bonjour ,je possede windows xp sp2,internet explorer 8.0,ma page est tres longue a s'ouvrir,je dois la fermer puis la r'ouvrir ,et la s'affiche "voulez-vous atteindre la derniere page ou page de demarrage",je clique sur l'un des deux onglets et la ça marche.

j'ai deja defragmenté,nettoyer avec c cleaner ,spybot...rien n'y fait;

pouvez-vous me depanner,s'il y a d'autre renseignement a vous fournir dite le moi ,j'essayerai de vous les donner ,merci d'avance.

Bonjour jefcat59, bienvenue sur PCA !

Problème pour le forum Internet et Réseaux. Clique l'icone dans le bandeau au-dessus de ton premier message et dans la fenêtre qui s'affiche, demande au modérateur de déplacer ton sujet vers le forum indiqué puis clique sur Envoyer.

jefcat59. Bien venu sur PCA.

Passe Malwarebytes pour écarter une éventuelle infection, fait une mise à jour auparavant et post le rapport!

https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm

merci a vous

je poste le rapport de malwarebytes,bonne soirée

excusé j'ai oublié de le copier sur le message ,le voila a++

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3640
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

26/01/2010 16:53:53
mbam-log-2010-01-26 (16-53-53).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 337555
Temps écoulé: 1 hour(s), 39 minute(s), 24 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 14
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 11

Processus mémoire infecté(s):
C:\Program Files\Winsudate\gibusr.exe (Adware.Gibmedia) -> Unloaded process successfully.
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winsvc (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{daa37aad-f156-4c2c-ac48-3c22ef92ae2f} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band.1 (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winusr (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Winsudate\gibusr.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\GamesBar\oberontb.dll (Adware.Gamesbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\B2AO3QPE\gibidl[1].dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0LGR0TWR\gibsvc[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\A189YDY7\gibcom[1].dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3UT4JC5\gibupt[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3UT4JC5\gibusr[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibcom.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibidl.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibupt.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.

jefcat. Tu es infecté!

Demande fe faire déplacer ton sujet au forum sécurité pour ça clic sur le triangle jaune au dessus de ton post.

merci le chasseur,jai envoyer en copie le resultat du scan en cliquant sur le triangle jaune ,ensuite je fais quoi?

merci bonne soirée

Tu as demandé que l'on déplace ton sujet au forum sécurité, tu attends qu'un modo passe par la pour faire le necessaire!

bonsoir,

effectivement c'est normal que tu rencontres ces problèmes sur internet avec ton navigateur

Après lui avoir fait téléchargé ERUNT pour sauvagarder la base de registre

tuto : https://forum.pcastuces.com/tuto_erunt-f31s5.htm

ensuite

vas dans démarrer, exécuter, tape: regedit et OK.

En haut, cliques sur édition, rechercher (Ctrl+F), tape: wibeez, coche les cases clés, valeurs, données et fais suivant.

La recherche commence, quand un fichier apparait, supprime tout ce qui est rapport à wibeez et

regarde aussi dans le volet droit, ensuite fais F3 pour continuer la recherche et fais de même jusqu'à la fin de la recherche.

Refaire la même procédure pour chacun de ces termes: gibmedia, winsudate. Ferme le régistre,

Avec Firefox, va dans: C\program files ou programmes\mozilla Firefox\search plugins,

supprime wibeez s'il est présent et d'autres moteurs dont tu ne veux pas,

ensuite ouvre Firefox, dans la barre d'adresse, tape: about:config , dans filtre tape: keyword.url ,

ensuite clic droit keyword.url la ligne qui correspond à google et choisir réinitialiser.

ensuite relance Malwarebyte's pour un scan COMPLET et supprime à nouveau s'il te détecte encore quelque chose

ensuite

RSIT

Télécharge random's system information tool (RSIT) par random/random
TUTO

et sauvegarde-le sur le Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT
• Clique Continue à l'écran Disclaimer.
• Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSITle téléchargera et tu devras accepter la licence.
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
  ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

ok merci au groupe securité,je ferai tout cela des que possible;

je vous tiens au courant ,merci bonne soirée

bonsoir,

au moins tu traines avec les infections, au mieux il sera facile de les virer

erreur '80004005'

[MySQL][ODBC 5.1 Driver][mysqld-5.1.33-community]Data too long for column 'T_MESSAGE' at row 1

/envoi_info.asp, ligne 1122

Logfile of random's system information tool 1.06 (written by random/random)
Run by jean-françois at 2010-01-30 12:17:16
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 47 GB (47%) free of 100 GB
Total RAM: 1023 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:17:27, on 30/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Widget Carrefour\Widget Carrefour.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\jean-françois\Local Settings\Temporary Internet Files\Content.IE5\7BFD6GE5\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\jean-françois.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
R3 - URLSearchHook: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWi1.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files\iWin Games\iWinGamesHookIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWi1.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWi1.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.switchin.net/switchlaunch.php?partner=bbgames"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: Widget Carrefour 50 jours pour vous.lnk = C:\Program Files\Widget Carrefour 50 jours pour vous\Widget Carrefour 50 jours pour vous.exe
O4 - Startup: Widget Carrefour.lnk = C:\Program Files\Widget Carrefour\Widget Carrefour.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6EBC6744-5383-4213-AD5E-66434ECA1812} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/nordnet/orange/so-4.1/resources/fslauncher.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Service Google Update (gupdate1c9d21c2ba18bc) (gupdate1c9d21c2ba18bc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 13579 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-01-07 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-06 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8CA5ED52-F3FB-4414-A105-2E3491156990}]
IEHlprObj Class - C:\Program Files\iWin Games\iWinGamesHookIE.dll [2009-11-24 141312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-25 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-25 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ce0c2586-da36-452b-acdb-320d9bcb19bf}]
iWin Toolbar - C:\Program Files\iWin\tbiWi1.dll [2009-11-19 2166296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-06 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-06 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
{ce0c2586-da36-452b-acdb-320d9bcb19bf} - iWin Toolbar - C:\Program Files\iWin\tbiWi1.dll [2009-11-19 2166296]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-25 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-03 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Steam"=C:\Program Files\Steam\Steam.exe [2009-10-24 1217808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE [2008-11-04 460216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CARPService]
C:\WINDOWS\system32\carpserv.exe [2003-03-19 4608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe [2007-09-06 169264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-02-23 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-06 136600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-03 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-01-07 185872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA.EXE [1997-08-29 51984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Recherche accélérée.lnk]
C:\PROGRA~1\MICROS~2\Office\FINDFAST.EXE [1997-08-29 111376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^wkcalrem.LNK]
C:\PROGRA~1\FICHIE~1\MICROS~1\WORKSS~1\WkCalRem.exe [2004-07-12 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^Yahoo! Widgets.lnk]
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"WLSetupSvc"=3
"usnjsvc"=3
"Pml Driver HPZ12"=3
"NVSvc"=2
"Maxtor Sync Service"=2
"JavaQuickStarterService"=2
"gusvc"=2
"Boonty Games"=3
"avast! Web Scanner"=3
"avast! Mail Scanner"=3
"avast! Antivirus"=2
"aswUpdSv"=2

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Documents and Settings\jean-françois\Menu Démarrer\Programmes\Démarrage
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE
Widget Carrefour 50 jours pour vous.lnk - C:\Program Files\Widget Carrefour 50 jours pour vous\Widget Carrefour 50 jours pour vous.exe
Widget Carrefour.lnk - C:\Program Files\Widget Carrefour\Widget Carrefour.exe
wkcalrem.LNK - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"ConsentPromptBehaviorAdmin"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\THQ\Dawn Of War\W40kWA.exe"="C:\Program Files\THQ\Dawn Of War\W40kWA.exe:*:Enabled:W40kWA"
"C:\Program Files\THQ\Dawn Of War\W40k.exe"="C:\Program Files\THQ\Dawn Of War\W40k.exe:*:Disabled:W40k"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe"="C:\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe:*:Disabled:EE-AOC"
"C:\Sierra\Empire Earth\Empire Earth.exe"="C:\Sierra\Empire Earth\Empire Earth.exe:*:Disabled:Empire Earth"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Eidos Interactive\Pyro Studios\Praetorians\Praetorians.exe"="C:\Program Files\Eidos Interactive\Pyro Studios\Praetorians\Praetorians.exe:*:Enabled:Praetorians"
"C:\Program Files\Monte Cristo\Fire Department 3\FD3.exe"="C:\Program Files\Monte Cristo\Fire Department 3\FD3.exe:*:Enabled:FD3"
"C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\game.dat"="C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\game.dat:*:Enabled:La Bataille pour la Terre du Milieu ™ II"
"C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu(tm)\game.dat"="C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu(tm)\game.dat:*:Enabled:La Bataille pour la Terre du Milieu(tm)"
"C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\patchget.dat"="C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\patchget.dat:*:Enabled:patchgrabber"
"C:\Documents and Settings\jean-françois\Local Settings\Temp\ElectronicArts_Patcher_000.exe"="C:\Documents and Settings\jean-françois\Local Settings\Temp\ElectronicArts_Patcher_000.exe:*:Enabled:ElectronicArts_Patcher_000"
"C:\Program Files\Electronic Arts\Command & Conquer(tm) 3 La Fureur de Kane\RetailExe\1.0\cnc3ep1.dat"="C:\Program Files\Electronic Arts\Command & Conquer(tm) 3 La Fureur de Kane\RetailExe\1.0\cnc3ep1.dat:*:Enabled:Command & Conquer(tm) 3 : La Fureur de Kane"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe"="C:\Program Files\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe:*:Enabled:SWRepublicCommando"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Fichiers communs\XpressUpdate\XPressUpdate.exe"="C:\Program Files\Fichiers communs\XpressUpdate\XPressUpdate.exe:*:Enabled:XPressUpdate"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\THQ\Dawn of War - Dark Crusade Demo\DarkCrusade.exe"="C:\Program Files\THQ\Dawn of War - Dark Crusade Demo\DarkCrusade.exe:*:Enabled:DarkCrusade"
"C:\Program Files\EA GAMES\Battlefield 1942\BF1942.exe"="C:\Program Files\EA GAMES\Battlefield 1942\BF1942.exe:*:Enabled:BF1942"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Documents and Settings\jean-françois\Local Settings\Temp\b2758b3374cb44059dcf0c1c503a8fbe\RelicDownloader.exe"="C:\Documents and Settings\jean-françois\Local Settings\Temp\b2758b3374cb44059dcf0c1c503a8fbe\RelicDownloader.exe:*:Enabled:Relic Patch Download Manager"
"C:\Documents and Settings\jean-françois\Local Settings\Temp\a721750369224b4388d5cc8d75a069fc\RelicDownloader.exe"="C:\Documents and Settings\jean-françois\Local Settings\Temp\a721750369224b4388d5cc8d75a069fc\RelicDownloader.exe:*:Enabled:Relic Patch Download Manager"
"C:\Program Files\Ubisoft\Splinter Cell Pandora Tomorrow\pandora.exe"="C:\Program Files\Ubisoft\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:pandora"
"C:\Documents and Settings\jean-françois\Local Settings\Temp\2e6e83d8c4104e2bacc97b9685fa1412\RelicDownloader.exe"="C:\Documents and Settings\jean-françois\Local Settings\Temp\2e6e83d8c4104e2bacc97b9685fa1412\RelicDownloader.exe:*:Enabled:Relic Patch Download Manager"
"C:\Program Files\THQ\Company of Heroes\BugReport\BugReport.exe"="C:\Program Files\THQ\Company of Heroes\BugReport\BugReport.exe:*:Enabled:BugReport"
"C:\Documents and Settings\jean-françois\Local Settings\Temp\508130623d4443bc9dd0225b8b3ba835\RelicDownloader.exe"="C:\Documents and Settings\jean-françois\Local Settings\Temp\508130623d4443bc9dd0225b8b3ba835\RelicDownloader.exe:*:Enabled:Relic Patch Download Manager"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.9\cnc3game.dat"="C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.9\cnc3game.dat:*:Enabled:Command & Conquer 3 Les guerres du Tiberium™"
"C:\Program Files\iWin Games\iWinGames.exe"="C:\Program Files\iWin Games\iWinGames.exe:*:Enabled:iWin Games application."
"C:\Program Files\iWin Games\WebUpdater.exe"="C:\Program Files\iWin Games\WebUpdater.exe:*:Enabled:iWin Games updater."
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\THQ\Company of Heroes\RelicCOH.exe"="C:\Program Files\THQ\Company of Heroes\RelicCOH.exe:*:Enabled:RelicCOH"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

======List of files/folders created in the last 1 months======

2010-01-30 12:17:16 ----D---- C:\rsit
2010-01-30 10:19:10 ----D---- C:\WINDOWS\ERDNT
2010-01-30 10:11:53 ----D---- C:\Program Files\ERUNT
2010-01-30 08:04:37 ----D---- C:\Program Files\Cajun Cop - Le Casse des Bijouteries
2010-01-30 05:57:30 ----D---- C:\Documents and Settings\All Users\Application Data\The Mirror Mysteries
2010-01-29 18:03:55 ----D---- C:\Documents and Settings\jean-françois\Application Data\OtherSide Realm of Eons
2010-01-27 18:34:34 ----SHD---- C:\Config.Msi
2010-01-24 15:31:10 ----D---- C:\Documents and Settings\All Users\Application Data\Million
2010-01-21 08:08:14 ----D---- C:\Program Files\Dr. Lynch - Grave Secrets
2010-01-21 08:02:26 ----D---- C:\Program Files\James Patterson's Women's Murder Club - Twice in a Blue Moon
2010-01-21 07:56:38 ----D---- C:\Program Files\Superior Save
2010-01-21 07:52:25 ----D---- C:\Program Files\Escape the Museum 2
2010-01-21 07:35:47 ----D---- C:\Program Files\Agatha Christie - Dead Man's Folly
2010-01-21 07:22:33 ----D---- C:\Program Files\Cassandra's Journey 2 - The Fifth Sun of Nostradamus
2010-01-21 07:15:25 ----D---- C:\Program Files\Herissons de l'Espace
2010-01-21 07:13:06 ----D---- C:\Program Files\Legendes du Far West - Golden Hill
2010-01-21 07:01:08 ----D---- C:\Program Files\Youda Legend - The Golden Bird of Paradise
2010-01-21 06:51:52 ----D---- C:\Program Files\The Fall Trilogy - Chapter 1
2010-01-21 06:46:52 ----D---- C:\Program Files\Mary Kay Andrews - The Fixer Upper
2010-01-18 15:01:12 ----D---- C:\Documents and Settings\jean-françois\Application Data\Valusoft
2010-01-18 15:01:12 ----D---- C:\Documents and Settings\All Users\Application Data\Valusoft
2010-01-15 11:41:05 ----A---- C:\WINDOWS\OEWABLog.txt
2010-01-14 16:18:16 ----D---- C:\Documents and Settings\jean-françois\Application Data\KlickTock
2010-01-14 16:10:10 ----D---- C:\Program Files\iWin Games
2010-01-13 19:13:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 19:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-13 12:04:05 ----D---- C:\Program Files\Samantha Swift - Mystery From Atlantis
2010-01-13 09:36:38 ----D---- C:\Program Files\Veronica Rivers - The Order Of Conspiracy
2010-01-13 09:29:50 ----D---- C:\Program Files\Parking Dash
2010-01-13 09:28:23 ----D---- C:\Program Files\The Mirror Mysteries
2010-01-13 09:23:42 ----D---- C:\Program Files\Dark Tales - Edgar Allan Poe`s Murders in the Rue Morgue
2010-01-13 08:37:40 ----D---- C:\Documents and Settings\jean-françois\Application Data\DruidsBattleOfMagic
2010-01-12 13:32:27 ----D---- C:\Documents and Settings\jean-françois\Application Data\TheFixerUpper
2010-01-11 14:05:49 ----D---- C:\Documents and Settings\jean-françois\Application Data\EcoRescue
2010-01-09 18:21:09 ----D---- C:\Documents and Settings\All Users\Application Data\Far Mills
2010-01-09 15:17:49 ----D---- C:\Documents and Settings\jean-françois\Application Data\WinRAR
2010-01-09 15:17:10 ----D---- C:\Program Files\WinRAR
2010-01-08 17:27:05 ----D---- C:\Documents and Settings\jean-françois\Application Data\Trio
2010-01-05 13:04:37 ----D---- C:\Documents and Settings\jean-françois\Application Data\LaJangada
2010-01-02 13:21:08 ----D---- C:\Documents and Settings\jean-françois\Application Data\GOA
2010-01-02 13:21:08 ----D---- C:\Documents and Settings\All Users\Application Data\GOA
2010-01-02 08:57:37 ----D---- C:\Program Files\Circle Dvelopement
2009-12-31 07:51:16 ----D---- C:\Documents and Settings\jean-françois\Application Data\GhostFleet

======List of files/folders modified in the last 1 months======

2010-01-30 12:17:27 ----D---- C:\WINDOWS\Prefetch
2010-01-30 11:31:18 ----SHD---- C:\WINDOWS\Installer
2010-01-30 11:30:49 ----D---- C:\Program Files\Microsoft Works
2010-01-30 11:30:34 ----D---- C:\Program Files\OpenOffice.org 2.3
2010-01-30 10:34:03 ----D---- C:\Program Files\Mozilla Firefox
2010-01-30 10:19:10 ----D---- C:\WINDOWS
2010-01-30 10:11:53 ----RD---- C:\Program Files
2010-01-30 10:06:48 ----D---- C:\WINDOWS\Temp
2010-01-30 09:53:29 ----D---- C:\WINDOWS\system32
2010-01-30 08:23:03 ----SD---- C:\WINDOWS\Tasks
2010-01-30 08:05:15 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-01-30 08:01:06 ----D---- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2010-01-30 08:00:25 ----D---- C:\Program Files\iWin.com
2010-01-30 07:34:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-30 06:59:01 ----D---- C:\Documents and Settings\All Users\Application Data\Sandlot Games
2010-01-30 05:34:21 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-30 04:19:25 ----D---- C:\Program Files\Steam
2010-01-29 18:01:07 ----D---- C:\Documents and Settings\jean-françois\Application Data\PlayFirst
2010-01-29 18:01:07 ----D---- C:\Documents and Settings\All Users\Application Data\PlayFirst
2010-01-29 16:57:45 ----D---- C:\Documents and Settings\jean-françois\Application Data\HdO Adventure
2010-01-27 18:39:39 ----D---- C:\Program Files\Wakfu
2010-01-27 18:35:17 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-01-27 18:35:16 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-01-26 16:56:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-01-26 16:56:34 ----D---- C:\WINDOWS\system32\drivers
2010-01-26 15:08:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-25 17:02:19 ----D---- C:\Documents and Settings\jean-françois\Application Data\OpenOffice.org2
2010-01-25 16:54:18 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-22 15:21:50 ----D---- C:\WINDOWS\system32\DirectX
2010-01-22 12:51:44 ----HD---- C:\WINDOWS\inf
2010-01-22 12:51:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-22 12:51:34 ----D---- C:\Program Files\Internet Explorer
2010-01-22 12:51:25 ----D---- C:\WINDOWS\ie8updates
2010-01-22 12:51:05 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-22 11:28:23 ----D---- C:\Program Files\LucasArts
2010-01-22 11:28:23 ----D---- C:\Documents and Settings\jean-françois\Application Data\Petroglyph
2010-01-22 11:28:12 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-22 09:57:10 ----D---- C:\Program Files\Zylom Games
2010-01-21 12:33:47 ----D---- C:\Documents and Settings\jean-françois\Application Data\Alawar
2010-01-21 06:27:24 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-20 19:47:32 ----D---- C:\Program Files\BoontyGames
2010-01-19 17:12:04 ----D---- C:\Documents and Settings\jean-françois\Application Data\Zylom
2010-01-19 17:12:04 ----D---- C:\Documents and Settings\jean-françois\Application Data\Identities
2010-01-18 18:32:44 ----A---- C:\WINDOWS\win.ini
2010-01-18 18:24:27 ----D---- C:\WINDOWS\network diagnostic
2010-01-13 19:58:37 ----D---- C:\WINDOWS\AppPatch
2010-01-13 19:13:56 ----A---- C:\WINDOWS\imsins.BAK
2010-01-13 08:30:47 ----D---- C:\Program Files\bfgclient
2010-01-11 14:11:48 ----D---- C:\Documents and Settings\jean-françois\Application Data\iWin
2010-01-11 13:07:18 ----D---- C:\Documents and Settings\jean-françois\Application Data\JewelMatch2
2010-01-09 15:47:44 ----D---- C:\Program Files\Oberon Media
2010-01-07 19:12:29 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-02 14:29:18 ----D---- C:\Documents and Settings\jean-françois\Application Data\Gamers Digital
2010-01-02 14:29:18 ----D---- C:\Documents and Settings\All Users\Application Data\Gamers Digital
2010-01-02 08:57:34 ----D---- C:\Program Files\Messenger Plus! Live
2009-12-31 08:19:53 ----D---- C:\Program Files\GamesBar

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-12-11 82380]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-03-19 11044]
R2 StreamDispatcher;StreamDispatcher; C:\WINDOWS\system32\DRIVERS\strmdisp.sys [2003-03-19 22400]
R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-02-09 666368]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-03-19 1107072]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-03-19 177024]
R3 IMT0521;Inmax USB IMT-0521 Smartcard Reader; C:\WINDOWS\System32\Drivers\IMT0521.sys [2003-07-11 34825]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-02-24 33408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-02-24 12928]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-12-29 47360]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-03-19 622592]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 idrmkl;idrmkl; \??\C:\DOCUME~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys []
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ovt519;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\ov519vid.sys [2003-10-15 174530]
S3 ovt530;Webcam Deluxe; C:\WINDOWS\System32\Drivers\ov530vid.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\SCR33X2K.sys [2003-12-03 63608]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 iWinTrusted;iWinTrusted; C:\Program Files\iWin Games\iWinTrusted.exe [2009-11-24 78104]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-01-27 1181328]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-12-16 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-12-16 103736]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 gupdate1c9d21c2ba18bc;Service Google Update (gupdate1c9d21c2ba18bc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-11 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-11 190448]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-03-22 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-06 152984]
S4 Maxtor Sync Service;Maxtor Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [2007-09-28 156976]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2010-01-30 12:17:30

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNVEContent.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Agatha Christie: Dead Man's Folly-->"C:\Program Files\Agatha Christie - Dead Man's Folly\Uninstall.exe"
Ancient Quest of Saqqarah fr-->"C:\Program Files\BoontyGames\Ancient Quest of Saqqarah\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask.com Search Assistant 1.0.1-->C:\Program Files\Ask Search Assistant\uninst.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Big Fish Games: Game Manager-->C:\Program Files\bfgclient\Uninstall.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Cajun Cop: Le Casse des Bijouteries-->"C:\Program Files\Cajun Cop - Le Casse des Bijouteries\Uninstall.exe"
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Singleplayer Patch-->C:\Program Files\InstallShield Installation Information\{D1B7EF59-A3E2-452A-882E-076E1A18D94A}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Can You See What I See fr-->"C:\Program Files\BoontyGames\Can You See What I See\unins000.exe"
Cassandra's Journey 2: The Fifth Sun of Nostradamus-->"C:\Program Files\Cassandra's Journey 2 - The Fifth Sun of Nostradamus\Uninstall.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Chainz 2-->C:\Program Files\MumboJumbo\Chainz 2\uninst.exe
Command & Conquer 3 Tiberium Wars(TM) MOD SDK-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{86C7336D-0E3A-4953-ADF4-F4B5E0096278}\setup.exe" -l0x9 -removeonly
Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{17E57E89-DDB3-4f76-9AF1-A8E01CC633E4}
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Danger Next Door: Miss Teri Tale's Adventure-->"C:\Program Files\Danger Next Door - Miss Teri Tale's Adventure\Uninstall.exe"
Dark Tales: Edgar Allan Poe`s Murders in the Rue Morgue-->"C:\Program Files\Dark Tales - Edgar Allan Poe`s Murders in the Rue Morgue\Uninstall.exe"
Delta Force 2-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\NovaLogic\Delta Force 2\Uninst.isu"
Disque de souvenirs HP-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
D-Link VGA Webcam-->C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
Dr. Lynch: Grave Secrets-->"C:\Program Files\Dr. Lynch - Grave Secrets\Uninstall.exe"
DVDFab Platinum 3.0.8.6 Ghosthunter release-->"C:\Program Files\DVDFab Platinum 3\unins000.exe"
Echoes of the Past: Royal House of Stone-->"C:\Program Files\Echoes of the Past - Royal House of Stone\Uninstall.exe"
Emperors Mahjongg fr-->"C:\Program Files\BoontyGames\Emperors Mahjongg\unins000.exe"
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
Escape the Museum 2-->"C:\Program Files\Escape the Museum 2\Uninstall.exe"
EVEREST Corporate Edition v4.50-->"C:\Program Files\Lavalys\EVEREST Corporate Edition\unins000.exe"
Fashion Assistant (supprimer)-->"C:\Program Files\iWin.com\Fashion Assistant\Uninstall.exe"
Fishdom H2O: Hidden Odyssey ™-->"C:\Program Files\Fishdom H2O - Hidden Odyssey\Uninstall.exe"
FM-56PCI-HSFi-AB-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F00\HXFSETUP.EXE -U -IVEN_14F1&DEV_2F02&SUBSYS_000B1767
FrostWire 4.13.5-->C:\Program Files\FrostWire\Uninstall.exe
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
GamesBar 2.0.1.12-->C:\Program Files\GamesBar\uninst.exe
Gardenscapes-->"C:\Program Files\Gardenscapes\Uninstall.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\4.0.249.78\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}
Great Secrets Da Vinci fr-->"C:\Program Files\BoontyGames\Great Secrets Da Vinci\unins000.exe"
Hercules WebCam Station-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D208F4A7-6B73-4C2A-8B1E-8756FCBA831E}\Setup.exe" -l0x40c
Hérissons de l'Espace-->"C:\Program Files\Herissons de l'Espace\Uninstall.exe"
Herods Lost Tomb fr-->"C:\Program Files\BoontyGames\Herods Lost Tomb\unins000.exe"
Hidden Magic-->"C:\Program Files\Hidden Magic\Uninstall.exe"
Hidden Mysteries - The White House (supprimer)-->"C:\Program Files\iWin.com\Hidden Mysteries - The White House\Uninstall.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\jean-françois\Mes documents\jean-françois\logiciels\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Driver Diagnostics-->MsiExec.exe /X{4CCC7F68-A437-4559-A840-F5E010934951}
hp psc 1100 series-->MsiExec.exe /X{01161F64-6897-4885-93A0-A9F7BE9A4253}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
iWin Games (remove only)-->"C:\Program Files\iWin Games\Uninstall.exe"
iWin Toolbar-->C:\PROGRA~1\iWin\UNWISE.EXE C:\PROGRA~1\iWin\INSTALL.LOG
James Patterson's Women's Murder Club: Twice in a Blue Moon-->"C:\Program Files\James Patterson's Women's Murder Club - Twice in a Blue Moon\Uninstall.exe"
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
jetAudio Basic-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe" -l0xc0c -removeonly
Jewel of Atlantis Deluxe-->"C:\Program Files\Zylom Games\Jewel of Atlantis Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Jewels of Cleopatra fr-->"C:\Program Files\BoontyGames\Jewels of Cleopatra\unins000.exe"
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Kellie Stanford: Turn of Fate (supprimer)-->"C:\Program Files\iWin.com\Kellie Stanford Turn of Fate\Uninstall.exe"
La Voleuse de l'Ombre-->"C:\Program Files\La Voleuse de l'Ombre\Uninstall.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Légendes du Far West - Golden Hill-->"C:\Program Files\Legendes du Far West - Golden Hill\Uninstall.exe"
Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Lost City of Z: Special Edition-->"C:\Program Files\Lost City of Z - Special Edition\Uninstall.exe"
Lost in the City-->"C:\Program Files\Lost in the City\Uninstall.exe"
Lost Realms: The Curse of Babylon-->"C:\Program Files\Lost Realms - The Curse of Babylon\Uninstall.exe"
Magic Encyclopedia Moonlight Mystery-->"C:\Program Files\orange\jeux\Magic Encyclopedia Moonlight Mystery\Uninstall.exe" "C:\Program Files\orange\jeux\Magic Encyclopedia Moonlight Mystery\install.log"
Mahjongg Artifacts (supprimer seulement)-->"C:\Program Files\iWin.com\Mahjongg Artifacts\Uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Marco Polo: Un Voyage Fantastique-->"C:\Program Files\Marco Polo - Un Voyage Fantastique\Uninstall.exe"
Mary Kay Andrews: The Fixer Upper-->"C:\Program Files\Mary Kay Andrews - The Fixer Upper\Uninstall.exe"
Maxtor Manager-->"C:\Program Files\InstallShield Installation Information\{357966B4-ED3B-4CAE-965F-825552888E31}\setup.exe" -runfromtemp -l0x040c -removeonly
Maxtor Manager-->MsiExec.exe /I{357966B4-ED3B-4CAE-965F-825552888E31}
Medion GoPal Assistant 3.00.0392-->C:\Program Files\Medion GoPal Assistant\Uninstall.exe
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft DirectX Transform optional components-->RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\DXTXTRA.INF,UNINSTALL.NT,12
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft Office 97 Professional-->C:\Program Files\Microsoft Office\Office\Install\Acme.exe /w Off97Pro.STF
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Midnight Mysteries: The Edgar Allan Poe Conspiracy (supprimer)-->"C:\Program Files\iWin.com\Midnight Mysteries The Edgar Allan Poe Conspiracy\Uninstall.exe"
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
MobileMe Control Panel-->MsiExec.exe /I{DDBB28C8-B2AA-45A1-8DCE-059A798509FB}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.0.15)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Toolbar-->MsiExec.exe /I{40E720B1-8E2D-4503-B9B8-BCFD9D38C1C4}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Murder, She Wrote-->"C:\Program Files\Murder She Wrote\Uninstall.exe"
Mushroom Age (supprimer)-->"C:\Program Files\iWin.com\Mushroom Age\Uninstall.exe"
Mysteries of Horus-->"C:\Program Files\orange\jeux\Mysteries of Horus\Uninstall.exe" "C:\Program Files\orange\jeux\Mysteries of Horus\install.log"
Mystery Chronicles Murder Among Friends fr-->"C:\Program Files\BoontyGames\Mystery Chronicles Murder Among Friends\unins000.exe"
Mystery Masterpiece: The Moonstone-->"C:\Program Files\Mystery Masterpiece - The Moonstone\Uninstall.exe"
Mystery P.I. - Lost in Los Angeles Deluxe-->"C:\Program Files\Zylom Games\Mystery P.I. - Lost in Los Angeles Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Mysteryville-->"C:\Program Files\orange\jeux\Mysteryville\Uninstall.exe" "C:\Program Files\orange\jeux\Mysteryville\install.log"
Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
Nightshift Code fr-->"C:\Program Files\BoontyGames\Nightshift Code\unins000.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Packard Bell Data Secure-->C:\APPS\DataSecure\Uninstall.exe
Parking Dash-->"C:\Program Files\Parking Dash\Uninstall.exe"
Photo et imagerie HP 2.0 - All-in-One Pilote-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
Photo et imagerie HP 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
Photo et imagerie HP 2.0 - hp psc 1100 series-->C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Reg (DOFUS Audio Subsystem)-->msiexec /qb /x {3F900346-A316-BA88-B83C-2513F1260AD7}
Reg (DOFUS Audio Subsystem)-->MsiExec.exe /I{3F900346-A316-BA88-B83C-2513F1260AD7}
Reincarnations: Awakening-->"C:\Program Files\Reincarnations - Awakening\Uninstall.exe"
Relic Hunt-->"C:\Program Files\Relic Hunt\Uninstall.exe"
Rescue at Rajini Island-->"C:\Program Files\Rescue at Rajini Island\Uninstall.exe"
Romance of Rome-->"C:\Program Files\Romance of Rome\Uninstall.exe"
Samantha Swift 2-->"C:\Program Files\orange\jeux\Samantha Swift 2\Uninstall.exe" "C:\Program Files\orange\jeux\Samantha Swift 2\install.log"
Samantha Swift and the Mystery from Atlantis (supprimer)-->"C:\Program Files\iWin.com\Samantha Swift and the Mystery from Atlantis\Uninstall.exe"
Samantha Swift: Mystery From Atlantis-->"C:\Program Files\Samantha Swift - Mystery From Atlantis\Uninstall.exe"
Save Our Spirit-->"C:\Program Files\Save Our Spirit\Uninstall.exe"
Scrapbook Paige-->"C:\Program Files\Scrapbook Paige\Uninstall.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sélecteur d'installation de Microsoft Works 2005-->C:\Program Files\Microsoft Works Suite 2005\Setup\Launcher.exe /ARP I:\
Slingo Mystery: Who's Gold-->"C:\Program Files\Slingo Mystery - Who's Gold\Uninstall.exe"
Smart Card Reader Driver Installation-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9BAA0FD-3D69-43C2-B587-B153E402EFA3}\setup.exe" -l0x9
Sony Eyetoy USB Webcam Drivers and Software-->"C:\Program Files\Movie Maker\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Superior Save-->"C:\Program Files\Superior Save\Uninstall.exe"
Téléchargeur de Cleopatra fr-->"C:\Program Files\Téléchargeur de Cleopatra\unins000.exe"
Téléchargeur de Egypt 3 fr-->"C:\Program Files\Téléchargeur de Egypte III\unins000.exe"
Temps du Patchwork-->"C:\Program Files\Temps du Patchwork\Uninstall.exe"
The Clockwork Man-->"C:\Program Files\The Clockwork Man\Uninstall.exe"
The Fall Trilogy: Chapter 1-->"C:\Program Files\The Fall Trilogy - Chapter 1\Uninstall.exe"
The Mirror Mysteries-->"C:\Program Files\The Mirror Mysteries\Uninstall.exe"
Tibet Quest fr-->"C:\Program Files\BoontyGames\Tibet Quest\unins000.exe"
Totem Treasure 2-->"C:\Program Files\Totem Treasure 2\Uninstall.exe"
Trapped: The Abduction-->"C:\Program Files\Trapped - The Abduction\Uninstall.exe"
Travel League: The Missing Jewels-->"C:\Program Files\Travel League - The Missing Jewels\Uninstall.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Valerie Porter and the Scarlet Scandal (supprimer)-->"C:\Program Files\iWin.com\Valerie Porter and the Scarlet Scandal\Uninstall.exe"
Vampire Saga: Pandora's Box-->"C:\Program Files\Vampire Saga - Pandora's Box\Uninstall.exe"
Veronica Rivers: The Order Of Conspiracy-->"C:\Program Files\Veronica Rivers - The Order Of Conspiracy\Uninstall.exe"
VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Voyage en Mer-->"C:\Program Files\Voyage en Mer\Uninstall.exe"
Wakfu-->C:\Program Files\Wakfu\uninstall.exe
Widget Carrefour-->msiexec /qb /x {52E5F8F6-8BB9-EBD2-CF2A-097A5D856E94}
Widget Carrefour-->MsiExec.exe /I{52E5F8F6-8BB9-EBD2-CF2A-097A5D856E94}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Wizard's Hat (supprimer)-->"C:\Program Files\iWin.com\Wizard's Hat\Uninstall.exe"
Women’s Murder Club – Lune Bleue-->"C:\Program Files\orange\jeux\Womens Murder Club – Lune Bleue\Uninstall.exe" "C:\Program Files\orange\jeux\Womens Murder Club – Lune Bleue\install.log"
XnView 1.96.2-->"C:\Program Files\XnView\unins000.exe"
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
Youda Legend: The Golden Bird of Paradise-->"C:\Program Files\Youda Legend - The Golden Bird of Paradise\Uninstall.exe"
Zen Fashion-->"C:\Program Files\Zen Fashion\Uninstall.exe"
Zuma Deluxe-->"C:\Program Files\Zylom Games\Zuma Deluxe\GameInstlr.exe" --uninstall UnInstall.log

======Hosts File======

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com

======Security center information======

AV: avast! antivirus 4.8.1368 [VPS 100130-0]

======System event log======

Computer Name: JF-A387D43B7CF7
Event Code: 256
Message: Un délai a expiré lors de l'envoi de la notification de modification d'interface de périphérique à la fenêtre de "Paramètres - Steam"

Record Number: 46178
Source Name: PlugPlayManager
Time Written: 20100104121132.000000+060
Event Type: Avertissement
User:

Computer Name: JF-A387D43B7CF7
Event Code: 256
Message: Un délai a expiré lors de l'envoi de la notification de modification d'interface de périphérique à la fenêtre de "Paramètres - Steam"

Record Number: 46177
Source Name: PlugPlayManager
Time Written: 20100104121132.000000+060
Event Type: Avertissement
User:

Computer Name: JF-A387D43B7CF7
Event Code: 256
Message: Un délai a expiré lors de l'envoi de la notification de modification d'interface de périphérique à la fenêtre de "Paramètres - Steam"

Record Number: 46176
Source Name: PlugPlayManager
Time Written: 20100104121132.000000+060
Event Type: Avertissement
User:

Computer Name: JF-A387D43B7CF7
Event Code: 256
Message: Un délai a expiré lors de l'envoi de la notification de modification d'interface de périphérique à la fenêtre de "Paramètres - Steam"

Record Number: 46175
Source Name: PlugPlayManager
Time Written: 20100104121131.000000+060
Event Type: Avertissement
User:

Computer Name: JF-A387D43B7CF7
Event Code: 256
Message: Un délai a expiré lors de l'envoi de la notification de modification d'interface de périphérique à la fenêtre de "Paramètres - Steam"

Record Number: 46174
Source Name: PlugPlayManager
Time Written: 20100104121131.000000+060
Event Type: Avertissement
User:

=====Application event log=====

Computer Name: JF-A387D43B7CF7
Event Code: 0
Message:
Record Number: 7894
Source Name: gusvc
Time Written: 20091004131029.000000+120
Event Type: Informations
User:

Computer Name: JF-A387D43B7CF7
Event Code: 0
Message:
Record Number: 7893
Source Name: gupdate1c9d21c2ba18bc
Time Written: 20091004131029.000000+120
Event Type: Informations
User:

Computer Name: JF-A387D43B7CF7
Event Code: 1002
Message: Application bloquée iw3mp.exe, version 0.0.0.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 7892
Source Name: Application Hang
Time Written: 20091003212703.000000+120
Event Type: erreur
User:

Computer Name: JF-A387D43B7CF7
Event Code: 11728
Message: Produit : Call of Duty(R) 4 - Modern Warfare(TM) -- Configuration completed successfully.

Record Number: 7891
Source Name: MsiInstaller
Time Written: 20091003212219.000000+120
Event Type: Informations
User: JF-A387D43B7CF7\jean-françois

Computer Name: JF-A387D43B7CF7
Event Code: 11707
Message: Produit : Call of Duty(R) 4 - Modern Warfare(TM) -- Installation terminée.

Record Number: 7890
Source Name: MsiInstaller
Time Written: 20091003211919.000000+120
Event Type: Informations
User: JF-A387D43B7CF7\jean-françois

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=2f00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

ça y est je crois merci pour tous dite moi s,ilfaut faire autre chose

bonne journée

bonjour,

ah oui il faut faire autre chose, ton pc est pourri. Mais comment fais tu pour en arriver là !!!

*- Pour tous les lecteurs :
-- Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.
-- Ne pas utiliser en dehors de ce cas de figure : dangereux!

Téléchargez Combofix (de sUBs) sur l'un de ces liens :

Lien 1
Lien 2
Lien 3

* IMPORTANT !!! Enregistrez ComboFix.exe sur votre Bureau

/!\ Désactivez votre antivirus / antispyware résident / TeaTimer de Spybot (s'ils fonctionnent encore! ) en général via un clic droit sur l'icône de la Zone de notification.

Désactiver les protections résidentes - Tutoriel

* Faites un double clic sur combofix.exe & suivez les invites.

* Lors de son exécution, ComboFix va vérifier si la Console de récupération Microsoft Windows est installée. Avec des infections comme celles d'aujourd'hui, il est fortement conseillé de l'avoir pré-installée sur votre PC avant toute suppression de nuisibles. Elle vous permettra de démarrer dans un mode spécial, de récupération (réparation), qui nous permet de vous aider plus facilement si jamais votre ordinateur rencontre un problème après une tentative de nettoyage.

* Suivez les invites pour permettre à ComboFix de télécharger et installer la Console de récupération Microsoft Windows, et lorsque cela vous est demandé, acceptez le Contrat de Licence Utilisateur Final pour installer la Console de récupération Microsoft Windows.

**Note importante: Si la Console de récupération Microsoft Windows est déjà installée, ComboFix continuera ses procédures de suppression de nuisibles.

* Une fois que la Console de récupération Microsoft Windows est installée via ComboFix, vous devriez voir le message suivant:

* Cliquez sur Oui/Yes, pour poursuivre avec la recherche de nuisibles.

* Lorsque l'outil aura terminé, il vous affichera un rapport. Veuillez copier le contenu de C:\ComboFix.txt dans votre prochaine réponse.

voila le rapport de combofix:

ComboFix 10-01-29.09 - jean-françois 30/01/2010 16:45:26.1.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.535 [GMT 1:00]
Lancé depuis: c:\documents and settings\jean-françois\Bureau\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskSearch\bin\DefaultSearch.dll
c:\program files\iWin Games\iWinGamesHookIE.dll
c:\program files\iWin\tbiWi1.dll
C:\Thumbs.db
c:\windows\Downloaded Program Files\popcaploader.inf
c:\windows\system32\SIntf16.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_WINSVC
-------\Service_Boonty Games

((((((((((((((((((((((((((((( Fichiers créés du 2009-12-28 au 2010-01-30 ))))))))))))))))))))))))))))))))))))
.

2010-01-30 14:15 . 2010-01-30 14:15 -------- d-----w- c:\program files\ReviverSoft
2010-01-30 14:15 . 2010-01-30 14:15 -------- d-----w- c:\documents and settings\All Users\Application Data\ReviverSoft
2010-01-30 13:39 . 2010-01-30 13:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-01-30 11:17 . 2010-01-30 11:17 -------- d-----w- C:\rsit
2010-01-30 09:11 . 2010-01-30 09:19 -------- d-----w- c:\program files\ERUNT
2010-01-30 07:04 . 2010-01-30 07:04 -------- d-----w- c:\program files\Cajun Cop - Le Casse des Bijouteries
2010-01-30 04:57 . 2010-01-30 04:57 -------- d-----w- c:\documents and settings\All Users\Application Data\The Mirror Mysteries
2010-01-24 14:31 . 2010-01-24 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Million
2010-01-21 07:08 . 2010-01-21 07:08 -------- d-----w- c:\program files\Dr. Lynch - Grave Secrets
2010-01-21 07:02 . 2010-01-21 07:02 -------- d-----w- c:\program files\James Patterson's Women's Murder Club - Twice in a Blue Moon
2010-01-21 06:56 . 2010-01-21 06:57 -------- d-----w- c:\program files\Superior Save
2010-01-21 06:52 . 2010-01-21 06:53 -------- d-----w- c:\program files\Escape the Museum 2
2010-01-21 06:35 . 2010-01-21 06:36 -------- d-----w- c:\program files\Agatha Christie - Dead Man's Folly
2010-01-21 06:22 . 2010-01-21 06:25 -------- d-----w- c:\program files\Cassandra's Journey 2 - The Fifth Sun of Nostradamus
2010-01-21 06:15 . 2010-01-21 06:16 -------- d-----w- c:\program files\Herissons de l'Espace
2010-01-21 06:13 . 2010-01-21 06:15 -------- d-----w- c:\program files\Legendes du Far West - Golden Hill
2010-01-21 06:01 . 2010-01-21 06:01 -------- d-----w- c:\program files\Youda Legend - The Golden Bird of Paradise
2010-01-21 05:51 . 2010-01-21 05:54 -------- d-----w- c:\program files\The Fall Trilogy - Chapter 1
2010-01-21 05:46 . 2010-01-21 05:48 -------- d-----w- c:\program files\Mary Kay Andrews - The Fixer Upper
2010-01-18 14:01 . 2010-01-18 14:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Valusoft
2010-01-15 10:41 . 2010-01-15 10:41 -------- d-----r- c:\documents and settings\LocalService\Mes documents
2010-01-15 10:41 . 2010-01-15 10:41 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer
2010-01-14 15:10 . 2010-01-30 15:50 -------- d-----w- c:\program files\iWin Games
2010-01-13 11:04 . 2010-01-13 11:04 -------- d-----w- c:\program files\Samantha Swift - Mystery From Atlantis
2010-01-13 08:36 . 2010-01-13 08:37 -------- d-----w- c:\program files\Veronica Rivers - The Order Of Conspiracy
2010-01-13 08:29 . 2010-01-13 08:30 -------- d-----w- c:\program files\Parking Dash
2010-01-13 08:28 . 2010-01-13 08:28 -------- d-----w- c:\program files\The Mirror Mysteries
2010-01-13 08:23 . 2010-01-13 08:27 -------- d-----w- c:\program files\Dark Tales - Edgar Allan Poe`s Murders in the Rue Morgue
2010-01-13 06:31 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-09 17:21 . 2010-01-09 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Far Mills
2010-01-02 12:21 . 2010-01-02 12:21 -------- d-----w- c:\documents and settings\All Users\Application Data\GOA
2010-01-02 07:57 . 2010-01-26 14:54 -------- d-----w- c:\program files\Circle Dvelopement

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-30 15:54 . 2009-10-21 15:06 -------- d-----w- c:\program files\Steam
2010-01-30 15:50 . 2009-06-23 07:49 -------- d-----w- c:\program files\iWin
2010-01-30 13:42 . 2007-12-23 11:19 -------- d-----w- c:\program files\Alwil Software
2010-01-30 13:02 . 2007-12-26 08:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-30 12:25 . 2008-01-02 14:45 -------- d-----w- c:\documents and settings\All Users\Application Data\BigFishGamesCache
2010-01-30 10:30 . 2007-12-29 12:07 -------- d-----w- c:\program files\Microsoft Works
2010-01-30 10:30 . 2007-12-27 12:58 -------- d-----w- c:\program files\OpenOffice.org 2.3
2010-01-30 07:04 . 2010-01-30 07:01 59025160 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5327T1L4\setup_gF5327T1L4_d771361179_l4_s5.exe
2010-01-30 07:00 . 2009-06-23 06:43 -------- d-----w- c:\program files\iWin.com
2010-01-30 05:59 . 2008-02-21 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games
2010-01-29 17:01 . 2008-02-19 11:06 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst
2010-01-28 22:09 . 2008-07-12 05:47 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-01-28 22:09 . 2008-07-12 05:47 152672 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-28 21:57 . 2008-07-12 05:47 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-28 21:57 . 2008-07-12 05:47 163280 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-28 21:54 . 2008-07-12 05:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-28 21:54 . 2008-07-12 05:47 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-28 21:54 . 2008-07-12 05:47 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-28 21:54 . 2008-07-12 05:47 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-28 21:53 . 2008-07-12 05:47 28240 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-27 17:39 . 2009-12-01 17:52 -------- d-----w- c:\program files\Wakfu
2010-01-27 17:35 . 2008-02-13 17:59 -------- d-----w- c:\program files\Fichiers communs\Adobe
2010-01-26 14:08 . 2009-12-13 12:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-26 14:07 . 2010-01-26 14:07 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-22 10:28 . 2008-09-27 15:16 -------- d-----w- c:\program files\LucasArts
2010-01-22 10:28 . 2007-12-25 20:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-22 08:57 . 2008-04-12 17:20 -------- d-----w- c:\program files\Zylom Games
2010-01-21 07:08 . 2010-01-21 07:02 96708608 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F2717T1L4\setup_gF2717T1L4_d759996162_l4_s5.exe
2010-01-21 07:02 . 2010-01-21 06:56 95981992 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5355T1L4\setup_gF5355T1L4_d748577268_l4_s5.exe
2010-01-21 06:22 . 2010-01-21 06:15 113287824 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5376T1L1\setup_gF5376T1L1_d741217747_l1_s1.exe
2010-01-21 06:12 . 2010-01-21 06:01 184643328 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5201T1L4\setup_gF5201T1L4_d733003332_l4_s5.exe
2010-01-21 05:51 . 2010-01-21 05:46 118524440 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5381T1L1\setup_gF5381T1L1_d752500029_l1_s1.exe
2010-01-21 05:27 . 2009-03-16 17:12 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-20 18:47 . 2008-03-22 16:26 -------- d-----w- c:\program files\BoontyGames
2010-01-13 08:36 . 2010-01-13 08:29 119798536 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5399T1L1\setup_gF5399T1L1_d752501528_l1_s1.exe
2010-01-13 08:29 . 2010-01-13 08:28 25676872 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F2691T1L4\setup_gF2691T1L4_d735384944_l4_s5.exe
2010-01-13 08:28 . 2010-01-13 08:23 81548320 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5378T1L1\setup_gF5378T1L1_d738324098_l1_s1.exe
2010-01-13 07:30 . 2008-01-02 14:45 -------- d-----w- c:\program files\bfgclient
2010-01-11 12:56 . 2008-02-21 14:41 40 ----a-w- c:\windows\popcinfo.dat
2010-01-09 14:47 . 2008-10-02 15:03 -------- d-----w- c:\program files\Oberon Media
2010-01-07 18:12 . 2008-11-06 18:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-07 15:07 . 2009-12-13 12:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-12-13 12:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 13:29 . 2009-11-02 17:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Gamers Digital
2010-01-02 07:57 . 2008-01-12 19:06 -------- d-----w- c:\program files\Messenger Plus! Live
2009-12-31 07:19 . 2007-12-26 08:21 -------- d-----w- c:\program files\GamesBar
2009-12-29 09:45 . 2009-12-29 09:45 -------- d-----w- c:\documents and settings\All Users\Application Data\iWin
2009-12-28 13:51 . 2009-12-28 13:50 -------- d-----w- c:\program files\Dofus 2
2009-12-25 19:11 . 2009-12-25 19:11 -------- d-----w- c:\program files\Trend Micro
2009-12-24 08:57 . 2009-12-24 08:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Little Games Company
2009-12-24 06:38 . 2007-12-23 19:14 -------- d-----w- c:\program files\Google
2009-12-22 17:15 . 2008-03-20 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\SugarGames
2009-12-22 07:48 . 2008-10-02 15:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Flood Light Games
2009-12-21 19:07 . 2004-08-05 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 17:26 . 2009-12-18 17:25 -------- d-----w- c:\program files\Totem Treasure 2
2009-12-18 17:12 . 2009-12-18 17:11 -------- d-----w- c:\program files\Echoes of the Past - Royal House of Stone
2009-12-18 16:54 . 2009-12-18 16:54 -------- d-----w- c:\program files\Rescue at Rajini Island
2009-12-18 16:38 . 2009-12-18 16:38 -------- d-----w- c:\program files\Hidden Magic
2009-12-16 11:13 . 2009-07-30 10:37 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-16 11:12 . 2009-07-30 10:36 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-16 11:12 . 2009-07-30 10:36 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-12-13 12:27 . 2009-12-13 12:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-13 11:32 . 2009-12-13 11:32 -------- d-----w- c:\program files\Hp
2009-12-12 15:48 . 2007-12-26 08:21 -------- d-----w- c:\documents and settings\All Users\Application Data\GamesBar
2009-12-11 15:28 . 2009-12-11 15:20 20458 ----a-w- c:\windows\hpoins01.dat
2009-12-11 15:28 . 2007-12-23 13:20 -------- d-----w- c:\program files\Hewlett-Packard
2009-12-11 15:28 . 2009-12-11 15:28 82380 ----a-w- c:\windows\system32\drivers\AFS2K.SYS
2009-12-09 07:36 . 2004-08-05 12:00 80856 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-09 07:36 . 2004-08-05 12:00 500814 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-07 11:58 . 2009-12-07 11:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Real Arcade
2009-12-07 11:57 . 2009-12-07 11:57 -------- d-----w- c:\program files\Fichiers communs\SWF Studio
2009-12-06 18:53 . 2009-12-06 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\MarcoPolo
2009-12-04 12:56 . 2008-10-23 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Alawar Stargaze
2009-12-03 07:59 . 2009-12-03 07:58 -------- d-----w- c:\program files\Marco Polo - Un Voyage Fantastique
2009-12-02 13:10 . 2009-11-07 10:33 -------- d-----w- c:\program files\Dofus
2009-12-01 19:19 . 2008-11-06 18:46 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-21 15:58 . 2004-08-05 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-19 19:24 . 2009-11-19 19:24 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-19 19:24 . 2009-11-19 19:24 93360 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys
2009-11-19 19:24 . 2009-11-19 19:24 554280 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\sbap.dll
2009-11-19 19:24 . 2009-10-15 18:40 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-11-19 19:24 . 2009-11-19 19:24 212480 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\VipreBridge.dll
2009-11-19 19:24 . 2009-11-19 19:24 283944 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Vipre.dll
2009-11-19 19:24 . 2009-11-19 19:24 1223976 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBTE.dll
2009-11-19 19:24 . 2009-11-19 19:24 242984 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBRE.dll
2009-11-16 14:50 . 2009-11-16 14:39 188399064 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5262T1L4\setup_gF5262T1L4_d689225799_l4_s5.exe
2009-11-16 14:03 . 2009-11-16 13:53 173389024 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5212T1L1\setup_gF5212T1L1_d647281969_l1_s1.exe
2009-11-16 13:53 . 2009-11-16 13:47 118216200 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5221T1L1\setup_gF5221T1L1_d643042530_l1_s1.exe
2009-11-16 13:32 . 2009-11-16 13:26 102013776 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5133T1L4\setup_gF5133T1L4_d686447302_l4_s5.exe
2009-11-16 13:26 . 2009-11-16 13:20 137156640 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5215T1L1\setup_gF5215T1L1_d643042176_l1_s1.exe
2009-11-16 13:10 . 2009-11-16 13:02 155245928 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5249T1L1\setup_gF5249T1L1_d662415066_l1_s1.exe
2008-03-03 09:22 . 2008-03-03 09:22 0 ----a-w- c:\program files\temp01
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-03 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Steam"="c:\program files\Steam\Steam.exe" [2009-10-24 1217808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-01-28 2757512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\jean-fran‡ois\Menu D‚marrer\Programmes\D‚marrage\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage d'Office.lnk
backup=c:\windows\pss\Démarrage d'Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Recherche accélérée.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Recherche accélérée.lnk
backup=c:\windows\pss\Microsoft Recherche accélérée.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=c:\documents and settings\jean-françois\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^wkcalrem.LNK]
path=c:\documents and settings\jean-françois\Menu Démarrer\Programmes\Démarrage\wkcalrem.LNK
backup=c:\windows\pss\wkcalrem.LNKStartup

[HKLM\~\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^Yahoo! Widgets.lnk]
path=c:\documents and settings\jean-françois\Menu Démarrer\Programmes\Démarrage\Yahoo! Widgets.lnk
backup=c:\windows\pss\Yahoo! Widgets.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-05-13 18:58 177472 ----a-w- c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 02:34 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CARPService]
2003-03-18 23:13 4608 ----a-r- c:\windows\system32\carpserv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 02:33 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 13:07 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-07-13 12:03 292128 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
2007-09-06 13:53 169264 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-03 03:46 13529088 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-03 03:46 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-03 03:46 1630208 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-02-23 16:13 77824 ----a-r- c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-12-06 11:55 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-01-03 11:44 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-01-07 20:02 185872 ----a-w- c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"Pml Driver HPZ12"=3 (0x3)
"NVSvc"=2 (0x2)
"Maxtor Sync Service"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"gusvc"=2 (0x2)
"Boonty Games"=3 (0x3)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"aswUpdSv"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\iWin Games\\iWinGames.exe"=
"c:\\Program Files\\iWin Games\\WebUpdater.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [15/10/2009 19:21 64288]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12/07/2008 06:47 163280]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12/07/2008 06:47 19024]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [16/03/2009 18:11 54752]
R2 iWinTrusted;iWinTrusted;c:\program files\iWin Games\iWinTrusted.exe [24/11/2009 20:43 78104]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1181328]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [23/12/2007 12:04 666368]
R3 IMT0521;Inmax USB IMT-0521 Smartcard Reader;c:\windows\system32\drivers\IMT0521.sys [07/07/2008 13:21 34825]
S2 gupdate1c9d21c2ba18bc;Service Google Update (gupdate1c9d21c2ba18bc);c:\program files\Google\Update\GoogleUpdate.exe [11/05/2009 10:36 133104]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
S3 idrmkl;idrmkl;\??\c:\docume~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys --> c:\docume~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys [?]
S3 ovt530;Webcam Deluxe;c:\windows\system32\Drivers\ov530vid.sys --> c:\windows\system32\Drivers\ov530vid.sys [?]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader;c:\windows\system32\drivers\SCR33X2K.sys [07/07/2008 13:21 63608]
.
Contenu du dossier 'Tâches planifiées'

2010-01-30 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-30 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-30 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-30 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-01-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-23 16:08]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-11 09:36]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-11 09:36]

2010-01-30 c:\windows\Tasks\Registry Reviver-jean-françois-Startup.job
- c:\program files\ReviverSoft\Registry Reviver\RegistryReviver.exe [2010-01-12 09:14]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game01.zylom.com/activex/zylomgamesplayer.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\documents and settings\jean-françois\Application Data\Mozilla\Firefox\Profiles\sym756yv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Searcheo
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

URLSearchHooks-{C94E154B-1459-4A47-966B-4B843BEFC7DB} - c:\program files\AskSearch\bin\DefaultSearch.dll
URLSearchHooks-{ce0c2586-da36-452b-acdb-320d9bcb19bf} - c:\program files\iWin\tbiWi1.dll
BHO-{8CA5ED52-F3FB-4414-A105-2E3491156990} - c:\program files\iWin Games\iWinGamesHookIE.dll
BHO-{ce0c2586-da36-452b-acdb-320d9bcb19bf} - c:\program files\iWin\tbiWi1.dll
Toolbar-{ce0c2586-da36-452b-acdb-320d9bcb19bf} - c:\program files\iWin\tbiWi1.dll
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
WebBrowser-{CE0C2586-DA36-452B-ACDB-320D9BCB19BF} - c:\program files\iWin\tbiWi1.dll

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-30 16:55
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1085031214-329068152-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:a3,59,f2,75,e8,71,d1,ad,b5,f6,f9,ab,19,a7,29,b2,a0,95,b2,71,77,c4,d4,
14,69,2f,95,7b,9d,b8,f9,2f,f3,8a,ea,c8,2d,e7,d1,ad,84,d7,71,aa,5e,1c,20,41,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d

[HKEY_USERS\S-1-5-21-1085031214-329068152-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:f9,33,41,a5,06,c3,7c,97,26,24,55,de,e3,c0,41,d1,27,ce,f1,b8,8d,
ac,5a,09,82,e1,48,d2,81,f6,a5,a3,6b,38,b7,d4,35,e0,1a,12,e2,93,8f,0a,b0,39,\
"rkeysecu"=hex:22,ee,e2,b3,26,47,e7,ab,64,5f,6b,fe,11,a5,ec,bd
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(3420)
c:\windows\system32\webcheck.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Hercules\WebCam Station\PhotoImpression\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Widget Carrefour\Widget Carrefour.exe
c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Heure de fin: 2010-01-30 17:02:17 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-30 16:02

Avant-CF: 49 385 676 800 octets libres
Après-CF: 49 823 666 176 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Édition familiale" /noexecute=optin /fastdetect

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 8C9E53CA2ECE217C47E7494126763B55

bonsoir,

on poursuit

Avis aux autres lecteurs, ce code a été rédigé spécialement pour cet utilisateur, il serait dangereux de le réutiliser sur votre ordinateur !

/!\ Désactivez votre antivirus / antispyware résident / TeaTimer de Spybot (si présent)
Désactiver les protections résidentes - Tutoriel
* Fermez tous les navigateurs ouverts

* Sélectionnez et copiez (Ctrl+C) le texte en citation ci-dessous :

driver::idrmkl

file::
c:\docume~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys
c:\program files\Circle Dvelopement
c:\program files\GamesBar
c:\documents and settings\All Users\Application Data\GamesBar

• Ouvrez le Bloc-Notes puis collez (Ctrl+V) le texte précédemment copié. (Bloc-Notes: démarrer > Tous les programmes > Accessoires > Bloc-Notes...)
• Sauvegardez ce fichier sous le nom de: CFScript.txt au même endroit que ComboFix.exe
• Comme l'image le montre, fais glisser CFScript.txt sur ComboFix.exe

• Une fenêtre bleue va apparaître; au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
• Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises, c'est normal!
• Ne touche à rien tant que le scan n'est pas terminé.
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu dans ton prochain message.
• Si le fichier ne s'ouvre pas, tu le trouveras dans -> C:\ComboFix.txt

bonjour ,voila la suite :

ComboFix 10-01-30.04 - jean-françois 31/01/2010 10:17:02.2.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.410 [GMT 1:00]
Lancé depuis: c:\documents and settings\jean-françois\Bureau\ComboFix.exe
Commutateurs utilisés
c:\documents and settings\jean-françois\Bureau\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE
:: "c:\docume~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys"
"c:\documents and settings\All Users\Application Data\GamesBar"
"c:\program files\Circle Dvelopement"
"c:\program files\GamesBar"
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-12-28 au 2010-01-31 ))))))))))))))))))))))))))))))))))))
.

2010-01-30 13:39 . 2010-01-30 13:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-01-30 11:17 . 2010-01-30 11:17 -------- d-----w- C:\rsit
2010-01-30 09:11 . 2010-01-30 09:19 -------- d-----w- c:\program files\ERUNT
2010-01-30 07:04 . 2010-01-30 07:04 -------- d-----w- c:\program files\Cajun Cop - Le Casse des Bijouteries
2010-01-30 07:01 . 2010-01-30 07:04 59025160 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5327T1L4\setup_gF5327T1L4_d771361179_l4_s5.exe
2010-01-30 04:57 . 2010-01-30 04:57 -------- d-----w- c:\documents and settings\All Users\Application Data\The Mirror Mysteries
2010-01-26 14:07 . 2010-01-26 14:07 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-24 14:31 . 2010-01-24 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Million
2010-01-21 07:08 . 2010-01-21 07:08 -------- d-----w- c:\program files\Dr. Lynch - Grave Secrets
2010-01-21 07:02 . 2010-01-21 07:02 -------- d-----w- c:\program files\James Patterson's Women's Murder Club - Twice in a Blue Moon
2010-01-21 07:02 . 2010-01-21 07:08 96708608 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F2717T1L4\setup_gF2717T1L4_d759996162_l4_s5.exe
2010-01-21 06:56 . 2010-01-21 07:02 95981992 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5355T1L4\setup_gF5355T1L4_d748577268_l4_s5.exe
2010-01-21 06:56 . 2010-01-21 06:57 -------- d-----w- c:\program files\Superior Save
2010-01-21 06:52 . 2010-01-21 06:53 -------- d-----w- c:\program files\Escape the Museum 2
2010-01-21 06:35 . 2010-01-21 06:36 -------- d-----w- c:\program files\Agatha Christie - Dead Man's Folly
2010-01-21 06:22 . 2010-01-21 06:25 -------- d-----w- c:\program files\Cassandra's Journey 2 - The Fifth Sun of Nostradamus
2010-01-21 06:15 . 2010-01-21 06:22 113287824 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5376T1L1\setup_gF5376T1L1_d741217747_l1_s1.exe
2010-01-21 06:15 . 2010-01-21 06:16 -------- d-----w- c:\program files\Herissons de l'Espace
2010-01-21 06:13 . 2010-01-21 06:15 -------- d-----w- c:\program files\Legendes du Far West - Golden Hill
2010-01-21 06:01 . 2010-01-21 06:12 184643328 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5201T1L4\setup_gF5201T1L4_d733003332_l4_s5.exe
2010-01-21 06:01 . 2010-01-21 06:01 -------- d-----w- c:\program files\Youda Legend - The Golden Bird of Paradise
2010-01-21 05:51 . 2010-01-21 05:54 -------- d-----w- c:\program files\The Fall Trilogy - Chapter 1
2010-01-21 05:46 . 2010-01-21 05:48 -------- d-----w- c:\program files\Mary Kay Andrews - The Fixer Upper
2010-01-21 05:46 . 2010-01-21 05:51 118524440 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5381T1L1\setup_gF5381T1L1_d752500029_l1_s1.exe
2010-01-18 14:01 . 2010-01-18 14:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Valusoft
2010-01-15 10:41 . 2010-01-15 10:41 -------- d-----r- c:\documents and settings\LocalService\Mes documents
2010-01-15 10:41 . 2010-01-15 10:41 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer
2010-01-14 15:10 . 2010-01-30 15:50 -------- d-----w- c:\program files\iWin Games
2010-01-13 11:04 . 2010-01-13 11:04 -------- d-----w- c:\program files\Samantha Swift - Mystery From Atlantis
2010-01-13 08:36 . 2010-01-13 08:37 -------- d-----w- c:\program files\Veronica Rivers - The Order Of Conspiracy
2010-01-13 08:29 . 2010-01-13 08:30 -------- d-----w- c:\program files\Parking Dash
2010-01-13 08:29 . 2010-01-13 08:36 119798536 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5399T1L1\setup_gF5399T1L1_d752501528_l1_s1.exe
2010-01-13 08:28 . 2010-01-13 08:28 -------- d-----w- c:\program files\The Mirror Mysteries
2010-01-13 08:28 . 2010-01-13 08:29 25676872 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F2691T1L4\setup_gF2691T1L4_d735384944_l4_s5.exe
2010-01-13 08:23 . 2010-01-13 08:27 -------- d-----w- c:\program files\Dark Tales - Edgar Allan Poe`s Murders in the Rue Morgue
2010-01-13 08:23 . 2010-01-13 08:28 81548320 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5378T1L1\setup_gF5378T1L1_d738324098_l1_s1.exe
2010-01-13 06:31 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-09 17:21 . 2010-01-09 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Far Mills
2010-01-02 12:21 . 2010-01-02 12:21 -------- d-----w- c:\documents and settings\All Users\Application Data\GOA
2010-01-02 07:57 . 2010-01-26 14:54 -------- d-----w- c:\program files\Circle Dvelopement

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-31 08:55 . 2009-10-21 15:06 -------- d-----w- c:\program files\Steam
2010-01-30 19:38 . 2009-12-01 17:52 -------- d-----w- c:\program files\Wakfu
2010-01-30 15:50 . 2009-06-23 07:49 -------- d-----w- c:\program files\iWin
2010-01-30 13:42 . 2007-12-23 11:19 -------- d-----w- c:\program files\Alwil Software
2010-01-30 13:02 . 2007-12-26 08:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-30 12:25 . 2008-01-02 14:45 -------- d-----w- c:\documents and settings\All Users\Application Data\BigFishGamesCache
2010-01-30 10:30 . 2007-12-29 12:07 -------- d-----w- c:\program files\Microsoft Works
2010-01-30 10:30 . 2007-12-27 12:58 -------- d-----w- c:\program files\OpenOffice.org 2.3
2010-01-30 07:00 . 2009-06-23 06:43 -------- d-----w- c:\program files\iWin.com
2010-01-30 05:59 . 2008-02-21 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games
2010-01-29 17:01 . 2008-02-19 11:06 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst
2010-01-28 22:09 . 2008-07-12 05:47 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-01-28 22:09 . 2008-07-12 05:47 152672 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-28 21:57 . 2008-07-12 05:47 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-28 21:57 . 2008-07-12 05:47 163280 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-28 21:54 . 2008-07-12 05:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-28 21:54 . 2008-07-12 05:47 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-28 21:54 . 2008-07-12 05:47 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-28 21:54 . 2008-07-12 05:47 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-28 21:53 . 2008-07-12 05:47 28240 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-27 17:35 . 2008-02-13 17:59 -------- d-----w- c:\program files\Fichiers communs\Adobe
2010-01-26 14:08 . 2009-12-13 12:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-22 10:28 . 2008-09-27 15:16 -------- d-----w- c:\program files\LucasArts
2010-01-22 10:28 . 2007-12-25 20:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-22 08:57 . 2008-04-12 17:20 -------- d-----w- c:\program files\Zylom Games
2010-01-21 05:27 . 2009-03-16 17:12 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-20 18:47 . 2008-03-22 16:26 -------- d-----w- c:\program files\BoontyGames
2010-01-13 07:30 . 2008-01-02 14:45 -------- d-----w- c:\program files\bfgclient
2010-01-11 12:56 . 2008-02-21 14:41 40 ----a-w- c:\windows\popcinfo.dat
2010-01-09 14:47 . 2008-10-02 15:03 -------- d-----w- c:\program files\Oberon Media
2010-01-07 18:12 . 2008-11-06 18:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-07 15:07 . 2009-12-13 12:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-12-13 12:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 13:29 . 2009-11-02 17:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Gamers Digital
2010-01-02 07:57 . 2008-01-12 19:06 -------- d-----w- c:\program files\Messenger Plus! Live
2009-12-31 07:19 . 2007-12-26 08:21 -------- d-----w- c:\program files\GamesBar
2009-12-29 09:45 . 2009-12-29 09:45 -------- d-----w- c:\documents and settings\All Users\Application Data\iWin
2009-12-28 13:51 . 2009-12-28 13:50 -------- d-----w- c:\program files\Dofus 2
2009-12-25 19:11 . 2009-12-25 19:11 -------- d-----w- c:\program files\Trend Micro
2009-12-24 08:57 . 2009-12-24 08:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Little Games Company
2009-12-24 06:38 . 2007-12-23 19:14 -------- d-----w- c:\program files\Google
2009-12-22 17:15 . 2008-03-20 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\SugarGames
2009-12-22 07:48 . 2008-10-02 15:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Flood Light Games
2009-12-21 19:07 . 2004-08-05 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-18 17:26 . 2009-12-18 17:25 -------- d-----w- c:\program files\Totem Treasure 2
2009-12-18 17:12 . 2009-12-18 17:11 -------- d-----w- c:\program files\Echoes of the Past - Royal House of Stone
2009-12-18 16:54 . 2009-12-18 16:54 -------- d-----w- c:\program files\Rescue at Rajini Island
2009-12-18 16:38 . 2009-12-18 16:38 -------- d-----w- c:\program files\Hidden Magic
2009-12-16 11:13 . 2009-07-30 10:37 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-16 11:12 . 2009-07-30 10:36 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-16 11:12 . 2009-07-30 10:36 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-12-13 12:27 . 2009-12-13 12:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-13 11:32 . 2009-12-13 11:32 -------- d-----w- c:\program files\Hp
2009-12-12 15:48 . 2007-12-26 08:21 -------- d-----w- c:\documents and settings\All Users\Application Data\GamesBar
2009-12-11 15:28 . 2009-12-11 15:20 20458 ----a-w- c:\windows\hpoins01.dat
2009-12-11 15:28 . 2007-12-23 13:20 -------- d-----w- c:\program files\Hewlett-Packard
2009-12-11 15:28 . 2009-12-11 15:28 82380 ----a-w- c:\windows\system32\drivers\AFS2K.SYS
2009-12-09 07:36 . 2004-08-05 12:00 80856 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-09 07:36 . 2004-08-05 12:00 500814 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-07 11:58 . 2009-12-07 11:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Real Arcade
2009-12-07 11:57 . 2009-12-07 11:57 -------- d-----w- c:\program files\Fichiers communs\SWF Studio
2009-12-06 18:53 . 2009-12-06 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\MarcoPolo
2009-12-04 12:56 . 2008-10-23 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Alawar Stargaze
2009-12-03 07:59 . 2009-12-03 07:58 -------- d-----w- c:\program files\Marco Polo - Un Voyage Fantastique
2009-12-02 13:10 . 2009-11-07 10:33 -------- d-----w- c:\program files\Dofus
2009-11-21 15:58 . 2004-08-05 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-19 19:24 . 2009-11-19 19:24 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-19 19:24 . 2009-11-19 19:24 93360 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys
2009-11-19 19:24 . 2009-11-19 19:24 554280 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\sbap.dll
2009-11-19 19:24 . 2009-10-15 18:40 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-11-19 19:24 . 2009-11-19 19:24 212480 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\VipreBridge.dll
2009-11-19 19:24 . 2009-11-19 19:24 283944 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Vipre.dll
2009-11-19 19:24 . 2009-11-19 19:24 1223976 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBTE.dll
2009-11-19 19:24 . 2009-11-19 19:24 242984 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBRE.dll
2009-11-16 14:50 . 2009-11-16 14:39 188399064 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5262T1L4\setup_gF5262T1L4_d689225799_l4_s5.exe
2009-11-16 14:03 . 2009-11-16 13:53 173389024 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5212T1L1\setup_gF5212T1L1_d647281969_l1_s1.exe
2009-11-16 13:53 . 2009-11-16 13:47 118216200 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5221T1L1\setup_gF5221T1L1_d643042530_l1_s1.exe
2009-11-16 13:32 . 2009-11-16 13:26 102013776 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5133T1L4\setup_gF5133T1L4_d686447302_l4_s5.exe
2009-11-16 13:26 . 2009-11-16 13:20 137156640 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5215T1L1\setup_gF5215T1L1_d643042176_l1_s1.exe
2009-11-16 13:10 . 2009-11-16 13:02 155245928 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5249T1L1\setup_gF5249T1L1_d662415066_l1_s1.exe
2008-03-03 09:22 . 2008-03-03 09:22 0 ----a-w- c:\program files\temp01
.

((((((((((((((((((((((((((((( SnapShot@2010-01-30_15.54.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-30 19:51 . 2010-01-30 19:51 7358 c:\windows\Installer\{51D718D1-DA81-4FAD-919F-5C1CE3C33379}\ARPPRODUCTICON.exe
+ 2010-01-31 08:55 . 2010-01-31 08:55 454656 c:\windows\ERDNT\AutoBackup\31-01-2010\Users\00000002\UsrClass.dat
+ 2010-01-31 08:55 . 2005-10-20 11:02 163328 c:\windows\ERDNT\AutoBackup\31-01-2010\ERDNT.EXE
+ 2010-01-30 19:51 . 2010-01-30 19:51 22697984 c:\windows\Installer\d028a5.msi
+ 2010-01-31 08:55 . 2010-01-31 08:55 11878400 c:\windows\ERDNT\AutoBackup\31-01-2010\Users\00000001\ntuser.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-03 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Steam"="c:\program files\Steam\Steam.exe" [2009-10-24 1217808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-01-28 2757512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\jean-fran‡ois\Menu D‚marrer\Programmes\D‚marrage\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage d'Office.lnk
backup=c:\windows\pss\Démarrage d'Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Recherche accélérée.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Recherche accélérée.lnk
backup=c:\windows\pss\Microsoft Recherche accélérée.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=c:\documents and settings\jean-françois\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^wkcalrem.LNK]
path=c:\documents and settings\jean-françois\Menu Démarrer\Programmes\Démarrage\wkcalrem.LNK
backup=c:\windows\pss\wkcalrem.LNKStartup

[HKLM\~\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^Yahoo! Widgets.lnk]
path=c:\documents and settings\jean-françois\Menu Démarrer\Programmes\Démarrage\Yahoo! Widgets.lnk
backup=c:\windows\pss\Yahoo! Widgets.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-05-13 18:58 177472 ----a-w- c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 02:34 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CARPService]
2003-03-18 23:13 4608 ----a-r- c:\windows\system32\carpserv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 02:33 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 13:07 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-07-13 12:03 292128 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
2007-09-06 13:53 169264 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-03 03:46 13529088 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-03 03:46 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-03 03:46 1630208 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-02-23 16:13 77824 ----a-r- c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-12-06 11:55 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-01-03 11:44 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-01-07 20:02 185872 ----a-w- c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"Pml Driver HPZ12"=3 (0x3)
"NVSvc"=2 (0x2)
"Maxtor Sync Service"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"gusvc"=2 (0x2)
"Boonty Games"=3 (0x3)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"aswUpdSv"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\iWin Games\\iWinGames.exe"=
"c:\\Program Files\\iWin Games\\WebUpdater.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [15/10/2009 19:21 64288]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12/07/2008 06:47 163280]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12/07/2008 06:47 19024]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [16/03/2009 18:11 54752]
R2 iWinTrusted;iWinTrusted;c:\program files\iWin Games\iWinTrusted.exe [24/11/2009 20:43 78104]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [23/12/2007 12:04 666368]
R3 IMT0521;Inmax USB IMT-0521 Smartcard Reader;c:\windows\system32\drivers\IMT0521.sys [07/07/2008 13:21 34825]
S2 gupdate1c9d21c2ba18bc;Service Google Update (gupdate1c9d21c2ba18bc);c:\program files\Google\Update\GoogleUpdate.exe [11/05/2009 10:36 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1181328]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
S3 idrmkl;idrmkl;\??\c:\docume~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys --> c:\docume~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys [?]
S3 ovt530;Webcam Deluxe;c:\windows\system32\Drivers\ov530vid.sys --> c:\windows\system32\Drivers\ov530vid.sys [?]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader;c:\windows\system32\drivers\SCR33X2K.sys [07/07/2008 13:21 63608]
.
Contenu du dossier 'Tâches planifiées'

2010-01-31 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-31 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-31 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-31 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-01-31 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-23 16:08]

2010-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-11 09:36]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-11 09:36]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game01.zylom.com/activex/zylomgamesplayer.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\documents and settings\jean-françois\Application Data\Mozilla\Firefox\Profiles\sym756yv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Searcheo
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-31 10:23
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1085031214-329068152-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:a3,59,f2,75,e8,71,d1,ad,b5,f6,f9,ab,19,a7,29,b2,a0,95,b2,71,77,c4,d4,
14,69,2f,95,7b,9d,b8,f9,2f,f3,8a,ea,c8,2d,e7,d1,ad,84,d7,71,aa,5e,1c,20,41,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d

[HKEY_USERS\S-1-5-21-1085031214-329068152-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:f9,33,41,a5,06,c3,7c,97,26,24,55,de,e3,c0,41,d1,27,ce,f1,b8,8d,
ac,5a,09,82,e1,48,d2,81,f6,a5,a3,6b,38,b7,d4,35,e0,1a,12,e2,93,8f,0a,b0,39,\
"rkeysecu"=hex:22,ee,e2,b3,26,47,e7,ab,64,5f,6b,fe,11,a5,ec,bd
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(1284)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2010-01-31 10:27:00
ComboFix-quarantined-files.txt 2010-01-31 09:26
ComboFix2.txt 2010-01-30 16:02

Avant-CF: 46 277 951 488 octets libres
Après-CF: 46 250 094 592 octets libres

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 0F355A8B5210CB0851F37FE33FE33F22

je refait un scan malwarebytes et rsit,par contre quand j'ai glissé le fichier sur comboscript je n'ai pas eu de fenetre bleu avec le message "type 1 to continue,or 2 to abort" seulement une mise a jour de combo et il a demarré de suite;

voila merci a tout a l'heure

voila le rapport malwarebytes:

ComboFix 10-01-30.04 - jean-françois 31/01/2010 10:17:02.2.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.410 [GMT 1:00]
Lancé depuis: c:\documents and settings\jean-françois\Bureau\ComboFix.exe
Commutateurs utilisés
c:\documents and settings\jean-françois\Bureau\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE
:: "c:\docume~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys"
"c:\documents and settings\All Users\Application Data\GamesBar"
"c:\program files\Circle Dvelopement"
"c:\program files\GamesBar"
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-12-28 au 2010-01-31 ))))))))))))))))))))))))))))))))))))
.

2010-01-30 13:39 . 2010-01-30 13:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-01-30 11:17 . 2010-01-30 11:17 -------- d-----w- C:\rsit
2010-01-30 09:11 . 2010-01-30 09:19 -------- d-----w- c:\program files\ERUNT
2010-01-30 07:04 . 2010-01-30 07:04 -------- d-----w- c:\program files\Cajun Cop - Le Casse des Bijouteries
2010-01-30 07:01 . 2010-01-30 07:04 59025160 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5327T1L4\setup_gF5327T1L4_d771361179_l4_s5.exe
2010-01-30 04:57 . 2010-01-30 04:57 -------- d-----w- c:\documents and settings\All Users\Application Data\The Mirror Mysteries
2010-01-26 14:07 . 2010-01-26 14:07 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-24 14:31 . 2010-01-24 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Million
2010-01-21 07:08 . 2010-01-21 07:08 -------- d-----w- c:\program files\Dr. Lynch - Grave Secrets
2010-01-21 07:02 . 2010-01-21 07:02 -------- d-----w- c:\program files\James Patterson's Women's Murder Club - Twice in a Blue Moon
2010-01-21 07:02 . 2010-01-21 07:08 96708608 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F2717T1L4\setup_gF2717T1L4_d759996162_l4_s5.exe
2010-01-21 06:56 . 2010-01-21 07:02 95981992 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5355T1L4\setup_gF5355T1L4_d748577268_l4_s5.exe
2010-01-21 06:56 . 2010-01-21 06:57 -------- d-----w- c:\program files\Superior Save
2010-01-21 06:52 . 2010-01-21 06:53 -------- d-----w- c:\program files\Escape the Museum 2
2010-01-21 06:35 . 2010-01-21 06:36 -------- d-----w- c:\program files\Agatha Christie - Dead Man's Folly
2010-01-21 06:22 . 2010-01-21 06:25 -------- d-----w- c:\program files\Cassandra's Journey 2 - The Fifth Sun of Nostradamus
2010-01-21 06:15 . 2010-01-21 06:22 113287824 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5376T1L1\setup_gF5376T1L1_d741217747_l1_s1.exe
2010-01-21 06:15 . 2010-01-21 06:16 -------- d-----w- c:\program files\Herissons de l'Espace
2010-01-21 06:13 . 2010-01-21 06:15 -------- d-----w- c:\program files\Legendes du Far West - Golden Hill
2010-01-21 06:01 . 2010-01-21 06:12 184643328 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5201T1L4\setup_gF5201T1L4_d733003332_l4_s5.exe
2010-01-21 06:01 . 2010-01-21 06:01 -------- d-----w- c:\program files\Youda Legend - The Golden Bird of Paradise
2010-01-21 05:51 . 2010-01-21 05:54 -------- d-----w- c:\program files\The Fall Trilogy - Chapter 1
2010-01-21 05:46 . 2010-01-21 05:48 -------- d-----w- c:\program files\Mary Kay Andrews - The Fixer Upper
2010-01-21 05:46 . 2010-01-21 05:51 118524440 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5381T1L1\setup_gF5381T1L1_d752500029_l1_s1.exe
2010-01-18 14:01 . 2010-01-18 14:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Valusoft
2010-01-15 10:41 . 2010-01-15 10:41 -------- d-----r- c:\documents and settings\LocalService\Mes documents
2010-01-15 10:41 . 2010-01-15 10:41 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer
2010-01-14 15:10 . 2010-01-30 15:50 -------- d-----w- c:\program files\iWin Games
2010-01-13 11:04 . 2010-01-13 11:04 -------- d-----w- c:\program files\Samantha Swift - Mystery From Atlantis
2010-01-13 08:36 . 2010-01-13 08:37 -------- d-----w- c:\program files\Veronica Rivers - The Order Of Conspiracy
2010-01-13 08:29 . 2010-01-13 08:30 -------- d-----w- c:\program files\Parking Dash
2010-01-13 08:29 . 2010-01-13 08:36 119798536 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5399T1L1\setup_gF5399T1L1_d752501528_l1_s1.exe
2010-01-13 08:28 . 2010-01-13 08:28 -------- d-----w- c:\program files\The Mirror Mysteries
2010-01-13 08:28 . 2010-01-13 08:29 25676872 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F2691T1L4\setup_gF2691T1L4_d735384944_l4_s5.exe
2010-01-13 08:23 . 2010-01-13 08:27 -------- d-----w- c:\program files\Dark Tales - Edgar Allan Poe`s Murders in the Rue Morgue
2010-01-13 08:23 . 2010-01-13 08:28 81548320 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5378T1L1\setup_gF5378T1L1_d738324098_l1_s1.exe
2010-01-13 06:31 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-09 17:21 . 2010-01-09 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Far Mills
2010-01-02 12:21 . 2010-01-02 12:21 -------- d-----w- c:\documents and settings\All Users\Application Data\GOA
2010-01-02 07:57 . 2010-01-26 14:54 -------- d-----w- c:\program files\Circle Dvelopement

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-31 08:55 . 2009-10-21 15:06 -------- d-----w- c:\program files\Steam
2010-01-30 19:38 . 2009-12-01 17:52 -------- d-----w- c:\program files\Wakfu
2010-01-30 15:50 . 2009-06-23 07:49 -------- d-----w- c:\program files\iWin
2010-01-30 13:42 . 2007-12-23 11:19 -------- d-----w- c:\program files\Alwil Software
2010-01-30 13:02 . 2007-12-26 08:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-30 12:25 . 2008-01-02 14:45 -------- d-----w- c:\documents and settings\All Users\Application Data\BigFishGamesCache
2010-01-30 10:30 . 2007-12-29 12:07 -------- d-----w- c:\program files\Microsoft Works
2010-01-30 10:30 . 2007-12-27 12:58 -------- d-----w- c:\program files\OpenOffice.org 2.3
2010-01-30 07:00 . 2009-06-23 06:43 -------- d-----w- c:\program files\iWin.com
2010-01-30 05:59 . 2008-02-21 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games
2010-01-29 17:01 . 2008-02-19 11:06 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst
2010-01-28 22:09 . 2008-07-12 05:47 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-01-28 22:09 . 2008-07-12 05:47 152672 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-28 21:57 . 2008-07-12 05:47 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-28 21:57 . 2008-07-12 05:47 163280 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-28 21:54 . 2008-07-12 05:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-28 21:54 . 2008-07-12 05:47 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-28 21:54 . 2008-07-12 05:47 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-28 21:54 . 2008-07-12 05:47 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-28 21:53 . 2008-07-12 05:47 28240 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-27 17:35 . 2008-02-13 17:59 -------- d-----w- c:\program files\Fichiers communs\Adobe
2010-01-26 14:08 . 2009-12-13 12:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-22 10:28 . 2008-09-27 15:16 -------- d-----w- c:\program files\LucasArts
2010-01-22 10:28 . 2007-12-25 20:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-22 08:57 . 2008-04-12 17:20 -------- d-----w- c:\program files\Zylom Games
2010-01-21 05:27 . 2009-03-16 17:12 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-20 18:47 . 2008-03-22 16:26 -------- d-----w- c:\program files\BoontyGames
2010-01-13 07:30 . 2008-01-02 14:45 -------- d-----w- c:\program files\bfgclient
2010-01-11 12:56 . 2008-02-21 14:41 40 ----a-w- c:\windows\popcinfo.dat
2010-01-09 14:47 . 2008-10-02 15:03 -------- d-----w- c:\program files\Oberon Media
2010-01-07 18:12 . 2008-11-06 18:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-07 15:07 . 2009-12-13 12:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-12-13 12:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 13:29 . 2009-11-02 17:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Gamers Digital
2010-01-02 07:57 . 2008-01-12 19:06 -------- d-----w- c:\program files\Messenger Plus! Live
2009-12-31 07:19 . 2007-12-26 08:21 -------- d-----w- c:\program files\GamesBar
2009-12-29 09:45 . 2009-12-29 09:45 -------- d-----w- c:\documents and settings\All Users\Application Data\iWin
2009-12-28 13:51 . 2009-12-28 13:50 -------- d-----w- c:\program files\Dofus 2
2009-12-25 19:11 . 2009-12-25 19:11 -------- d-----w- c:\program files\Trend Micro
2009-12-24 08:57 . 2009-12-24 08:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Little Games Company
2009-12-24 06:38 . 2007-12-23 19:14 -------- d-----w- c:\program files\Google
2009-12-22 17:15 . 2008-03-20 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\SugarGames
2009-12-22 07:48 . 2008-10-02 15:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Flood Light Games
2009-12-21 19:07 . 2004-08-05 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-18 17:26 . 2009-12-18 17:25 -------- d-----w- c:\program files\Totem Treasure 2
2009-12-18 17:12 . 2009-12-18 17:11 -------- d-----w- c:\program files\Echoes of the Past - Royal House of Stone
2009-12-18 16:54 . 2009-12-18 16:54 -------- d-----w- c:\program files\Rescue at Rajini Island
2009-12-18 16:38 . 2009-12-18 16:38 -------- d-----w- c:\program files\Hidden Magic
2009-12-16 11:13 . 2009-07-30 10:37 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-16 11:12 . 2009-07-30 10:36 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-16 11:12 . 2009-07-30 10:36 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-12-13 12:27 . 2009-12-13 12:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-13 11:32 . 2009-12-13 11:32 -------- d-----w- c:\program files\Hp
2009-12-12 15:48 . 2007-12-26 08:21 -------- d-----w- c:\documents and settings\All Users\Application Data\GamesBar
2009-12-11 15:28 . 2009-12-11 15:20 20458 ----a-w- c:\windows\hpoins01.dat
2009-12-11 15:28 . 2007-12-23 13:20 -------- d-----w- c:\program files\Hewlett-Packard
2009-12-11 15:28 . 2009-12-11 15:28 82380 ----a-w- c:\windows\system32\drivers\AFS2K.SYS
2009-12-09 07:36 . 2004-08-05 12:00 80856 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-09 07:36 . 2004-08-05 12:00 500814 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-07 11:58 . 2009-12-07 11:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Real Arcade
2009-12-07 11:57 . 2009-12-07 11:57 -------- d-----w- c:\program files\Fichiers communs\SWF Studio
2009-12-06 18:53 . 2009-12-06 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\MarcoPolo
2009-12-04 12:56 . 2008-10-23 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Alawar Stargaze
2009-12-03 07:59 . 2009-12-03 07:58 -------- d-----w- c:\program files\Marco Polo - Un Voyage Fantastique
2009-12-02 13:10 . 2009-11-07 10:33 -------- d-----w- c:\program files\Dofus
2009-11-21 15:58 . 2004-08-05 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-19 19:24 . 2009-11-19 19:24 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-19 19:24 . 2009-11-19 19:24 93360 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys
2009-11-19 19:24 . 2009-11-19 19:24 554280 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\sbap.dll
2009-11-19 19:24 . 2009-10-15 18:40 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-11-19 19:24 . 2009-11-19 19:24 212480 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\VipreBridge.dll
2009-11-19 19:24 . 2009-11-19 19:24 283944 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Vipre.dll
2009-11-19 19:24 . 2009-11-19 19:24 1223976 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBTE.dll
2009-11-19 19:24 . 2009-11-19 19:24 242984 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBRE.dll
2009-11-16 14:50 . 2009-11-16 14:39 188399064 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5262T1L4\setup_gF5262T1L4_d689225799_l4_s5.exe
2009-11-16 14:03 . 2009-11-16 13:53 173389024 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5212T1L1\setup_gF5212T1L1_d647281969_l1_s1.exe
2009-11-16 13:53 . 2009-11-16 13:47 118216200 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5221T1L1\setup_gF5221T1L1_d643042530_l1_s1.exe
2009-11-16 13:32 . 2009-11-16 13:26 102013776 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5133T1L4\setup_gF5133T1L4_d686447302_l4_s5.exe
2009-11-16 13:26 . 2009-11-16 13:20 137156640 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5215T1L1\setup_gF5215T1L1_d643042176_l1_s1.exe
2009-11-16 13:10 . 2009-11-16 13:02 155245928 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5249T1L1\setup_gF5249T1L1_d662415066_l1_s1.exe
2008-03-03 09:22 . 2008-03-03 09:22 0 ----a-w- c:\program files\temp01
.

((((((((((((((((((((((((((((( SnapShot@2010-01-30_15.54.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-30 19:51 . 2010-01-30 19:51 7358 c:\windows\Installer\{51D718D1-DA81-4FAD-919F-5C1CE3C33379}\ARPPRODUCTICON.exe
+ 2010-01-31 08:55 . 2010-01-31 08:55 454656 c:\windows\ERDNT\AutoBackup\31-01-2010\Users\00000002\UsrClass.dat
+ 2010-01-31 08:55 . 2005-10-20 11:02 163328 c:\windows\ERDNT\AutoBackup\31-01-2010\ERDNT.EXE
+ 2010-01-30 19:51 . 2010-01-30 19:51 22697984 c:\windows\Installer\d028a5.msi
+ 2010-01-31 08:55 . 2010-01-31 08:55 11878400 c:\windows\ERDNT\AutoBackup\31-01-2010\Users\00000001\ntuser.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-03 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Steam"="c:\program files\Steam\Steam.exe" [2009-10-24 1217808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-01-28 2757512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\jean-fran‡ois\Menu D‚marrer\Programmes\D‚marrage\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage d'Office.lnk
backup=c:\windows\pss\Démarrage d'Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Recherche accélérée.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Recherche accélérée.lnk
backup=c:\windows\pss\Microsoft Recherche accélérée.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=c:\documents and settings\jean-françois\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^wkcalrem.LNK]
path=c:\documents and settings\jean-françois\Menu Démarrer\Programmes\Démarrage\wkcalrem.LNK
backup=c:\windows\pss\wkcalrem.LNKStartup

[HKLM\~\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^Yahoo! Widgets.lnk]
path=c:\documents and settings\jean-françois\Menu Démarrer\Programmes\Démarrage\Yahoo! Widgets.lnk
backup=c:\windows\pss\Yahoo! Widgets.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-05-13 18:58 177472 ----a-w- c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 02:34 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CARPService]
2003-03-18 23:13 4608 ----a-r- c:\windows\system32\carpserv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 02:33 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 13:07 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-07-13 12:03 292128 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
2007-09-06 13:53 169264 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-03 03:46 13529088 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-03 03:46 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-03 03:46 1630208 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-02-23 16:13 77824 ----a-r- c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-12-06 11:55 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-01-03 11:44 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-01-07 20:02 185872 ----a-w- c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"Pml Driver HPZ12"=3 (0x3)
"NVSvc"=2 (0x2)
"Maxtor Sync Service"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"gusvc"=2 (0x2)
"Boonty Games"=3 (0x3)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"aswUpdSv"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\iWin Games\\iWinGames.exe"=
"c:\\Program Files\\iWin Games\\WebUpdater.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [15/10/2009 19:21 64288]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12/07/2008 06:47 163280]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12/07/2008 06:47 19024]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [16/03/2009 18:11 54752]
R2 iWinTrusted;iWinTrusted;c:\program files\iWin Games\iWinTrusted.exe [24/11/2009 20:43 78104]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [23/12/2007 12:04 666368]
R3 IMT0521;Inmax USB IMT-0521 Smartcard Reader;c:\windows\system32\drivers\IMT0521.sys [07/07/2008 13:21 34825]
S2 gupdate1c9d21c2ba18bc;Service Google Update (gupdate1c9d21c2ba18bc);c:\program files\Google\Update\GoogleUpdate.exe [11/05/2009 10:36 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1181328]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
S3 idrmkl;idrmkl;\??\c:\docume~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys --> c:\docume~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys [?]
S3 ovt530;Webcam Deluxe;c:\windows\system32\Drivers\ov530vid.sys --> c:\windows\system32\Drivers\ov530vid.sys [?]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader;c:\windows\system32\drivers\SCR33X2K.sys [07/07/2008 13:21 63608]
.
Contenu du dossier 'Tâches planifiées'

2010-01-31 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-31 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-31 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-31 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-01-31 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-23 16:08]

2010-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-11 09:36]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-11 09:36]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game01.zylom.com/activex/zylomgamesplayer.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\documents and settings\jean-françois\Application Data\Mozilla\Firefox\Profiles\sym756yv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Searcheo
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-31 10:23
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1085031214-329068152-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:a3,59,f2,75,e8,71,d1,ad,b5,f6,f9,ab,19,a7,29,b2,a0,95,b2,71,77,c4,d4,
14,69,2f,95,7b,9d,b8,f9,2f,f3,8a,ea,c8,2d,e7,d1,ad,84,d7,71,aa,5e,1c,20,41,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d

[HKEY_USERS\S-1-5-21-1085031214-329068152-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:f9,33,41,a5,06,c3,7c,97,26,24,55,de,e3,c0,41,d1,27,ce,f1,b8,8d,
ac,5a,09,82,e1,48,d2,81,f6,a5,a3,6b,38,b7,d4,35,e0,1a,12,e2,93,8f,0a,b0,39,\
"rkeysecu"=hex:22,ee,e2,b3,26,47,e7,ab,64,5f,6b,fe,11,a5,ec,bd
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(1284)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2010-01-31 10:27:00
ComboFix-quarantined-files.txt 2010-01-31 09:26
ComboFix2.txt 2010-01-30 16:02

Avant-CF: 46 277 951 488 octets libres
Après-CF: 46 250 094 592 octets libres

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 0F355A8B5210CB0851F37FE33FE33F22

et voila le RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by jean-françois at 2010-01-31 12:19:21
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 44 GB (44%) free of 100 GB
Total RAM: 1023 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:36, on 31/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Steam\Steam.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Widget Carrefour\Widget Carrefour.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Documents and Settings\jean-françois\Local Settings\Temporary Internet Files\Content.IE5\9AYCMG70\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\jean-françois.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.switchin.net/switchlaunch.php?partner=bbgames"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: Widget Carrefour 50 jours pour vous.lnk = C:\Program Files\Widget Carrefour 50 jours pour vous\Widget Carrefour 50 jours pour vous.exe
O4 - Startup: Widget Carrefour.lnk = C:\Program Files\Widget Carrefour\Widget Carrefour.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6EBC6744-5383-4213-AD5E-66434ECA1812} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/nordnet/orange/so-4.1/resources/fslauncher.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1c9d21c2ba18bc) (gupdate1c9d21c2ba18bc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 12232 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-01-07 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-06 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-25 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-25 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-06 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-06 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-25 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-01-28 2757512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-03 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]
"Steam"=C:\Program Files\Steam\Steam.exe [2009-10-24 1217808]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE [2008-11-04 460216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CARPService]
C:\WINDOWS\system32\carpserv.exe [2003-03-19 4608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe [2007-09-06 169264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-02-23 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-06 136600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-03 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-01-07 185872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA.EXE [1997-08-29 51984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Recherche accélérée.lnk]
C:\PROGRA~1\MICROS~2\Office\FINDFAST.EXE [1997-08-29 111376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^wkcalrem.LNK]
C:\PROGRA~1\FICHIE~1\MICROS~1\WORKSS~1\WkCalRem.exe [2004-07-12 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^Yahoo! Widgets.lnk]
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"WLSetupSvc"=3
"usnjsvc"=3
"Pml Driver HPZ12"=3
"NVSvc"=2
"Maxtor Sync Service"=2
"JavaQuickStarterService"=2
"gusvc"=2
"Boonty Games"=3
"avast! Web Scanner"=3
"avast! Mail Scanner"=3
"avast! Antivirus"=2
"aswUpdSv"=2

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Documents and Settings\jean-françois\Menu Démarrer\Programmes\Démarrage
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE
Widget Carrefour 50 jours pour vous.lnk - C:\Program Files\Widget Carrefour 50 jours pour vous\Widget Carrefour 50 jours pour vous.exe
Widget Carrefour.lnk - C:\Program Files\Widget Carrefour\Widget Carrefour.exe
wkcalrem.LNK - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"ConsentPromptBehaviorAdmin"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:LimeWire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\iWin Games\iWinGames.exe"="C:\Program Files\iWin Games\iWinGames.exe:*:Enabled:iWin Games application."
"C:\Program Files\iWin Games\WebUpdater.exe"="C:\Program Files\iWin Games\WebUpdater.exe:*:Enabled:iWin Games updater."
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

======List of files/folders created in the last 1 months======

2010-01-31 12:11:26 ----SHD---- C:\RECYCLER
2010-01-31 10:27:03 ----D---- C:\WINDOWS\temp
2010-01-31 10:27:01 ----A---- C:\ComboFix.txt
2010-01-30 16:38:33 ----A---- C:\Boot.bak
2010-01-30 16:38:25 ----RASHD---- C:\cmdcons
2010-01-30 16:37:19 ----A---- C:\WINDOWS\zip.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\SWSC.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\SWREG.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\sed.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\PEV.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\NIRCMD.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\MBR.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\grep.exe
2010-01-30 16:36:35 ----D---- C:\Qoobox
2010-01-30 14:39:54 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-01-30 12:17:16 ----D---- C:\rsit
2010-01-30 10:19:10 ----D---- C:\WINDOWS\ERDNT
2010-01-30 10:11:53 ----D---- C:\Program Files\ERUNT
2010-01-30 08:04:37 ----D---- C:\Program Files\Cajun Cop - Le Casse des Bijouteries
2010-01-30 05:57:30 ----D---- C:\Documents and Settings\All Users\Application Data\The Mirror Mysteries
2010-01-29 18:03:55 ----D---- C:\Documents and Settings\jean-françois\Application Data\OtherSide Realm of Eons
2010-01-24 15:31:10 ----D---- C:\Documents and Settings\All Users\Application Data\Million
2010-01-21 08:08:14 ----D---- C:\Program Files\Dr. Lynch - Grave Secrets
2010-01-21 08:02:26 ----D---- C:\Program Files\James Patterson's Women's Murder Club - Twice in a Blue Moon
2010-01-21 07:56:38 ----D---- C:\Program Files\Superior Save
2010-01-21 07:52:25 ----D---- C:\Program Files\Escape the Museum 2
2010-01-21 07:35:47 ----D---- C:\Program Files\Agatha Christie - Dead Man's Folly
2010-01-21 07:22:33 ----D---- C:\Program Files\Cassandra's Journey 2 - The Fifth Sun of Nostradamus
2010-01-21 07:15:25 ----D---- C:\Program Files\Herissons de l'Espace
2010-01-21 07:13:06 ----D---- C:\Program Files\Legendes du Far West - Golden Hill
2010-01-21 07:01:08 ----D---- C:\Program Files\Youda Legend - The Golden Bird of Paradise
2010-01-21 06:51:52 ----D---- C:\Program Files\The Fall Trilogy - Chapter 1
2010-01-21 06:46:52 ----D---- C:\Program Files\Mary Kay Andrews - The Fixer Upper
2010-01-18 15:01:12 ----D---- C:\Documents and Settings\jean-françois\Application Data\Valusoft
2010-01-18 15:01:12 ----D---- C:\Documents and Settings\All Users\Application Data\Valusoft
2010-01-15 11:41:05 ----A---- C:\WINDOWS\OEWABLog.txt
2010-01-14 16:18:16 ----D---- C:\Documents and Settings\jean-françois\Application Data\KlickTock
2010-01-14 16:10:10 ----D---- C:\Program Files\iWin Games
2010-01-13 19:13:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 19:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-13 12:04:05 ----D---- C:\Program Files\Samantha Swift - Mystery From Atlantis
2010-01-13 09:36:38 ----D---- C:\Program Files\Veronica Rivers - The Order Of Conspiracy
2010-01-13 09:29:50 ----D---- C:\Program Files\Parking Dash
2010-01-13 09:28:23 ----D---- C:\Program Files\The Mirror Mysteries
2010-01-13 09:23:42 ----D---- C:\Program Files\Dark Tales - Edgar Allan Poe`s Murders in the Rue Morgue
2010-01-13 08:37:40 ----D---- C:\Documents and Settings\jean-françois\Application Data\DruidsBattleOfMagic
2010-01-12 13:32:27 ----D---- C:\Documents and Settings\jean-françois\Application Data\TheFixerUpper
2010-01-11 14:05:49 ----D---- C:\Documents and Settings\jean-françois\Application Data\EcoRescue
2010-01-09 18:21:09 ----D---- C:\Documents and Settings\All Users\Application Data\Far Mills
2010-01-09 15:17:49 ----D---- C:\Documents and Settings\jean-françois\Application Data\WinRAR
2010-01-09 15:17:10 ----D---- C:\Program Files\WinRAR
2010-01-08 17:27:05 ----D---- C:\Documents and Settings\jean-françois\Application Data\Trio
2010-01-05 13:04:37 ----D---- C:\Documents and Settings\jean-françois\Application Data\LaJangada
2010-01-02 13:21:08 ----D---- C:\Documents and Settings\jean-françois\Application Data\GOA
2010-01-02 13:21:08 ----D---- C:\Documents and Settings\All Users\Application Data\GOA
2010-01-02 08:57:37 ----D---- C:\Program Files\Circle Dvelopement

======List of files/folders modified in the last 1 months======

2010-01-31 12:19:29 ----D---- C:\WINDOWS\Prefetch
2010-01-31 12:11:56 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-31 12:09:46 ----SD---- C:\WINDOWS\Tasks
2010-01-31 12:08:00 ----D---- C:\Program Files\Steam
2010-01-31 12:06:57 ----D---- C:\WINDOWS\system32\drivers
2010-01-31 12:06:57 ----D---- C:\WINDOWS\MSREMOTE.SFS
2010-01-31 11:56:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-31 11:50:45 ----D---- C:\Program Files\Internet Explorer
2010-01-31 10:49:06 ----D---- C:\Program Files\Mystery Masterpiece - The Moonstone
2010-01-31 10:27:03 ----D---- C:\WINDOWS
2010-01-31 10:24:00 ----A---- C:\WINDOWS\system.ini
2010-01-31 10:21:09 ----D---- C:\WINDOWS\system32
2010-01-31 10:21:09 ----D---- C:\WINDOWS\AppPatch
2010-01-31 10:21:04 ----D---- C:\Program Files\Fichiers communs
2010-01-31 09:59:00 ----SHD---- C:\WINDOWS\Installer
2010-01-31 09:58:42 ----RD---- C:\Program Files
2010-01-30 20:41:23 ----D---- C:\WINDOWS\system32\DirectX
2010-01-30 20:38:37 ----D---- C:\Program Files\Wakfu
2010-01-30 16:52:31 ----D---- C:\WINDOWS\system32\config
2010-01-30 16:50:23 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-30 16:50:23 ----D---- C:\Program Files\iWin
2010-01-30 16:38:33 ----RASH---- C:\boot.ini
2010-01-30 14:42:15 ----D---- C:\Program Files\Alwil Software
2010-01-30 14:40:47 ----D---- C:\WINDOWS\WinSxS
2010-01-30 14:02:12 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-01-30 13:25:14 ----D---- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2010-01-30 11:30:49 ----D---- C:\Program Files\Microsoft Works
2010-01-30 11:30:34 ----D---- C:\Program Files\OpenOffice.org 2.3
2010-01-30 10:34:03 ----D---- C:\Program Files\Mozilla Firefox
2010-01-30 08:00:25 ----D---- C:\Program Files\iWin.com
2010-01-30 06:59:01 ----D---- C:\Documents and Settings\All Users\Application Data\Sandlot Games
2010-01-29 18:01:07 ----D---- C:\Documents and Settings\jean-françois\Application Data\PlayFirst
2010-01-29 18:01:07 ----D---- C:\Documents and Settings\All Users\Application Data\PlayFirst
2010-01-29 16:57:45 ----D---- C:\Documents and Settings\jean-françois\Application Data\HdO Adventure
2010-01-28 23:09:26 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-01-27 18:35:17 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-01-27 18:35:16 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-01-26 16:56:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-01-26 15:08:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-25 17:02:19 ----D---- C:\Documents and Settings\jean-françois\Application Data\OpenOffice.org2
2010-01-25 16:54:18 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-22 12:51:44 ----HD---- C:\WINDOWS\inf
2010-01-22 12:51:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-22 12:51:25 ----D---- C:\WINDOWS\ie8updates
2010-01-22 12:51:05 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-22 11:28:23 ----D---- C:\Program Files\LucasArts
2010-01-22 11:28:23 ----D---- C:\Documents and Settings\jean-françois\Application Data\Petroglyph
2010-01-22 11:28:12 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-22 09:57:10 ----D---- C:\Program Files\Zylom Games
2010-01-21 12:33:47 ----D---- C:\Documents and Settings\jean-françois\Application Data\Alawar
2010-01-21 06:27:24 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-20 19:47:32 ----D---- C:\Program Files\BoontyGames
2010-01-19 17:12:04 ----D---- C:\Documents and Settings\jean-françois\Application Data\Zylom
2010-01-19 17:12:04 ----D---- C:\Documents and Settings\jean-françois\Application Data\Identities
2010-01-18 18:32:44 ----A---- C:\WINDOWS\win.ini
2010-01-18 18:24:27 ----D---- C:\WINDOWS\network diagnostic
2010-01-13 19:13:56 ----A---- C:\WINDOWS\imsins.BAK
2010-01-13 08:30:47 ----D---- C:\Program Files\bfgclient
2010-01-11 14:11:48 ----D---- C:\Documents and Settings\jean-françois\Application Data\iWin
2010-01-11 13:07:18 ----D---- C:\Documents and Settings\jean-françois\Application Data\JewelMatch2
2010-01-09 15:47:44 ----D---- C:\Program Files\Oberon Media
2010-01-07 19:12:29 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-02 14:29:18 ----D---- C:\Documents and Settings\jean-françois\Application Data\Gamers Digital
2010-01-02 14:29:18 ----D---- C:\Documents and Settings\All Users\Application Data\Gamers Digital
2010-01-02 08:57:34 ----D---- C:\Program Files\Messenger Plus! Live

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-01-28 28240]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-12-11 82380]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-01-28 163280]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-01-28 46672]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-01-28 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-01-28 100432]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-03-19 11044]
R2 StreamDispatcher;StreamDispatcher; C:\WINDOWS\system32\DRIVERS\strmdisp.sys [2003-03-19 22400]
R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-02-09 666368]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-01-28 23376]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-03-19 1107072]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-03-19 177024]
R3 IMT0521;Inmax USB IMT-0521 Smartcard Reader; C:\WINDOWS\System32\Drivers\IMT0521.sys [2003-07-11 34825]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-02-24 33408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-02-24 12928]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-12-29 47360]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-03-19 622592]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\JEAN-F~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 idrmkl;idrmkl; \??\C:\DOCUME~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys []
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ovt519;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\ov519vid.sys [2003-10-15 174530]
S3 ovt530;Webcam Deluxe; C:\WINDOWS\System32\Drivers\ov530vid.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\SCR33X2K.sys [2003-12-03 63608]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 iWinTrusted;iWinTrusted; C:\Program Files\iWin Games\iWinTrusted.exe [2009-11-24 78104]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-01-27 1181328]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-12-16 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-12-16 103736]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
S2 gupdate1c9d21c2ba18bc;Service Google Update (gupdate1c9d21c2ba18bc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-11 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-11 190448]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe []
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-06 152984]
S4 Maxtor Sync Service;Maxtor Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [2007-09-28 156976]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------

par contre ,apres avoir fait le scan malwarebytes il m'a demandé de redemarrer le pc ,et il c'est bloquer sur la barre de defilement windows,j'ai du le forcer a arreter puis je l'ai redemarré et la c'est redevenue normal??

bon je vous laisse,merci encore et a++

bonjour,

il faut refaire la manip avec combo (désolée) j'ai fait une erreur en mettant file au lieu de folder, donc cela n'a pas fonctionné

Tu reposteras le rapport à l'issu stp

driver::idrmkl

file::
c:\docume~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys

folder::
c:\program files\Circle Dvelopement
c:\documents and settings\All Users\Application Data\GamesBar
c:\program files\GamesBar

rootkit::
c:\docume~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys

je dois le copier en deux fois

ComboFix 10-02-01.01 - jean-françois 01/02/2010 18:30:43.3.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.453 [GMT 1:00]
Lancé depuis: c:\documents and settings\jean-françois\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\jean-françois\Bureau\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\docume~1\JEAN-F~1\LOCALS~1\Temp\idrmkl.sys"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\GamesBar
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25.xm_
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\action.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\arcade.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\Azada16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\cards.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\caribbean_hideaway16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\cradle_of_persia16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\cradle_rome16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\death_nile16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\deep_quest16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\download.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\dr_daisy_pet_vet16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\family_restaurant16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\farm_frenzy16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\fashion_craze16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\jigsaw.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\mahjong.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\newGames.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\pirate_poker16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\pirate_stories_kit_ellis16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\puzzle.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\seasonmatch16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\solitaire_cruise16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\sports.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\supercow16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\Turbo_Subs16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-02-27-15-27-25\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48.xm_
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\action.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\arcade.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\Azada16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\caribbean_hideaway16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\cradle_of_persia16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\cradle_rome16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\death_nile16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\deep_quest16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\download.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\dr_daisy_pet_vet16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\family_restaurant16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\farm_frenzy16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\fashion_craze16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\newGames.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\pirate_poker16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\pirate_stories_kit_ellis16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\puzzle.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\seasonmatch16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\solitaire_cruise16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\supercow16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\Turbo_Subs16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-18-50-48\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31.xm_
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\action.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\arcade.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\Azada16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\caribbean_hideaway16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\cradle_of_persia16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\cradle_rome16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\death_nile16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\deep_quest16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\download.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\dr_daisy_pet_vet16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\family_restaurant16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\farm_frenzy16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\fashion_craze16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\mahjong.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\newGames.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\pirate_poker16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\pirate_stories_kit_ellis16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\puzzle.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\seasonmatch16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\solitaire_cruise16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\supercow16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\Turbo_Subs16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-03-16-19-06-31\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07.xm_
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\action.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\animal_agents16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\arcade.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\BigCity_SF16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\diner_dash_hometown_hero16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\download.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\dream_day_first_home16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\fishdom16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\heart_of_egypt16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\mah_jong_quest_316x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\mahjong.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\MahjongChina16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\miss_teri_tale16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\newGames.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\peril_at_end_house16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\puzzle.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\ranch_rush16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\supermarket_mania16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\virtual_farm16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-07-27-18-19-07\wedding_dash_216x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14.xm_
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\BigCity_SF16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\build_in_time16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\diner_dash_hometown_hero16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\download.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\dream_day_first_home16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\fishdom16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\heart_of_egypt16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\jewel_quest_316x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\lambs_of_dreams16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\mah_jong_quest_316x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\newGames.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\peril_at_end_house16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\ranch_rush16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\treasures_of_ancient_cavern16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-03-16-36-14\virtual_farm16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-10-17-16-29.xm_
c:\documents and settings\All Users\Application Data\GamesBar\08-08-10-17-16-29\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-10-17-16-29\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-10-17-16-29\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-10-17-16-29\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-10-17-16-29\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-10-17-16-29\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-10-17-16-29\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-10-17-16-29\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-10-17-16-29\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-10-17-16-29\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-10-17-16-29\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03.xm_
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\BigCity_SF16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\build_in_time16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\diner_dash_hometown_hero16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\download.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\fishdom16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\heart_of_egypt16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\jewel_quest_316x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\lambs_of_dreams16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\mah_jong_quest_316x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\newGames.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\ranch_rush16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\treasures_of_ancient_cavern16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-08-13-13-48-03\virtual_farm16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13.xm_
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\around_the_world_in_80_days16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\big_city_adventure_sydney16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\chocolatier216x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\death_nile16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\download.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\dream_day_first_home16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\farm_frenzy_216x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\jewel_match_216x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\MagiciansHandbook16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\MahjongChina16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\newGames.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\ranch_rush16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\saqqarah16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\the_great_chocolate_chase16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-06-10-43-13\virtual_farm16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09.xm_
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\action.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\arcade.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\around_the_world_in_80_days16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\big_city_adventure_sydney16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\buy.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\cards.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\chocolatier216x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\deals.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\death_nile16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\download.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\dream_day_first_home16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\farm_frenzy_216x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\jewel_match_216x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\jigsaw.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\kids.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\magic_farm16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\MagiciansHandbook16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\mahjong.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\MahjongChina16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\mygames.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\newGames.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\notFound.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\puzzle.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\ranch_rush16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\riseAtlantis16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\saqqarah16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\sports.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\the_great_chocolate_chase16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\trial.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\08-09-19-07-01-09\virtual_farm16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-02-28-21-59-51.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-02-28-21-59-51\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-02-28-21-59-51\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-02-28-21-59-51\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-02-28-21-59-51\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-02-28-21-59-51\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-02-28-21-59-51\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-02-28-21-59-51\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-03-03-12-34-49.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-22-20-37-15.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-23-06-20-04.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-23-06-27-22.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-24-17-00-39.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-25-18-30-09.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-26-19-04-22.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-27-19-32-40.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-06-28-32.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-10-53-09.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-15-11-08.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-15-35-37.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-15-43-00.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-17-55-51.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-17-58-42.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-18-02-33.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-18-32-48.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-18-49-38.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-18-51-04.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-19-03-15.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-19-03-37.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-19-05-02.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-28-19-07-18.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-29-20-22-14.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-03-31-17-50-27.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-02-19-57-04.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-02-19-57-33.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-04-09-04-28.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-04-09-40-14.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-04-09-56-10.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-04-12-57-28.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-04-13-19-27.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-04-13-25-37.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-05-18-47-31.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-05-19-02-29.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-05-19-51-13.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-14-45-31.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-14-55-30.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-03-21.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-17-16.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-17-16\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-17-16\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-17-16\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-17-16\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-17-16\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-17-16\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-17-16\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-17-16\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-17-16\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-17-16\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-04-08-15-17-16\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-04-09-15-34-10.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-10-18-06-30.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-11-22-26-10.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-13-10-52-34.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-13-11-20-55.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-14-14-06-07.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-14-14-18-01.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-16-16-05-06.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-16-17-59-36.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-16-18-23-35.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-17-19-29-55.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-17-19-54-12.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-17-20-48-48.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-20-10-45-35.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-20-11-04-48.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-21-19-21-34.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-21-19-51-12.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-21-20-40-17.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-22-08-32-29.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-24-12-02-42.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-04-30-14-03-03.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-01-14-08-55.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-09-11-22-14.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-09-11-32-39.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-09-11-50-48.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-11-12-21-14.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-11-17-12-18.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-11-19-36-54.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-13-10-14-52.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-14-12-40-16.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-23-09-03-07.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-23-09-05-07.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-25-17-48-07.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\adventure_chronicles_tsflt16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\adventures_of_robinson_crusoe16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\annabel16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\book_of_legends16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\download.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\flower_paradise16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\mortimer_beckett_spooky_manor16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\mystery_pi_the_new_york_fortune16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\mystery_pi_the_vegas_heist16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\newGames.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-05-29-19-33-09\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-15-55-06.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\newGames.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\pirate_stories_kit_ellis16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-01-19-25-35\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-08-14-39-20.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-06-11-19-48-30.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\action.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\adventures_of_robinson_crusoe16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\alabama_smith16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\alchemists_apprentice16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\annabel16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\arcade.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\book_of_legends16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\cards.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\download.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\fashion_craze16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\jewel_quest_solitaire_316x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\mahjong.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\mortimer_beckett_spooky_manor16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\mystery_legends_sleepy_hollow16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\mystery_of_unicorn_castle16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\mystery_pi_the_new_york_fortune16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\mystery_pi_the_vegas_heist16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\newGames.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\puzzle.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\supermarket_mania16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\the_secret_of_margrave_manor16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-15-14-57-02\wmc2_FR16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\09-06-22-08-10-47.xm_
c:\documents and settings\All Users\Application Data\GamesBar\09-06-24-09-31-53.xm_
c:\documents and settings\All Users\Application Data\GamesBar\about.gif
c:\documents and settings\All Users\Application Data\GamesBar\action.gif
c:\documents and settings\All Users\Application Data\GamesBar\arcade.gif
c:\documents and settings\All Users\Application Data\GamesBar\artist_colony16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\BeckyBrogan16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\buy.gif
c:\documents and settings\All Users\Application Data\GamesBar\CakeMania_MainStreet16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\cards.gif
c:\documents and settings\All Users\Application Data\GamesBar\deals.gif
c:\documents and settings\All Users\Application Data\GamesBar\download.gif
c:\documents and settings\All Users\Application Data\GamesBar\dream_day_wedding_viva_las_vegas16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\dream_sleuth16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\farm_frenzy316x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\feedback.gif
c:\documents and settings\All Users\Application Data\GamesBar\help.gif
c:\documents and settings\All Users\Application Data\GamesBar\highlight.gif
c:\documents and settings\All Users\Application Data\GamesBar\jewel_quest_bundle_fr16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\jigsaw.gif
c:\documents and settings\All Users\Application Data\GamesBar\kids.gif
c:\documents and settings\All Users\Application Data\GamesBar\little_folk_of_faery16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\magic_encyclopedia216x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\mahjong.gif
c:\documents and settings\All Users\Application Data\GamesBar\mahjong_memoirs_without_calendar16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\margrave_manor_216x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\mygames.gif
c:\documents and settings\All Users\Application Data\GamesBar\newGames.gif
c:\documents and settings\All Users\Application Data\GamesBar\oberonconfig.xm_
c:\documents and settings\All Users\Application Data\GamesBar\obSearchHistory.dat
c:\documents and settings\All Users\Application Data\GamesBar\onload\loading.gif
c:\documents and settings\All Users\Application Data\GamesBar\partner.gif
c:\documents and settings\All Users\Application Data\GamesBar\popup_off.gif
c:\documents and settings\All Users\Application Data\GamesBar\popup_on.gif
c:\documents and settings\All Users\Application Data\GamesBar\PrincessIsabella16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\puzzle.gif
c:\documents and settings\All Users\Application Data\GamesBar\search.gif
c:\documents and settings\All Users\Application Data\GamesBar\searchHistory.dat
c:\documents and settings\All Users\Application Data\GamesBar\sendafriend.gif
c:\documents and settings\All Users\Application Data\GamesBar\sports.gif
c:\documents and settings\All Users\Application Data\GamesBar\the_mystery_of_the_crystal_portal16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\treasures_of_montezuma216x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\treasures_of_serengeti16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\trial.gif
c:\documents and settings\All Users\Application Data\GamesBar\uninstall.gif
c:\documents and settings\All Users\Application Data\GamesBar\update.gif
c:\documents and settings\All Users\Application Data\GamesBar\WMC3_lune_bleue16x16.gif
c:\documents and settings\All Users\Application Data\GamesBar\zumas_revenge16x16.gif
c:\program files\Circle Dvelopement
c:\program files\GamesBar
c:\program files\GamesBar\Localization-French.ini
c:\program files\GamesBar\Localization2-French.ini
c:\program files\GamesBar\OBGet.exe
c:\program files\GamesBar\uninst.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
-------\Legacy_idrmkl
-------\Service_idrmkl

et la suite

((((((((((((((((((((((((((((( Fichiers créés du 2010-01-01 au 2010-02-01 ))))))))))))))))))))))))))))))))))))
.

2010-02-01 16:20 . 2010-02-01 16:20 -------- d-----w- c:\documents and settings\All Users\Application Data\BanzaiInteractive
2010-01-30 13:39 . 2010-01-30 13:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-01-30 11:17 . 2010-01-30 11:17 -------- d-----w- C:\rsit
2010-01-30 09:11 . 2010-01-30 09:19 -------- d-----w- c:\program files\ERUNT
2010-01-30 04:57 . 2010-01-30 04:57 -------- d-----w- c:\documents and settings\All Users\Application Data\The Mirror Mysteries
2010-01-24 14:31 . 2010-01-24 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Million
2010-01-21 07:08 . 2010-01-21 07:08 -------- d-----w- c:\program files\Dr. Lynch - Grave Secrets
2010-01-21 07:02 . 2010-01-21 07:02 -------- d-----w- c:\program files\James Patterson's Women's Murder Club - Twice in a Blue Moon
2010-01-21 06:56 . 2010-01-21 06:57 -------- d-----w- c:\program files\Superior Save
2010-01-21 06:52 . 2010-01-21 06:53 -------- d-----w- c:\program files\Escape the Museum 2
2010-01-21 06:35 . 2010-01-21 06:36 -------- d-----w- c:\program files\Agatha Christie - Dead Man's Folly
2010-01-21 06:22 . 2010-01-21 06:25 -------- d-----w- c:\program files\Cassandra's Journey 2 - The Fifth Sun of Nostradamus
2010-01-21 06:15 . 2010-01-21 06:16 -------- d-----w- c:\program files\Herissons de l'Espace
2010-01-21 06:13 . 2010-01-21 06:15 -------- d-----w- c:\program files\Legendes du Far West - Golden Hill
2010-01-21 06:01 . 2010-01-21 06:01 -------- d-----w- c:\program files\Youda Legend - The Golden Bird of Paradise
2010-01-21 05:51 . 2010-01-21 05:54 -------- d-----w- c:\program files\The Fall Trilogy - Chapter 1
2010-01-21 05:46 . 2010-01-21 05:48 -------- d-----w- c:\program files\Mary Kay Andrews - The Fixer Upper
2010-01-18 14:01 . 2010-01-18 14:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Valusoft
2010-01-15 10:41 . 2010-01-15 10:41 -------- d-----r- c:\documents and settings\LocalService\Mes documents
2010-01-15 10:41 . 2010-01-15 10:41 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer
2010-01-14 15:10 . 2010-01-30 15:50 -------- d-----w- c:\program files\iWin Games
2010-01-13 11:04 . 2010-01-13 11:04 -------- d-----w- c:\program files\Samantha Swift - Mystery From Atlantis
2010-01-13 08:36 . 2010-01-13 08:37 -------- d-----w- c:\program files\Veronica Rivers - The Order Of Conspiracy
2010-01-13 08:29 . 2010-01-13 08:30 -------- d-----w- c:\program files\Parking Dash
2010-01-13 08:28 . 2010-01-13 08:28 -------- d-----w- c:\program files\The Mirror Mysteries
2010-01-13 08:23 . 2010-01-13 08:27 -------- d-----w- c:\program files\Dark Tales - Edgar Allan Poe`s Murders in the Rue Morgue
2010-01-13 06:31 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-09 17:21 . 2010-01-09 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Far Mills

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-01 17:42 . 2009-10-21 15:06 -------- d-----w- c:\program files\Steam
2010-02-01 17:12 . 2008-03-22 16:26 -------- d-----w- c:\program files\BoontyGames
2010-02-01 17:02 . 2009-06-23 06:43 -------- d-----w- c:\program files\iWin.com
2010-02-01 16:32 . 2007-12-26 08:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-01 15:11 . 2009-01-29 07:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Rumbic Studio
2010-01-31 09:49 . 2009-07-28 14:21 -------- d-----w- c:\program files\Mystery Masterpiece - The Moonstone
2010-01-30 19:38 . 2009-12-01 17:52 -------- d-----w- c:\program files\Wakfu
2010-01-30 15:50 . 2009-06-23 07:49 -------- d-----w- c:\program files\iWin
2010-01-30 13:42 . 2007-12-23 11:19 -------- d-----w- c:\program files\Alwil Software
2010-01-30 12:25 . 2008-01-02 14:45 -------- d-----w- c:\documents and settings\All Users\Application Data\BigFishGamesCache
2010-01-30 10:30 . 2007-12-29 12:07 -------- d-----w- c:\program files\Microsoft Works
2010-01-30 10:30 . 2007-12-27 12:58 -------- d-----w- c:\program files\OpenOffice.org 2.3
2010-01-30 05:59 . 2008-02-21 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games
2010-01-29 17:01 . 2008-02-19 11:06 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst
2010-01-28 22:09 . 2008-07-12 05:47 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-01-28 22:09 . 2008-07-12 05:47 152672 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-28 21:57 . 2008-07-12 05:47 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-28 21:57 . 2008-07-12 05:47 163280 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-28 21:54 . 2008-07-12 05:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-28 21:54 . 2008-07-12 05:47 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-28 21:54 . 2008-07-12 05:47 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-28 21:54 . 2008-07-12 05:47 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-28 21:53 . 2008-07-12 05:47 28240 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-27 17:35 . 2008-02-13 17:59 -------- d-----w- c:\program files\Fichiers communs\Adobe
2010-01-26 14:08 . 2009-12-13 12:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-26 14:07 . 2010-01-26 14:07 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-22 10:28 . 2008-09-27 15:16 -------- d-----w- c:\program files\LucasArts
2010-01-22 10:28 . 2007-12-25 20:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-22 08:57 . 2008-04-12 17:20 -------- d-----w- c:\program files\Zylom Games
2010-01-21 07:08 . 2010-01-21 07:02 96708608 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F2717T1L4\setup_gF2717T1L4_d759996162_l4_s5.exe
2010-01-21 07:02 . 2010-01-21 06:56 95981992 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5355T1L4\setup_gF5355T1L4_d748577268_l4_s5.exe
2010-01-21 06:22 . 2010-01-21 06:15 113287824 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5376T1L1\setup_gF5376T1L1_d741217747_l1_s1.exe
2010-01-21 06:12 . 2010-01-21 06:01 184643328 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5201T1L4\setup_gF5201T1L4_d733003332_l4_s5.exe
2010-01-21 05:51 . 2010-01-21 05:46 118524440 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5381T1L1\setup_gF5381T1L1_d752500029_l1_s1.exe
2010-01-21 05:27 . 2009-03-16 17:12 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-13 08:36 . 2010-01-13 08:29 119798536 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5399T1L1\setup_gF5399T1L1_d752501528_l1_s1.exe
2010-01-13 08:29 . 2010-01-13 08:28 25676872 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F2691T1L4\setup_gF2691T1L4_d735384944_l4_s5.exe
2010-01-13 08:28 . 2010-01-13 08:23 81548320 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5378T1L1\setup_gF5378T1L1_d738324098_l1_s1.exe
2010-01-13 07:30 . 2008-01-02 14:45 -------- d-----w- c:\program files\bfgclient
2010-01-11 12:56 . 2008-02-21 14:41 40 ----a-w- c:\windows\popcinfo.dat
2010-01-09 14:47 . 2008-10-02 15:03 -------- d-----w- c:\program files\Oberon Media
2010-01-07 18:12 . 2008-11-06 18:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-07 15:07 . 2009-12-13 12:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-12-13 12:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 13:29 . 2009-11-02 17:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Gamers Digital
2010-01-02 12:21 . 2010-01-02 12:21 -------- d-----w- c:\documents and settings\All Users\Application Data\GOA
2010-01-02 07:57 . 2008-01-12 19:06 -------- d-----w- c:\program files\Messenger Plus! Live
2009-12-29 09:45 . 2009-12-29 09:45 -------- d-----w- c:\documents and settings\All Users\Application Data\iWin
2009-12-28 13:51 . 2009-12-28 13:50 -------- d-----w- c:\program files\Dofus 2
2009-12-25 19:11 . 2009-12-25 19:11 -------- d-----w- c:\program files\Trend Micro
2009-12-24 08:57 . 2009-12-24 08:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Little Games Company
2009-12-24 06:38 . 2007-12-23 19:14 -------- d-----w- c:\program files\Google
2009-12-22 17:15 . 2008-03-20 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\SugarGames
2009-12-22 07:48 . 2008-10-02 15:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Flood Light Games
2009-12-21 19:07 . 2004-08-05 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-18 17:26 . 2009-12-18 17:25 -------- d-----w- c:\program files\Totem Treasure 2
2009-12-18 17:12 . 2009-12-18 17:11 -------- d-----w- c:\program files\Echoes of the Past - Royal House of Stone
2009-12-18 16:54 . 2009-12-18 16:54 -------- d-----w- c:\program files\Rescue at Rajini Island
2009-12-18 16:38 . 2009-12-18 16:38 -------- d-----w- c:\program files\Hidden Magic
2009-12-16 11:13 . 2009-07-30 10:37 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-16 11:12 . 2009-07-30 10:36 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-16 11:12 . 2009-07-30 10:36 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-12-13 12:27 . 2009-12-13 12:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-13 11:32 . 2009-12-13 11:32 -------- d-----w- c:\program files\Hp
2009-12-11 15:28 . 2009-12-11 15:20 20458 ----a-w- c:\windows\hpoins01.dat
2009-12-11 15:28 . 2007-12-23 13:20 -------- d-----w- c:\program files\Hewlett-Packard
2009-12-11 15:28 . 2009-12-11 15:28 82380 ----a-w- c:\windows\system32\drivers\AFS2K.SYS
2009-12-09 07:36 . 2004-08-05 12:00 80856 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-09 07:36 . 2004-08-05 12:00 500814 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-07 11:58 . 2009-12-07 11:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Real Arcade
2009-12-07 11:57 . 2009-12-07 11:57 -------- d-----w- c:\program files\Fichiers communs\SWF Studio
2009-12-06 18:53 . 2009-12-06 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\MarcoPolo
2009-12-04 12:56 . 2008-10-23 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Alawar Stargaze
2009-11-21 15:58 . 2004-08-05 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-19 19:24 . 2009-11-19 19:24 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-19 19:24 . 2009-11-19 19:24 93360 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys
2009-11-19 19:24 . 2009-11-19 19:24 554280 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\sbap.dll
2009-11-19 19:24 . 2009-10-15 18:40 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-11-19 19:24 . 2009-11-19 19:24 212480 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\VipreBridge.dll
2009-11-19 19:24 . 2009-11-19 19:24 283944 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Vipre.dll
2009-11-19 19:24 . 2009-11-19 19:24 1223976 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBTE.dll
2009-11-19 19:24 . 2009-11-19 19:24 242984 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBRE.dll
2009-11-16 14:50 . 2009-11-16 14:39 188399064 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5262T1L4\setup_gF5262T1L4_d689225799_l4_s5.exe
2009-11-16 14:03 . 2009-11-16 13:53 173389024 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5212T1L1\setup_gF5212T1L1_d647281969_l1_s1.exe
2009-11-16 13:53 . 2009-11-16 13:47 118216200 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5221T1L1\setup_gF5221T1L1_d643042530_l1_s1.exe
2009-11-16 13:32 . 2009-11-16 13:26 102013776 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5133T1L4\setup_gF5133T1L4_d686447302_l4_s5.exe
2009-11-16 13:26 . 2009-11-16 13:20 137156640 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5215T1L1\setup_gF5215T1L1_d643042176_l1_s1.exe
2009-11-16 13:10 . 2009-11-16 13:02 155245928 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5249T1L1\setup_gF5249T1L1_d662415066_l1_s1.exe
2008-03-03 09:22 . 2008-03-03 09:22 0 ----a-w- c:\program files\temp01
.

((((((((((((((((((((((((((((( SnapShot@2010-01-30_15.54.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-30 19:51 . 2010-01-30 19:51 7358 c:\windows\Installer\{51D718D1-DA81-4FAD-919F-5C1CE3C33379}\ARPPRODUCTICON.exe
+ 2010-01-31 08:55 . 2010-01-31 08:55 454656 c:\windows\ERDNT\AutoBackup\31-01-2010\Users\00000002\UsrClass.dat
+ 2010-01-31 08:55 . 2005-10-20 11:02 163328 c:\windows\ERDNT\AutoBackup\31-01-2010\ERDNT.EXE
+ 2010-02-01 11:02 . 2010-02-01 11:02 454656 c:\windows\ERDNT\AutoBackup\01-02-2010\Users\00000002\UsrClass.dat
+ 2010-02-01 11:02 . 2005-10-20 11:02 163328 c:\windows\ERDNT\AutoBackup\01-02-2010\ERDNT.EXE
+ 2010-01-30 19:51 . 2010-01-30 19:51 22697984 c:\windows\Installer\d028a5.msi
+ 2010-01-31 08:55 . 2010-01-31 08:55 11878400 c:\windows\ERDNT\AutoBackup\31-01-2010\Users\00000001\ntuser.dat
+ 2010-02-01 11:02 . 2010-02-01 11:02 12537856 c:\windows\ERDNT\AutoBackup\01-02-2010\Users\00000001\ntuser.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-03 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Steam"="c:\program files\Steam\Steam.exe" [2009-10-24 1217808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-01-28 2757512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\jean-fran‡ois\Menu D‚marrer\Programmes\D‚marrage\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage d'Office.lnk
backup=c:\windows\pss\Démarrage d'Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Recherche accélérée.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Recherche accélérée.lnk
backup=c:\windows\pss\Microsoft Recherche accélérée.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=c:\documents and settings\jean-françois\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^wkcalrem.LNK]
path=c:\documents and settings\jean-françois\Menu Démarrer\Programmes\Démarrage\wkcalrem.LNK
backup=c:\windows\pss\wkcalrem.LNKStartup

[HKLM\~\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^Yahoo! Widgets.lnk]
path=c:\documents and settings\jean-françois\Menu Démarrer\Programmes\Démarrage\Yahoo! Widgets.lnk
backup=c:\windows\pss\Yahoo! Widgets.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-05-13 18:58 177472 ----a-w- c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 02:34 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CARPService]
2003-03-18 23:13 4608 ----a-r- c:\windows\system32\carpserv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 02:33 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 13:07 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-07-13 12:03 292128 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
2007-09-06 13:53 169264 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-03 03:46 13529088 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-03 03:46 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-03 03:46 1630208 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-02-23 16:13 77824 ----a-r- c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-12-06 11:55 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-01-03 11:44 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-01-07 20:02 185872 ----a-w- c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"Pml Driver HPZ12"=3 (0x3)
"NVSvc"=2 (0x2)
"Maxtor Sync Service"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"gusvc"=2 (0x2)
"Boonty Games"=3 (0x3)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"aswUpdSv"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\iWin Games\\iWinGames.exe"=
"c:\\Program Files\\iWin Games\\WebUpdater.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [15/10/2009 19:21 64288]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12/07/2008 06:47 163280]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12/07/2008 06:47 19024]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [16/03/2009 18:11 54752]
R2 iWinTrusted;iWinTrusted;c:\program files\iWin Games\iWinTrusted.exe [24/11/2009 20:43 78104]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1181328]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [23/12/2007 12:04 666368]
R3 IMT0521;Inmax USB IMT-0521 Smartcard Reader;c:\windows\system32\drivers\IMT0521.sys [07/07/2008 13:21 34825]
S2 gupdate1c9d21c2ba18bc;Service Google Update (gupdate1c9d21c2ba18bc);c:\program files\Google\Update\GoogleUpdate.exe [11/05/2009 10:36 133104]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
S3 ovt530;Webcam Deluxe;c:\windows\system32\Drivers\ov530vid.sys --> c:\windows\system32\Drivers\ov530vid.sys [?]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader;c:\windows\system32\drivers\SCR33X2K.sys [07/07/2008 13:21 63608]
.
Contenu du dossier 'Tâches planifiées'

2010-02-01 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-02-01 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-02-01 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-02-01 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-02-01 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:21]

2010-01-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-02-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-23 16:08]

2010-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-11 09:36]

2010-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-11 09:36]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game01.zylom.com/activex/zylomgamesplayer.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\documents and settings\jean-françois\Application Data\Mozilla\Firefox\Profiles\sym756yv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Searcheo
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

AddRemove-GamesBar - c:\program files\GamesBar\uninst.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-01 18:42
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1085031214-329068152-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:a3,59,f2,75,e8,71,d1,ad,b5,f6,f9,ab,19,a7,29,b2,a0,95,b2,71,77,c4,d4,
14,69,2f,95,7b,9d,b8,f9,2f,f3,8a,ea,c8,2d,e7,d1,ad,84,d7,71,aa,5e,1c,20,41,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d

[HKEY_USERS\S-1-5-21-1085031214-329068152-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:f9,33,41,a5,06,c3,7c,97,26,24,55,de,e3,c0,41,d1,27,ce,f1,b8,8d,
ac,5a,09,82,e1,48,d2,81,f6,a5,a3,6b,38,b7,d4,35,e0,1a,12,e2,93,8f,0a,b0,39,\
"rkeysecu"=hex:22,ee,e2,b3,26,47,e7,ab,64,5f,6b,fe,11,a5,ec,bd
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(1924)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Hercules\WebCam Station\PhotoImpression\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\System32\SCardSvr.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Widget Carrefour\Widget Carrefour.exe
c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Heure de fin: 2010-02-01 18:50:43 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-02-01 17:50
ComboFix2.txt 2010-01-31 09:27
ComboFix3.txt 2010-01-30 16:02

Avant-CF: 45 635 026 944 octets libres
Après-CF: 45 748 334 592 octets libres

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 3170EE520616CBB0549EB84ABAA75070

est-ce que je dois refaire malwarebytes et RSIT?

bonsoir,

oui, par contre je vais m'absenter, et ne suis pas certaine de pouvoir repasser ce soir.

OK pas de probleme moi non plus d'ailleurs merci je continue.

voilale rapport malwarebyte's:

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3673
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

01/02/2010 20:15:52
mbam-log-2010-02-01 (20-15-52).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 324070
Temps écoulé: 1 hour(s), 7 minute(s), 54 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{DC9C9BD3-66EA-4BD6-88F4-F2D905AD14FD}\RP760\A0201135.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DC9C9BD3-66EA-4BD6-88F4-F2D905AD14FD}\RP760\A0201172.com (Adware.Swizzor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DC9C9BD3-66EA-4BD6-88F4-F2D905AD14FD}\RP760\A0201319.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DC9C9BD3-66EA-4BD6-88F4-F2D905AD14FD}\RP760\A0201347.com (Adware.Swizzor) -> Quarantined and deleted successfully.

et le RSIT,voila a++

Logfile of random's system information tool 1.06 (written by random/random)
Run by jean-françois at 2010-02-01 20:20:19
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 44 GB (44%) free of 100 GB
Total RAM: 1023 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:20:32, on 01/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Widget Carrefour\Widget Carrefour.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\jean-françois\Local Settings\Temporary Internet Files\Content.IE5\O69AA6T3\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\jean-françois.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.switchin.net/switchlaunch.php?partner=bbgames"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: Widget Carrefour 50 jours pour vous.lnk = C:\Program Files\Widget Carrefour 50 jours pour vous\Widget Carrefour 50 jours pour vous.exe
O4 - Startup: Widget Carrefour.lnk = C:\Program Files\Widget Carrefour\Widget Carrefour.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6EBC6744-5383-4213-AD5E-66434ECA1812} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/nordnet/orange/so-4.1/resources/fslauncher.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1c9d21c2ba18bc) (gupdate1c9d21c2ba18bc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 12319 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-01-07 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-06 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-25 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-25 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-06 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-06 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-25 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-01-28 2757512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-03 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]
"Steam"=C:\Program Files\Steam\Steam.exe [2009-10-24 1217808]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE [2008-11-04 460216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CARPService]
C:\WINDOWS\system32\carpserv.exe [2003-03-19 4608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe [2007-09-06 169264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-02-23 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-06 136600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-03 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-01-07 185872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA.EXE [1997-08-29 51984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Recherche accélérée.lnk]
C:\PROGRA~1\MICROS~2\Office\FINDFAST.EXE [1997-08-29 111376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^wkcalrem.LNK]
C:\PROGRA~1\FICHIE~1\MICROS~1\WORKSS~1\WkCalRem.exe [2004-07-12 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^jean-françois^Menu Démarrer^Programmes^Démarrage^Yahoo! Widgets.lnk]
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"WLSetupSvc"=3
"usnjsvc"=3
"Pml Driver HPZ12"=3
"NVSvc"=2
"Maxtor Sync Service"=2
"JavaQuickStarterService"=2
"gusvc"=2
"Boonty Games"=3
"avast! Web Scanner"=3
"avast! Mail Scanner"=3
"avast! Antivirus"=2
"aswUpdSv"=2

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Documents and Settings\jean-françois\Menu Démarrer\Programmes\Démarrage
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE
Widget Carrefour 50 jours pour vous.lnk - C:\Program Files\Widget Carrefour 50 jours pour vous\Widget Carrefour 50 jours pour vous.exe
Widget Carrefour.lnk - C:\Program Files\Widget Carrefour\Widget Carrefour.exe
wkcalrem.LNK - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"ConsentPromptBehaviorAdmin"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:LimeWire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\iWin Games\iWinGames.exe"="C:\Program Files\iWin Games\iWinGames.exe:*:Enabled:iWin Games application."
"C:\Program Files\iWin Games\WebUpdater.exe"="C:\Program Files\iWin Games\WebUpdater.exe:*:Enabled:iWin Games updater."
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

======List of files/folders created in the last 1 months======

2010-02-01 19:27:41 ----SHD---- C:\RECYCLER
2010-02-01 18:50:44 ----A---- C:\ComboFix.txt
2010-02-01 18:39:05 ----D---- C:\WINDOWS\temp
2010-02-01 17:20:26 ----D---- C:\Documents and Settings\jean-françois\Application Data\BanzaiInteractive
2010-02-01 17:20:26 ----D---- C:\Documents and Settings\All Users\Application Data\BanzaiInteractive
2010-01-30 16:38:33 ----A---- C:\Boot.bak
2010-01-30 16:38:25 ----RASHD---- C:\cmdcons
2010-01-30 16:37:19 ----A---- C:\WINDOWS\zip.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\SWSC.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\SWREG.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\sed.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\PEV.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\NIRCMD.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\MBR.exe
2010-01-30 16:37:19 ----A---- C:\WINDOWS\grep.exe
2010-01-30 16:36:35 ----D---- C:\Qoobox
2010-01-30 14:39:54 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-01-30 12:17:16 ----D---- C:\rsit
2010-01-30 10:19:10 ----D---- C:\WINDOWS\ERDNT
2010-01-30 10:11:53 ----D---- C:\Program Files\ERUNT
2010-01-30 05:57:30 ----D---- C:\Documents and Settings\All Users\Application Data\The Mirror Mysteries
2010-01-29 18:03:55 ----D---- C:\Documents and Settings\jean-françois\Application Data\OtherSide Realm of Eons
2010-01-24 15:31:10 ----D---- C:\Documents and Settings\All Users\Application Data\Million
2010-01-21 08:08:14 ----D---- C:\Program Files\Dr. Lynch - Grave Secrets
2010-01-21 08:02:26 ----D---- C:\Program Files\James Patterson's Women's Murder Club - Twice in a Blue Moon
2010-01-21 07:56:38 ----D---- C:\Program Files\Superior Save
2010-01-21 07:52:25 ----D---- C:\Program Files\Escape the Museum 2
2010-01-21 07:35:47 ----D---- C:\Program Files\Agatha Christie - Dead Man's Folly
2010-01-21 07:22:33 ----D---- C:\Program Files\Cassandra's Journey 2 - The Fifth Sun of Nostradamus
2010-01-21 07:15:25 ----D---- C:\Program Files\Herissons de l'Espace
2010-01-21 07:13:06 ----D---- C:\Program Files\Legendes du Far West - Golden Hill
2010-01-21 07:01:08 ----D---- C:\Program Files\Youda Legend - The Golden Bird of Paradise
2010-01-21 06:51:52 ----D---- C:\Program Files\The Fall Trilogy - Chapter 1
2010-01-21 06:46:52 ----D---- C:\Program Files\Mary Kay Andrews - The Fixer Upper
2010-01-18 15:01:12 ----D---- C:\Documents and Settings\jean-françois\Application Data\Valusoft
2010-01-18 15:01:12 ----D---- C:\Documents and Settings\All Users\Application Data\Valusoft
2010-01-15 11:41:05 ----A---- C:\WINDOWS\OEWABLog.txt
2010-01-14 16:18:16 ----D---- C:\Documents and Settings\jean-françois\Application Data\KlickTock
2010-01-14 16:10:10 ----D---- C:\Program Files\iWin Games
2010-01-13 19:13:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 19:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-13 12:04:05 ----D---- C:\Program Files\Samantha Swift - Mystery From Atlantis
2010-01-13 09:36:38 ----D---- C:\Program Files\Veronica Rivers - The Order Of Conspiracy
2010-01-13 09:29:50 ----D---- C:\Program Files\Parking Dash
2010-01-13 09:28:23 ----D---- C:\Program Files\The Mirror Mysteries
2010-01-13 09:23:42 ----D---- C:\Program Files\Dark Tales - Edgar Allan Poe`s Murders in the Rue Morgue
2010-01-13 08:37:40 ----D---- C:\Documents and Settings\jean-françois\Application Data\DruidsBattleOfMagic
2010-01-12 13:32:27 ----D---- C:\Documents and Settings\jean-françois\Application Data\TheFixerUpper
2010-01-11 14:05:49 ----D---- C:\Documents and Settings\jean-françois\Application Data\EcoRescue
2010-01-09 18:21:09 ----D---- C:\Documents and Settings\All Users\Application Data\Far Mills
2010-01-09 15:17:49 ----D---- C:\Documents and Settings\jean-françois\Application Data\WinRAR
2010-01-09 15:17:10 ----D---- C:\Program Files\WinRAR
2010-01-08 17:27:05 ----D---- C:\Documents and Settings\jean-françois\Application Data\Trio
2010-01-05 13:04:37 ----D---- C:\Documents and Settings\jean-françois\Application Data\LaJangada
2010-01-02 13:21:08 ----D---- C:\Documents and Settings\jean-françois\Application Data\GOA
2010-01-02 13:21:08 ----D---- C:\Documents and Settings\All Users\Application Data\GOA

======List of files/folders modified in the last 1 months======

2010-02-01 19:23:16 ----D---- C:\Program Files\Mozilla Firefox
2010-02-01 18:50:48 ----D---- C:\WINDOWS\system32\drivers
2010-02-01 18:48:20 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-01 18:46:33 ----SD---- C:\WINDOWS\Tasks
2010-02-01 18:42:00 ----D---- C:\Program Files\Steam
2010-02-01 18:41:52 ----D---- C:\WINDOWS
2010-02-01 18:41:52 ----A---- C:\WINDOWS\system.ini
2010-02-01 18:39:53 ----D---- C:\WINDOWS\system32\config
2010-02-01 18:38:52 ----RD---- C:\Program Files
2010-02-01 18:34:50 ----D---- C:\WINDOWS\system32
2010-02-01 18:34:50 ----D---- C:\WINDOWS\AppPatch
2010-02-01 18:34:44 ----D---- C:\Program Files\Fichiers communs
2010-02-01 18:30:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-01 18:27:58 ----D---- C:\WINDOWS\Prefetch
2010-02-01 18:12:44 ----D---- C:\Program Files\BoontyGames
2010-02-01 18:02:51 ----D---- C:\Program Files\iWin.com
2010-02-01 17:32:57 ----D---- C:\Documents and Settings\jean-françois\Application Data\HdO Adventure
2010-02-01 17:32:17 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-02-01 16:11:17 ----D---- C:\Documents and Settings\All Users\Application Data\Rumbic Studio
2010-01-31 12:06:57 ----D---- C:\WINDOWS\MSREMOTE.SFS
2010-01-31 11:50:45 ----D---- C:\Program Files\Internet Explorer
2010-01-31 10:49:06 ----D---- C:\Program Files\Mystery Masterpiece - The Moonstone
2010-01-31 09:59:00 ----SHD---- C:\WINDOWS\Installer
2010-01-30 20:41:23 ----D---- C:\WINDOWS\system32\DirectX
2010-01-30 20:38:37 ----D---- C:\Program Files\Wakfu
2010-01-30 16:50:23 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-30 16:50:23 ----D---- C:\Program Files\iWin
2010-01-30 16:38:33 ----RASH---- C:\boot.ini
2010-01-30 14:42:15 ----D---- C:\Program Files\Alwil Software
2010-01-30 14:40:47 ----D---- C:\WINDOWS\WinSxS
2010-01-30 13:25:14 ----D---- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2010-01-30 11:30:49 ----D---- C:\Program Files\Microsoft Works
2010-01-30 11:30:34 ----D---- C:\Program Files\OpenOffice.org 2.3
2010-01-30 06:59:01 ----D---- C:\Documents and Settings\All Users\Application Data\Sandlot Games
2010-01-29 18:01:07 ----D---- C:\Documents and Settings\jean-françois\Application Data\PlayFirst
2010-01-29 18:01:07 ----D---- C:\Documents and Settings\All Users\Application Data\PlayFirst
2010-01-28 23:09:26 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-01-27 18:35:17 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-01-27 18:35:16 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-01-26 16:56:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-01-26 15:08:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-25 17:02:19 ----D---- C:\Documents and Settings\jean-françois\Application Data\OpenOffice.org2
2010-01-25 16:54:18 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-22 12:51:44 ----HD---- C:\WINDOWS\inf
2010-01-22 12:51:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-22 12:51:25 ----D---- C:\WINDOWS\ie8updates
2010-01-22 12:51:05 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-22 11:28:23 ----D---- C:\Program Files\LucasArts
2010-01-22 11:28:23 ----D---- C:\Documents and Settings\jean-françois\Application Data\Petroglyph
2010-01-22 11:28:12 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-22 09:57:10 ----D---- C:\Program Files\Zylom Games
2010-01-21 12:33:47 ----D---- C:\Documents and Settings\jean-françois\Application Data\Alawar
2010-01-21 06:27:24 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-19 17:12:04 ----D---- C:\Documents and Settings\jean-françois\Application Data\Zylom
2010-01-19 17:12:04 ----D---- C:\Documents and Settings\jean-françois\Application Data\Identities
2010-01-18 18:32:44 ----A---- C:\WINDOWS\win.ini
2010-01-18 18:24:27 ----D---- C:\WINDOWS\network diagnostic
2010-01-13 19:13:56 ----A---- C:\WINDOWS\imsins.BAK
2010-01-13 08:30:47 ----D---- C:\Program Files\bfgclient
2010-01-11 14:11:48 ----D---- C:\Documents and Settings\jean-françois\Application Data\iWin
2010-01-11 13:07:18 ----D---- C:\Documents and Settings\jean-françois\Application Data\JewelMatch2
2010-01-09 15:47:44 ----D---- C:\Program Files\Oberon Media
2010-01-07 19:12:29 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-02 14:29:18 ----D---- C:\Documents and Settings\jean-françois\Application Data\Gamers Digital
2010-01-02 14:29:18 ----D---- C:\Documents and Settings\All Users\Application Data\Gamers Digital
2010-01-02 08:57:34 ----D---- C:\Program Files\Messenger Plus! Live

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-01-28 28240]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-12-11 82380]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-01-28 163280]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-01-28 46672]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-01-28 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-01-28 100432]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-03-19 11044]
R2 StreamDispatcher;StreamDispatcher; C:\WINDOWS\system32\DRIVERS\strmdisp.sys [2003-03-19 22400]
R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-02-09 666368]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-01-28 23376]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-03-19 1107072]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-03-19 177024]
R3 IMT0521;Inmax USB IMT-0521 Smartcard Reader; C:\WINDOWS\System32\Drivers\IMT0521.sys [2003-07-11 34825]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-02-24 33408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-02-24 12928]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-12-29 47360]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-03-19 622592]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 mbr;mbr; \??\C:\DOCUME~1\JEAN-F~1\LOCALS~1\Temp\mbr.sys []
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ovt519;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\ov519vid.sys [2003-10-15 174530]
S3 ovt530;Webcam Deluxe; C:\WINDOWS\System32\Drivers\ov530vid.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\SCR33X2K.sys [2003-12-03 63608]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 iWinTrusted;iWinTrusted; C:\Program Files\iWin Games\iWinTrusted.exe [2009-11-24 78104]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-01-27 1181328]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-12-16 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-12-16 103736]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
S2 gupdate1c9d21c2ba18bc;Service Google Update (gupdate1c9d21c2ba18bc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-11 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-11 190448]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe []
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-06 152984]
S4 Maxtor Sync Service;Maxtor Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [2007-09-28 156976]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------

bonsoir,

pas mal, comment se comporte ton pc actuellement ?

bonsoir il y a une petite amelioration encore cet apres-midi on a du l'eteindre par deux fois mais il se rallumé un peu plus vite.mais bon s'il n'y a plus rien de grave comme virus....

merci d'avoir usé de votre temps a++

bonsoir,

peut être serait il bon de faire un scan en ligne

http://www.kaspersky.com/kos/eng/partner/default/pages/default/check.html?n=1259235770640

désactive ton antivirus le temps de faire le scan

tu postes le rapport ensuite

bonsoir j'ai fait le scan mais je ne vois pas comment faire pour te l'envoyer car quand je selectionne je ne peux pas le copier ?? kapersky etait sur update a moins que ce n'est pas cela!!

bonsoir,

t'a t il trouvé quelque chose au moins ?

non apparamment il n'y a rien je t'envoie unscan:

Wednesday, February 3, 2010
Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Wednesday, February 03, 2010 14:25:14
Records in database: 3401930


Scan settings
scan using the following database extended
Scan archives yes
Scan e-mail databases yes

Scan area Critical areas
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
C:\Documents and Settings\jean-françois\Menu Démarrer\Programmes\Démarrage
C:\Program Files
C:\WINDOWS

Scan statistics
Objects scanned 156666
Threats found 0
Infected objects found 0
Suspicious objects found 0
Scan duration 02:32:13

No threats found. Scanned area is clean.
Selected area has been scanned.

re

donc plus de soucis infectieux. D'autres problèmes ?

bonsoir bon tout va bien pour cela.

'j'aurai un autre petit souci ,ils'agit de MSN il faut toujours que je tape l'adresse hotmail et le mot de passe meme si je l'enregistre ,est-ce normal .sinon merci pour tout ,a++

bonsoir,

il faut néanmoins faire ceci pour supprimer ce que l'on a utlisé

* Télécharge ToolsCleaner (de A.Rothstein et Dj Quiou).
* Clique sur Recherche et laisse le scan se terminer.
* Tu peux si tu le souhaites te servir des Options facultatives.

ensuite concernant MSN je n'en ai aucune idée car de toutes façons pour la sécurité, je pense qu'il est beaucoup mieux de ne pas les garder en mémoire