- d-----w- c:\documents and settings\Administrateur\Application Data\IDM
2010-09-16 06:57 . 2010-02-03 07:24 28672 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\NP_IDM5.dll
2010-09-16 06:57 . 2010-02-03 07:24 28672 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\NP_IDM4.dll
2010-09-16 06:57 . 2010-02-03 07:24 28672 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\NP_IDM3.dll
2010-09-16 06:57 . 2010-02-03 07:24 28672 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\NP_IDM2.dll
2010-09-16 06:57 . 2010-02-03 07:24 28672 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\NP_IDM1.dll
2010-09-16 06:57 . 2008-12-03 12:57 -------- d-----w- c:\documents and settings\Administrateur\Application Data\DMCache
2010-09-13 14:51 . 2009-11-19 14:23 -------- d-----w- c:\program files\Folder LockIt
2010-09-13 13:56 . 2010-09-13 13:56 420440 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP60MP4\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\6.0.4.1424\mcouas.dll
2010-09-13 09:55 . 2007-08-04 12:07 -------- d-----w- c:\program files\Google
2010-09-13 06:54 . 2007-10-07 08:15 -------- d-----w- c:\program files\Barre_Algerie_Chat
2010-09-12 14:20 . 2009-06-16 11:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-12 13:21 . 2010-01-26 11:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-09-12 11:55 . 2008-10-07 14:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Avg8
2010-09-12 07:48 . 2010-02-10 08:39 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-09-07 13:45 . 2008-12-03 12:57 -------- d-----w- c:\program files\Internet Download Manager
2010-09-05 13:03 . 2010-03-08 12:13 -------- d-----w- c:\documents and settings\All Users\Application Data\AutoHideIP
2010-09-01 10:34 . 2010-03-10 08:17 198064 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2010-08-25 11:39 . 2009-12-01 12:03 -------- d-----w- c:\documents and settings\Administrateur\Application Data\MessengerDiscovery 2
2010-08-03 08:01 . 2009-01-24 14:22 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Software Informer
2010-07-14 12:47 . 2002-09-07 00:00 84502 ----a-w- c:\windows\system32\perfc00C.dat
2010-07-14 12:47 . 2002-09-07 00:00 508248 ----a-w- c:\windows\system32\perfh00C.dat
2010-07-14 12:44 . 2010-07-14 12:44 218544 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
2010-07-11 14:21 . 2010-06-24 07:07 2167292 ----a-w- c:\documents and settings\Administrateur\Application Data\MessengerDiscovery 2\0\Update.exe
2010-06-23 06:28 . 2010-06-23 06:28 501936 ----a-w- c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtbE.tmp.exe
2009-02-23 14:41 . 2009-02-23 14:41 15397 ----a-w- c:\program files\settings.dat
2004-03-10 12:55 . 2010-04-12 09:53 516273 ----a-w- c:\program files\Everest.chm
2004-02-24 22:28 . 2010-04-12 09:53 939 ----a-w- c:\program files\readme.txt
.

------- Sigcheck -------

[-] 2008-12-12 . C4CAE99E2AB643B25D0484D5E985960D . 3081216 . . [6.00.2900.3492] . . c:\windows\SoftwareDistribution\Download\53c8740cf7684886c65223ce8bd54482\SP2GDR\mshtml.dll
[-] 2008-12-12 . 19442577E63238262B8CA132E64FA5BE . 3088384 . . [6.00.2900.3492] . . c:\windows\SoftwareDistribution\Download\53c8740cf7684886c65223ce8bd54482\SP2QFE\mshtml.dll
[-] 2008-12-12 . 6F69E698F11B1214F05195873B73BED4 . 3088896 . . [6.00.2900.5726] . . c:\windows\SoftwareDistribution\Download\53c8740cf7684886c65223ce8bd54482\SP3QFE\mshtml.dll
[-] 2008-12-12 . A3C8A9D3F61F721FCA1A841164FB0CF2 . 3088896 . . [6.00.2900.5726] . . c:\windows\SoftwareDistribution\Download\53c8740cf7684886c65223ce8bd54482\SP3GDR\mshtml.dll
[-] 2008-10-16 . BB926972223761C93BB8D41881CE4DD7 . 3080704 . . [6.00.2900.3462] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP2GDR\mshtml.dll
[-] 2008-10-16 . 14BBFF7E52B9FF4645AB4EF9D4CE6182 . 3088384 . . [6.00.2900.3462] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP2QFE\mshtml.dll
[-] 2008-10-16 . 72299C6CD21801EAB5CBBC3F7B1DB195 . 3088896 . . [6.00.2900.5694] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP3QFE\mshtml.dll
[-] 2008-10-16 . CC8B4DA84F4621329ACA3F7A81584F83 . 3088896 . . [6.00.2900.5694] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP3GDR\mshtml.dll
[-] 2008-08-20 . 7CCBC169EFCB0284781139ADB7E26F51 . 3081216 . . [6.00.2900.3429] . . c:\windows\SoftwareDistribution\Download\2355f18161c4d9205abb66936b92cf18\sp2gdr\mshtml.dll
[-] 2008-08-20 . 7CCBC169EFCB0284781139ADB7E26F51 . 3081216 . . [6.00.2900.3429] . . c:\windows\system32\mshtml.dll
[-] 2008-08-20 . EB2B003122AA714FE93979CFA4EEAA55 . 3088384 . . [6.00.2900.3429] . . c:\windows\SoftwareDistribution\Download\2355f18161c4d9205abb66936b92cf18\sp2qfe\mshtml.dll
[-] 2008-08-20 . E1772442035064C97BA6B4D60BDA1BB9 . 3088896 . . [6.00.2900.5659] . . c:\windows\SoftwareDistribution\Download\2355f18161c4d9205abb66936b92cf18\sp3gdr\mshtml.dll
[-] 2008-08-20 . 4229C8960DE4DC5B6C326E2B65175E9F . 3088896 . . [6.00.2900.5659] . . c:\windows\SoftwareDistribution\Download\2355f18161c4d9205abb66936b92cf18\sp3qfe\mshtml.dll
[7] 2008-06-25 . 8758CE41A129C23B1A1BD7C9FEE2CCCB . 3088896 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll
[-] 2008-06-24 . 03F74B51CC156B0E78D998DDF0EF31C1 . 3592192 . . [7.00.6000.16705] . . c:\windows\SoftwareDistribution\Download\db4586ec99dabcdd7b44713401efed2f\SP2GDR\mshtml.dll
[7] 2008-06-23 . A9D7198AAAC327D413D7941B2C0046A4 . 3088384 . . [6.00.2900.3395] . . c:\windows\$hf_mig$\KB953838\SP2QFE\mshtml.dll
[-] 2008-06-23 . A01EF08ACFF24D6E4987804BFD306AA4 . 3594240 . . [7.00.6000.20861] . . c:\windows\SoftwareDistribution\Download\db4586ec99dabcdd7b44713401efed2f\SP2QFE\mshtml.dll
[7] 2008-06-23 . FAA707F1143B2CB58ED7BD4F0758BADE . 3080704 . . [6.00.2900.3395] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2008-06-23 . DB0D7FB7B08ED1A861ACDD3A684049DD . 3088384 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll
[-] 2008-04-14 . C4153F037157C7BE7C54FD88887F027D . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\mshtml.dll
[7] 2007-12-07 . 9B740C8350EDBDD2290B89290039676C . 3080192 . . [6.00.2900.3268] . . c:\windows\SoftwareDistribution\Download\b2fae1d88b9f406a2afb1c850ba6f5a0\sp2gdr\mshtml.dll
[7] 2007-12-07 . 538016006E65697948DC04305FC60212 . 3087360 . . [6.00.2900.3268] . . c:\windows\SoftwareDistribution\Download\b2fae1d88b9f406a2afb1c850ba6f5a0\sp2qfe\mshtml.dll
[7] 2007-10-30 . C9BD851330A5AE9CF42CA74F7FAB3054 . 3079680 . . [6.00.2900.3243] . . c:\windows\SoftwareDistribution\Download\e4818ecd57ac16436508f06dc02ac643\sp2gdr\mshtml.dll
[7] 2007-10-30 . 1B0CD3D5B664C7786698FBB8C381A4D3 . 3086848 . . [6.00.2900.3243] . . c:\windows\SoftwareDistribution\Download\e4818ecd57ac16436508f06dc02ac643\sp2qfe\mshtml.dll
[7] 2007-08-22 . 8DCC33B8D7E1C3ECD4DC3F9A9B8493D3 . 3079168 . . [6.00.2900.3199] . . c:\windows\SoftwareDistribution\Download\f2a336ec22c0f337f1cd52fa57716ebb\sp2gdr\mshtml.dll
[7] 2007-08-22 . 8DCC33B8D7E1C3ECD4DC3F9A9B8493D3 . 3079168 . . [6.00.2900.3199] . . c:\windows\SoftwareDistribution\Download\f4a2b87f80dd9fb51f1993c13bc96d9c\sp2gdr\mshtml.dll
[7] 2007-08-22 . 6B815842B4A9CDED3D7E9846639E69FA . 3085824 . . [6.00.2900.3199] . . c:\windows\$hf_mig$\KB939653\SP2QFE\mshtml.dll
[7] 2007-08-22 . 6B815842B4A9CDED3D7E9846639E69FA . 3085824 . . [6.00.2900.3199] . . c:\windows\SoftwareDistribution\Download\f4a2b87f80dd9fb51f1993c13bc96d9c\sp2qfe\mshtml.dll
[7] 2007-06-15 . CA8215FF55022B47D6948C4BB09E8D52 . 3085312 . . [6.00.2900.3157] . . c:\windows\$hf_mig$\KB937143\SP2QFE\mshtml.dll
[7] 2007-05-04 . BE930AD339B283D83030BD7E67D1CCFD . 3085312 . . [6.00.2900.3132] . . c:\windows\$hf_mig$\KB933566\SP2QFE\mshtml.dll
[7] 2004-08-04 . 3FE8D0C4C2F3B928192BD06DCEE34B32 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB953838$\mshtml.dll

[-] 2008-10-16 . 4BAD064ED3FB5008AF94D427DD77FDDD . 663552 . . [6.00.2900.3462] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP2GDR\wininet.dll
[-] 2008-10-16 . F9AE6DBB4EC5B4D1A82BF2F0CB7EE200 . 671744 . . [6.00.2900.3462] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP2QFE\wininet.dll
[-] 2008-10-16 . 1C6E9FDAB1F4CB983A39EFBA6F131ACC . 671232 . . [6.00.2900.5694] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP3QFE\wininet.dll
[-] 2008-10-16 . 05033943FF61ABD13B93C00337D04E92 . 670208 . . [6.00.2900.5694] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP3GDR\wininet.dll
[-] 2008-08-20 . ADBB0BDB81EB0013942D907E9418AB8B . 663552 . . [6.00.2900.3429] . . c:\windows\SoftwareDistribution\Download\2355f18161c4d9205abb66936b92cf18\sp2gdr\wininet.dll
[-] 2008-08-20 . ADBB0BDB81EB0013942D907E9418AB8B . 663552 . . [6.00.2900.3429] . . c:\windows\system32\wininet.dll
[-] 2008-08-20 . AEF39AC3BCBAFE971155D0073191B5A6 . 671744 . . [6.00.2900.3429] . . c:\windows\SoftwareDistribution\Download\2355f18161c4d9205abb66936b92cf18\sp2qfe\wininet.dll
[-] 2008-08-20 . 50D19E569C83A9C1AE7EFAEF6A93BC50 . 670208 . . [6.00.2900.5659] . . c:\windows\SoftwareDistribution\Download\2355f18161c4d9205abb66936b92cf18\sp3gdr\wininet.dll
[-] 2008-08-20 . 96D50ACA60DA22ADBD253F2825C98D1A . 670720 . . [6.00.2900.5659] . . c:\windows\SoftwareDistribution\Download\2355f18161c4d9205abb66936b92cf18\sp3qfe\wininet.dll
[-] 2008-06-23 . AC0BD61DC2C64906FBFE50E005FEFA2C . 826368 . . [7.00.6000.16705] . . c:\windows\SoftwareDistribution\Download\db4586ec99dabcdd7b44713401efed2f\SP2GDR\wininet.dll
[7] 2008-06-23 . 8CA18FD7CCCABFF7E84702BC1BBF5DCB . 671232 . . [6.00.2900.3395] . . c:\windows\$hf_mig$\KB953838\SP2QFE\wininet.dll
[-] 2008-06-23 . 52589BAE67DD9859724287372668690B . 827904 . . [7.00.6000.20861] . . c:\windows\SoftwareDistribution\Download\db4586ec99dabcdd7b44713401efed2f\SP2QFE\wininet.dll
[7] 2008-06-23 . 95D92788889B847309C63E2EC287D1C0 . 663552 . . [6.00.2900.3395] . . c:\windows\system32\dllcache\wininet.dll
[7] 2008-06-23 . D2177655BC338A07B99913F6A4BED52D . 670208 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll
[7] 2008-06-23 . 4E00327DA458BEFFEA8F4B222F466B20 . 670720 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll
[-] 2008-04-14 . 4A6E04EA20F48D750D9BFED8600D516B . 670208 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\wininet.dll
[7] 2007-12-07 . C5A40DE381481D288ADDEE45FC67F652 . 663552 . . [6.00.2900.3268] . . c:\windows\SoftwareDistribution\Download\b2fae1d88b9f406a2afb1c850ba6f5a0\sp2gdr\wininet.dll
[7] 2007-12-07 . C057D734B1951393FD07E2607513D4D9 . 670208 . . [6.00.2900.3268] . . c:\windows\SoftwareDistribution\Download\b2fae1d88b9f406a2afb1c850ba6f5a0\sp2qfe\wininet.dll
[7] 2007-10-11 . D2FD027E5D3AF96DEE6C5CC225079DF0 . 663552 . . [6.00.2900.3231] . . c:\windows\SoftwareDistribution\Download\e4818ecd57ac16436508f06dc02ac643\sp2gdr\wininet.dll
[7] 2007-10-11 . 0465CDE31ADD22F6233FFB4FE4AF01CF . 670208 . . [6.00.2900.3231] . . c:\windows\SoftwareDistribution\Download\e4818ecd57ac16436508f06dc02ac643\sp2qfe\wininet.dll
[7] 2007-08-22 . 18048557AA56DE4B1955FDF7A21F9B24 . 663040 . . [6.00.2900.3199] . . c:\windows\SoftwareDistribution\Download\f2a336ec22c0f337f1cd52fa57716ebb\sp2gdr\wininet.dll
[7] 2007-08-22 . 18048557AA56DE4B1955FDF7A21F9B24 . 663040 . . [6.00.2900.3199] . . c:\windows\SoftwareDistribution\Download\f4a2b87f80dd9fb51f1993c13bc96d9c\sp2gdr\wininet.dll
[7] 2007-08-22 . 4F6A45B54D26708E2C2BF2C43D83EDEA . 669696 . . [6.00.2900.3199] . . c:\windows\$hf_mig$\KB939653\SP2QFE\wininet.dll
[7] 2007-08-22 . 4F6A45B54D26708E2C2BF2C43D83EDEA . 669696 . . [6.00.2900.3199] . . c:\windows\SoftwareDistribution\Download\f4a2b87f80dd9fb51f1993c13bc96d9c\sp2qfe\wininet.dll
[7] 2007-06-26 . 19058FBDC72F7BAE085369C6D0A7D074 . 669696 . . [6.00.2900.3164] . . c:\windows\$hf_mig$\KB937143\SP2QFE\wininet.dll
[7] 2007-04-18 . A3BF56A786B277E881FD9137F55F0B4B . 669696 . . [6.00.2900.3121] . . c:\windows\$hf_mig$\KB933566\SP2QFE\wininet.dll
[7] 2004-08-04 . 58FE94EF42E074F4CAD8BF02E70E6478 . 660480 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB953838$\wininet.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1a71246c-3eb0-4d6c-af77-3ab756017c3a}"= "c:\program files\BTjunkie\tbBTju.dll" [2009-11-03 2331672]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files\Softonic_France\tbSof1.dll" [2010-07-06 2515552]

[HKEY_CLASSES_ROOT\clsid\{1a71246c-3eb0-4d6c-af77-3ab756017c3a}]

[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1a71246c-3eb0-4d6c-af77-3ab756017c3a}]
2009-11-03 19:09 2331672 ----a-w- c:\program files\BTjunkie\tbBTju.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
2010-07-06 11:13 2515552 ----a-w- c:\program files\Softonic_France\tbSof1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1a71246c-3eb0-4d6c-af77-3ab756017c3a}"= "c:\program files\BTjunkie\tbBTju.dll" [2009-11-03 2331672]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files\Softonic_France\tbSof1.dll" [2010-07-06 2515552]

[HKEY_CLASSES_ROOT\clsid\{1a71246c-3eb0-4d6c-af77-3ab756017c3a}]

[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1A71246C-3EB0-4D6C-AF77-3AB756017C3A}"= "c:\program files\BTjunkie\tbBTju.dll" [2009-11-03 2331672]
"{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}"= "c:\program files\Softonic_France\tbSof1.dll" [2010-07-06 2515552]

[HKEY_CLASSES_ROOT\clsid\{1a71246c-3eb0-4d6c-af77-3ab756017c3a}]

[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-11 39408]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"_flbinaryfile_"="c:\program files\folder lockit\fl.exe" [2002-09-13 385024]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-03-31 413696]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2010-07-14 190024]
"spnsrv9x"="c:\magic830\SPNSRV9X.EXE" [2006-03-05 127007]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 77824]
"OrderReminder"="c:\program files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2005-12-22 98304]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"GNConfig"="c:\program files\Gigabyte\Gigabyte Super Wireless LAN Card\Installer\Winxp\GNConfig.exe" [2006-03-08 380928]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]
"TkBellExe"="c:\program files\Real Alternative\Update_OB\realsched.exe" [2009-09-30 180269]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe" [2010-03-12 311680]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2009-1-24 110592]
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
backup=c:\windows\pss\Assistant d'Acrobat.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APVXDWIN
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LClock
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedOptimizer

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TPSrv"=2 (0x2)
"PSIMSVC"=2 (0x2)
"PSHost"=2 (0x2)
"PAVSRV"=2 (0x2)
"PAVFNSVR"=2 (0x2)
"Panda Software Controller"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\MessengerDiscovery 2\\MessengerDiscovery 2.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP1005MC.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\MAGIC830\\spnsrv9x.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\Le Robert\\Le Petit Robert 2009\\RobertHA.exe"=
"c:\\Program Files\\Le Robert\\Le Petit Robert 2009\\prnet.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R2 dmsmbios;dmsmbios;c:\windows\system32\dmsmbios.sys [02/05/2000 14:42 16480]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [03/09/2009 15:24 24848]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14/09/2009 13:42 32272]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [11/02/2010 13:07 135664]
S3 FXDrv32;FXDrv32;\??\e:\fxdrv32.sys --> e:\FXDrv32.sys [?]
S3 Messidelvhe;Messidelvhe; [x]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24/12/2008 09:43 691696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2008-04-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

2010-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 12:07]

2010-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 12:07]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = http=
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: &Search
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Ajouter à Kaspersky Anti-Bannière - c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Liens de téléchargement avec Mega Manager...
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger le contenu de video FLV avec IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Télécharger tous les liens avec IDM - c:\program files\Internet Download Manager\IEGetAll.htm
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{F4F10C1D-87C7-404A-B4B3-000000000000} - (no file)
URLSearchHooks-{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - (no file)
URLSearchHooks-{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
BHO-{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
BHO-{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - (no file)
BHO-{55c1486a-9ecc-4729-88d4-55dd6aa5bc24} - (no file)
BHO-{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - (no file)
BHO-{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - (no file)
Toolbar-{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - (no file)
WebBrowser-{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - (no file)
WebBrowser-{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-nohosst - c:\windows\nohost.exe
HKLM-Explorer_Run-DELL - .vbe
Notify-avldr - avldr.dll
Notify-NavLogon - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-16 11:21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):46,64,91,ca,5d,82,67,69,c8,9a,e0,25,ba,2b,6d,8b,e1,c0,f5,66,a0,
7e,c2,86,09,0c,a6,c7,6d,1d,81,52,9e,79,c8,33,d9,33,3c,1a,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):19,93,85,4a,a3,bc,9b,9f,3a,21,f5,c8,6b,be,ea,e1,f9,46,e1,be,2c,
13,2e,f7,d6,2c,68,69,68,a3,4d,32,f6,42,36,af,5c,64,89,22,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8063cb21-3ebc-469c-96f6-d6d3e80868f9}]
@Denied: (Full) (Everyone)
"Model"=dword:00000043
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{f102cb31-c7b0-4e6b-bfe3-e749a056c78c}]
@Denied: (Full) (Everyone)
"Model"=dword:0000005d
"Therad"=dword:00000019
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@DACL=(02 0010)
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@DACL=(02 0010)
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@DACL=(02 0010)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2880)
c:\program files\MessengerPlus! 3\MsgPlusLoader1.dll
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\acs.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\System32\spool\DRIVERS\W32X86\3\HP1005MC.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\SOUNDMAN.EXE
.
**************************************************************************
.
Completion time: 2010-09-16 11:36:20 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-16 10:36

Pre-Run: 1 677 238 272 octets libres
Post-Run: 1 662 136 320 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 0CE66EA128E5D4DCE4589BB221188716

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 Anonyme  Posté le 16/09/2010 à 20:49  
  Maître astucien

11806 Messages

Poste un rapport RSIT...

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 silasol  Posté le 19/09/2010 à 10:27  
Petite astucienne

85 Messages

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrateur at 2010-09-19 09:22:29
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 2 GB (5%) free of 38 GB
Total RAM: 1150 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:22:47, on 19/09/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\folder lockit\fl.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\MAGIC830\SPNSRV9X.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Gigabyte\Gigabyte Super Wireless LAN Card\Installer\Winxp\GNConfig.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: BTjunkie Toolbar - {1a71246c-3eb0-4d6c-af77-3ab756017c3a} - C:\Program Files\BTjunkie\tbBTju.dll
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll
O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BTjunkie Toolbar - {1a71246c-3eb0-4d6c-af77-3ab756017c3a} - C:\Program Files\BTjunkie\tbBTju.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - (no file)
O2 - BHO: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {55c1486a-9ecc-4729-88d4-55dd6aa5bc24} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {69D72956-317C-44bd-B369-8E44D4EF9801} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon Plug In - {A057A204-BACC-4D26-9E83-2DB586E27190} - (no file)
O2 - BHO: (no name) - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - (no file)
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - (no file)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - (no file)
O3 - Toolbar: Babylon Plug In - {A057A204-BACC-4D26-9E83-2DB586E27190} - (no file)
O3 - Toolbar: BTjunkie Toolbar - {1a71246c-3eb0-4d6c-af77-3ab756017c3a} - C:\Program Files\BTjunkie\tbBTju.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [_flbinaryfile_] c:\program files\folder lockit\fl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [spnsrv9x] C:\MAGIC830\SPNSRV9X.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [GNConfig] "C:\Program Files\Gigabyte\Gigabyte Super Wireless LAN Card\Installer\Winxp\GNConfig.exe" -nogui
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real Alternative\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - Software - (no file)
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_13.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.50 85.255.112.221
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\kloehk.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 15803 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2010-01-20 181680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1a71246c-3eb0-4d6c-af77-3ab756017c3a}]
BTjunkie Toolbar - C:\Program Files\BTjunkie\tbBTju.dll [2009-11-03 2331672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
Softonic_France Toolbar - C:\Program Files\Softonic_France\tbSof1.dll [2010-07-06 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55c1486a-9ecc-4729-88d4-55dd6aa5bc24}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69D72956-317C-44bd-B369-8E44D4EF9801}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9E83-2DB586E27190}]
Babylon Plug In

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-21 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-19 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} -
{A057A204-BACC-4D26-9E83-2DB586E27190} -
{1a71246c-3eb0-4d6c-af77-3ab756017c3a} - BTjunkie Toolbar - C:\Program Files\BTjunkie\tbBTju.dll [2009-11-03 2331672]
{4daac69c-cba7-45e2-9bc8-1044483d3352} - Softonic_France Toolbar - C:\Program Files\Softonic_France\tbSof1.dll [2010-07-06 2515552]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-21 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"_flbinaryfile_"=c:\program files\folder lockit\fl.exe [2002-09-13 385024]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-03-31 413696]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2010-07-14 190024]
"spnsrv9x"=C:\MAGIC830\S [2005-10-12 14336]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-20 77824]
"OrderReminder"=C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [2005-12-22 98304]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
"GNConfig"=C:\Program Files\Gigabyte\Gigabyte Super Wireless LAN Card\Installer\Winxp\GNConfig.exe [2006-03-08 380928]
"AdaptecDirectCD"=C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe [2002-12-17 684032]
"TkBellExe"=C:\Program Files\Real Alternative\Update_OB\realsched.exe [2009-09-30 180269]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2010-03-12 311680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-02-11 39408]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Distillr\acrotray.exe [2003-05-15 217193]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TPSrv"=2
"PSIMSVC"=2
"PSHost"=2
"PAVSRV"=2
"PAVFNSVR"=2
"Panda Software Controller"=2

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1.0FO\kloehk.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2010-03-12 219736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun_KL_saved"=149
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe"="C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe:*:Enabled:MessengerDiscovery 2.exe"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE"="C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE:*:Enabled:SMLMProxy Module - HP1005MC.EXE"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\MAGIC830\spnsrv9x.exe"="C:\MAGIC830\spnsrv9x.exe:*:Disabled:spnsrv9x"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\Program Files\Le Robert\Le Petit Robert 2009\RobertHA.exe"="C:\Program Files\Le Robert\Le Petit Robert 2009\RobertHA.exe:*:Enabled:Le Petit Robert Hyperappel"
"C:\Program Files\Le Robert\Le Petit Robert 2009\prnet.exe"="C:\Program Files\Le Robert\Le Petit Robert 2009\prnet.exe:*:Enabled:Le Petit Robert 2008"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2010-09-16 14:10:25 ----SHD---- C:\RECYCLER
2010-09-16 11:36:21 ----A---- C:\ComboFix.txt
2010-09-16 11:05:55 ----A---- C:\Boot.bak
2010-09-16 11:05:46 ----RASHD---- C:\cmdcons
2010-09-16 11:00:17 ----A---- C:\WINDOWS\zip.exe
2010-09-16 11:00:17 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-09-16 11:00:17 ----A---- C:\WINDOWS\SWSC.exe
2010-09-16 11:00:17 ----A---- C:\WINDOWS\SWREG.exe
2010-09-16 11:00:17 ----A---- C:\WINDOWS\sed.exe
2010-09-16 11:00:17 ----A---- C:\WINDOWS\PEV.exe
2010-09-16 11:00:17 ----A---- C:\WINDOWS\NIRCMD.exe
2010-09-16 11:00:17 ----A---- C:\WINDOWS\MBR.exe
2010-09-16 11:00:17 ----A---- C:\WINDOWS\grep.exe
2010-09-16 10:59:40 ----D---- C:\WINDOWS\ERDNT
2010-09-16 10:49:40 ----D---- C:\Qoobox
2010-09-15 11:57:26 ----A---- C:\Ad-Report-CLEAN[1].txt
2010-09-15 11:47:13 ----A---- C:\Ad-Report-SCAN[1].txt
2010-09-15 11:47:05 ----D---- C:\Program Files\Ad-Remover
2010-09-14 12:00:22 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-14 12:00:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-14 12:00:20 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-13 15:06:53 ----D---- C:\rsit
2010-09-13 12:42:06 ----D---- C:\Program Files\Kaspersky Lab
2010-09-13 12:41:37 ----A---- C:\WINDOWS\system32\drivers\klif.sys
2010-09-13 12:39:13 ----D---- C:\KAV
2010-09-13 12:37:06 ----D---- C:\Documents and Settings\Administrateur\Application Data\Kasper-Key_Sharing_Networ
2010-09-13 09:50:22 ----D---- C:\Program Files\Trend Micro
2010-09-13 09:46:59 ----D---- C:\Program Files\Emsisoft Anti-Malware
2010-09-12 14:21:56 ----D---- C:\Program Files\Alwil Software
2010-09-12 12:42:44 ----D---- C:\Program Files\VS Revo Group
2010-09-09 11:46:57 ----D---- C:\WINDOWS\BDOSCAN8
2010-09-07 13:38:57 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2010-08-25 15:40:03 ----A---- C:\WINDOWS\system32\idmmbc.dll

======List of files/folders modified in the last 1 months======

2010-09-19 09:22:30 ----D---- C:\WINDOWS\Temp
2010-09-19 09:18:37 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-19 09:18:29 ----D---- C:\WINDOWS\system32\drivers
2010-09-19 09:13:39 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2010-09-19 09:11:43 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-19 08:56:55 ----D---- C:\WINDOWS
2010-09-16 15:54:17 ----D---- C:\Program Files\Folder LockIt
2010-09-16 15:42:33 ----D---- C:\MAGIC830
2010-09-16 13:08:09 ----D---- C:\WINDOWS\Prefetch
2010-09-16 11:48:56 ----D---- C:\Mes documents
2010-09-16 11:34:14 ----SD---- C:\WINDOWS\Tasks
2010-09-16 11:21:33 ----A---- C:\WINDOWS\system.ini
2010-09-16 11:21:11 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-16 11:15:58 ----D---- C:\WINDOWS\system32\config
2010-09-16 11:15:01 ----D---- C:\WINDOWS\system32
2010-09-16 11:15:00 ----D---- C:\Program Files
2010-09-16 11:14:59 ----SD---- C:\WINDOWS\system32\Microsoft
2010-09-16 11:12:12 ----D---- C:\WINDOWS\AppPatch
2010-09-16 11:12:07 ----D---- C:\Program Files\Fichiers communs
2010-09-16 11:05:55 ----RASH---- C:\boot.ini
2010-09-16 07:59:10 ----D---- C:\Documents and Settings\Administrateur\Application Data\IDM
2010-09-16 07:57:06 ----D---- C:\Documents and Settings\Administrateur\Application Data\DMCache
2010-09-15 11:43:07 ----DC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-09-14 10:31:18 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-09-13 15:06:24 ----SHD---- C:\WINDOWS\Installer
2010-09-13 15:06:24 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2010-09-13 15:06:21 ----D---- C:\Config.Msi
2010-09-13 12:43:13 ----HD---- C:\WINDOWS\inf
2010-09-13 12:42:07 ----SHD---- C:\System Volume Information
2010-09-13 12:11:10 ----D---- C:\WINDOWS\RegisteredPackages
2010-09-13 10:55:11 ----D---- C:\Program Files\Google
2010-09-13 10:23:07 ----D---- C:\DAS2005
2010-09-13 07:54:37 ----D---- C:\Program Files\Barre_Algerie_Chat
2010-09-13 07:54:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2010-09-13 07:54:21 ----D---- C:\WINDOWS\Corel
2010-09-12 15:20:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-12 14:22:56 ----D---- C:\WINDOWS\WinSxS
2010-09-12 13:09:10 ----A---- C:\WINDOWS\wininit.ini
2010-09-12 10:08:32 ----D---- C:\WINDOWS\system32\IDMs
2010-09-12 08:48:28 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-09-09 11:47:08 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-09-09 11:23:04 ----D---- C:\WINDOWS\system32\NtmsData
2010-09-09 11:01:21 ----D---- C:\WINDOWS\Debug
2010-09-09 09:57:40 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-09-09 09:41:49 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe
2010-09-07 14:45:10 ----D---- C:\Program Files\Internet Download Manager
2010-09-07 13:15:36 ----D---- C:\WINDOWS\Registration
2010-09-06 13:18:36 ----D---- C:\WINDOWS\Help
2010-09-06 13:18:36 ----D---- C:\WINDOWS\Adobe Illustrator CS
2010-09-06 13:18:36 ----D---- C:\Program Files\Internet Explorer
2010-09-05 14:03:39 ----D---- C:\Documents and Settings\All Users\Application Data\AutoHideIP
2010-08-25 12:39:46 ----D---- C:\Documents and Settings\Administrateur\Application Data\MessengerDiscovery 2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AFPAnsi;FLDevice; C:\WINDOWS\system32\Drivers\AFPAnsi.sys [2002-09-05 40384]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-08-16 2432]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-08-16 2560]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2002-12-17 241152]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320]
R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-09-13 226320]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2007-04-16 143834]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2007-04-16 206464]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.1.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-11-09 19915]
R2 dmsmbios;dmsmbios; \??\C:\WINDOWS\system32\dmsmbios.sys []
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-05-14 76288]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AR5211;Gigabyte Super Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-11-04 487552]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2009-09-03 24848]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272]
R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2007-04-16 30630]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-07 5888]
R3 SMBios;Intel (R) System Managment BIOS Service; C:\WINDOWS\system32\DRIVERS\SMBios.sys [2003-06-17 35012]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-06 580992]
R3 SNTNLUSB;Rainbow USB SuperPro; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2004-05-07 26120]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2007-04-16 25898]
S3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-11-16 165496]
S3 FXDrv32;FXDrv32; \??\E:\FXDrv32.sys []
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2002-09-07 9600]
S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-03 161020]
S3 Messidelvhe;Messidelvhe; C:\WINDOWS\system32\drivers\Messidelvhe.sys []
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-09-05 12212864]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-01-15 30464]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-11-10 691696]
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-07 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2005-10-18 376917]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]
R2 AVP;Kaspersky Anti-Virus 6.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2010-03-12 311680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2002-07-17 94208]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-11 135664]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-04-28 68096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-11 182768]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE []
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-08-23 261120]

-----------------EOF-----------------

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 Anonyme  Posté le 19/09/2010 à 13:23  
  Maître astucien

11806 Messages

Bonjour,

fais un scan antivirus en ligne avec BitDefender.
Tuto : http://forum.pcastuces.com/bitdefender_online_scanner___tutoriel-f31s46.htm
Poste le rapport.

A+

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 
Publicité
 silasol  Posté le 20/09/2010 à 11:19  
Petite astucienne

85 Messages

ok d'accord je vais le faire.merci

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 silasol  Posté le 22/09/2010 à 16:56  
Petite astucienne

85 Messages

BitDefender Online Scanner - Rapport virus en temps rel

Gnr : Wed, Sep 22, 2010 - 15:52:22


Info d'analyse

Fichiers scanns

134875

Infects Fichiers

0

Virus Dtects

Aucun virus trouvé.


Ce sommaire du processus d'analyse sera utilis par les laboratoires Antivirus BitDefender pour crer des statistiques agrgues sur l'activit des virus dans le monde.

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 Anonyme  Posté le 22/09/2010 à 20:24  
  Maître astucien

11806 Messages
 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 silasol  Posté le 23/09/2010 à 10:03  
Petite astucienne

85 Messages

bonjour

ok je vais mettre à jour internet explorer mais mes disques ammovibles affichent toujour mes dossiers comme raccourcis??? et comment je vais les ouvrir ?

merci beaucoup

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
 Anonyme  Posté le 23/09/2010 à 12:53  
  Maître astucien

11806 Messages
silasol a écrit :

> ok je vais mettre à jour internet explorer...

Bonjour,

> Yes.

Il faut mettre à jour Java (faille de sécurité) :
http://java.sun.com/javase/downloads/index.jsp
Clique sur Download Java Runtime Environment (JRE) 6u21 et dans la page suivante, coche I agree... puis télécharge Multi-language/Windows Offline Installation/jre-6u21-windows-i586.exe
Adobe (idem) :
http://www.adobe.com/fr/products/acrobat/readstep2.html
Acrobat Reader 9.3.4
Décoche McAfee Security Scan gratuit

A+

 Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Haut de la page 

Inscrivez-vous au Forum PC Astuces !
  • Posez vos questions
  • Résolvez vos problèmes
  • Aidez les autres
  • Participez et créez vos discussions
  • Dialoguez en privé avec d'autres membres
  • Suivez vos sujets préférés
  • Affichez les signatures des membres
  • Suivez les mises à jour des logiciels proposés sur PC Astuces
  • Uploadez et partagez vos images
TOUT EST GRATUIT !

>> Je crée mon compte <<


Sur PC Astuces


 > Tous les forumsSécurité

 
Forum PC Astuces© 1997-2014 WebastucesAller en haut de la page