mon pc rame a mort j ai des pic de uc a 70 a 100 %

Han!k le 09 mars 2009 à 15h44

oui

répondre

pascalou95 le 09 mars 2009 à 15h49

je vois pa ce que tu vien de m ecrire sa me dis bien que c toi le dernier message mais quand je rentre sur cette page je vois pa ta derniere reponse

répondre

pascalou95 le 09 mars 2009 à 15h51

c bon je vois je refait l analyse et te dis si j arrive a avoir le rapport merci

répondre

pascalou95 le 09 mars 2009 à 17h00

merci voila le rapport
<HTML>
<HEAD>
<TITLE>BitDefender Online Scanner - Rapport d'analyse</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
</HEAD>
<BODY BGCOLOR=#FFFFFF leftmargin="10" marginwidth="0" topmargin="20" marginheight="0" >

<table align="center" border="0" cellpadding="0" cellspacing="0" width="90%">
<tr>
<td width="458">
BitDefender Online Scanner
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>
<tr>
<td colspan="3" width="912">
Rapport d'analyse généré à: Mon, Mar 09, 2009 - 16:28:10
</td>
</tr>

<tr>
<td width="458">
 
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;I:\;
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
 
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
Statistiques
</td>
</tr>
<tr>
<td width="57%">
Temps
</td>
<td width="43%" align="right">
00:35:49
</td>
</tr>
<tr>
<td width="57%">
Fichiers
</td>
<td width="43%" align="right">
76060
</td>
</tr>
<tr>
<td width="57%">
Directoires
</td>
<td width="43%" align="right">
9622
</td>
</tr>
<tr>
<td width="57%">
Secteurs de boot
</td>
<td width="43%" align="right">
0
</td>
</tr>
<tr>
<td width="57%">
Archives
</td>
<td width="43%" align="right">
1121
</td>
</tr>
<tr>
<td width="57%">
Paquets programmes
</td>
<td width="43%" align="right">
7130
</td>
</tr>
</table>
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
Résultats
</td>
</tr>
<tr>
<td width="57%">
Virus identifiés
</td>
<td width="43%" align="right">
1
</td>
</tr>
<tr>
<td width="57%">
Fichiers infectés
</td>
<td width="43%" align="right">
1
</td>
</tr>
<tr>
<td width="57%">
Fichiers suspects
</td>
<td width="43%" align="right">
0
</td>
</tr>
<tr>
<td width="57%">
Avertissements
</td>
<td width="43%" align="right">
0
</td>
</tr>
<tr>
<td width="57%">
Désinfectés
</td>
<td width="43%" align="right">
0
</td>
</tr>
<tr>
<td width="57%">
Fichiers effacés
</td>
<td width="43%" align="right">
1
</td>
</tr>
</table>
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
Info sur les moteurs
</td>
</tr>
<tr>
<td width="57%">
Définition virus
</td>
<td width="43%" align="right">
2772750
</td>
</tr>
<tr>
<td width="57%">
Version des moteurs
</td>
<td width="43%" align="right">
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
</td>
</tr>
<tr>
<td width="57%">
Analyse des plugins
</td>
<td width="43%" align="right">
17
</td>
</tr>
<tr>
<td width="57%">
Archive des plugins
</td>
<td width="43%" align="right">
45
</td>
</tr>
<tr>
<td width="57%">
Unpack des plugins
</td>
<td width="43%" align="right">
7
</td>
</tr>
<tr>
<td width="57%">
E-mail plugins
</td>
<td width="43%" align="right">
6
</td>
</tr>
<tr>
<td width="57%">
Système plugins
</td>
<td width="43%" align="right">
4
</td>
</tr>
</table>
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
Paramètres d'analyse
</td>
</tr>
<tr>
<td width="57%">
Première action
</td>
<td width="43%" align="right">
Désinfecté
</td>
</tr>
<tr>
<td width="57%">
Seconde Action
</td>
<td width="43%" align="right">
Supprimé
</td>
</tr>
<tr>
<td width="57%">
Heuristique
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
<tr>
<td width="57%">
Acceptez les avertissements
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
<tr>
<td width="57%">
Extensions analysées
</td>
<td width="43%" align="right">
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;
</td>
</tr>

<tr>
<td width="57%">
Excludez les extensions
</td>
<td width="43%" align="right">
 
</td>
</tr>
<tr>
<td width="57%">
Analyse d'emails
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
<tr>
<td width="57%">
Analyse des Archives
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
<tr>
<td width="57%">
Analyser paquets programmes
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
<tr>
<td width="57%">
Analyse des fichiers
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
<tr>
<td width="57%">
Analyse de boot
</td>
<td width="43%" align="right">
Oui
</td>
</tr>
</table>
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td colspan=2>  
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="252" bgcolor="#CCCCCC">
Fichier analysé
</td>
<td width="195" bgcolor="#CCCCCC" align="right">
 Statut
</td>
</tr>
<tr>
<td width="57%">
C:\System Volume Information\_restore{7AFC631D-71A6-4CBE-9F8F-EFDBDC0F94C6}\RP250\A0054441.dll
</td>
<td width="43%" align="left">
Détecté avec: Spyware.945
</td>
</tr><tr>
<td width="57%">
C:\System Volume Information\_restore{7AFC631D-71A6-4CBE-9F8F-EFDBDC0F94C6}\RP250\A0054441.dll
</td>
<td width="43%" align="left">
Supprimé
</td>
</tr>
</table>
</td>

<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
 
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

<tr>
<td width="458">
 
</td>
<td width="40%">
 
</td>
<td width="10%">
 
</td>
</tr>

</table>
 

</body>
</html>

répondre

Han!k le 09 mars 2009 à 17h05

relance combofix et poste le rapport

-------
http://www.genproc.com/

répondre

pascalou95 le 09 mars 2009 à 17h53

ComboFix 09-03-06.02 - Owner 2009-03-09 17:21:37.2 - NTFSx86
Lancé depuis: c:\documents and settings\TEMP\Mes documents\combofix.exe
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-02-09 au 2009-03-09 ))))))))))))))))))))))))))))))))))))
.

2009-03-09 17:18 . 2009-03-09 17:20 <REP> d-------- C:\32788R22FWJFW
2009-03-09 01:23 . 2009-03-09 15:52 <REP> d-------- c:\windows\BDOSCAN8
2009-03-08 20:53 . 2009-03-08 21:11 <REP> d-------- C:\bibite
2009-03-08 17:31 . 2009-03-08 17:31 <REP> d-------- C:\GenProc
2009-03-06 16:35 . 2009-01-09 20:19 1,089,883 --------- c:\windows\system32\dllcache\ntprint.cat
2009-03-06 14:43 . 2009-03-06 14:44 <REP> d-------- C:\05ebf9399de57b1050cc8dd3765e
2009-03-06 13:41 . 2008-10-16 02:01 1,499,648 --------- c:\windows\system32\dllcache\shdocvw.dll
2009-03-06 12:23 . 2009-03-06 12:24 <REP> d-------- c:\program files\Opera
2009-03-05 12:16 . 2009-03-05 12:16 <REP> d-------- c:\program files\Ratajik Software
2009-03-04 11:41 . 2009-03-04 12:02 <REP> d-------- c:\program files\LimeWire Acceleration Patch
2009-03-04 10:27 . 2009-03-04 10:27 <REP> d-------- c:\windows\Logs
2009-03-04 10:27 . 2009-03-04 10:27 <REP> d-------- c:\program files\Utherverse Digital Inc
2009-02-27 23:33 . 2009-02-27 23:33 <REP> d-------- c:\documents and settings\TEMP\Application Data\Search Settings
2009-02-27 23:33 . 2009-02-27 23:33 <REP> d-------- c:\documents and settings\TEMP\Application Data\pdfforge
2009-02-27 23:27 . 2009-02-27 23:27 <REP> d-------- c:\program files\pdfforge Toolbar
2009-02-20 02:24 . 2009-03-05 20:43 <REP> d-------- c:\program files\Incomplete
2009-02-19 13:11 . 2009-02-19 13:11 <REP> d-------- c:\program files\AskBarDis
2009-02-18 13:31 . 2009-02-18 13:31 <REP> d-------- c:\program files\Microsoft Sync Framework

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-09 12:29 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-03-09 01:10 --------- d-----w c:\program files\Replay Media Catcher
2009-03-08 12:05 --------- d-----w c:\documents and settings\TEMP\Application Data\Azureus
2009-03-07 11:19 --------- d-----w c:\program files\Fichiers communs\Adobe
2009-03-06 11:59 --------- d-----w c:\program files\UseNeXT
2009-03-06 01:54 --------- d-----w c:\program files\Free Music Zilla
2009-03-05 11:38 323,584 ----a-w c:\windows\system32\AUDIOGENIE2.DLL
2009-03-05 11:38 237,568 ----a-w c:\windows\system32\rmc_rtspdl.dll
2009-03-05 11:38 156,672 ----a-w c:\windows\system32\rmc_fixasf.exe
2009-03-05 11:07 --------- d-----w c:\documents and settings\TEMP\Application Data\Ulead Systems
2009-03-04 11:08 --------- d-----w c:\documents and settings\TEMP\Application Data\LimeWire
2009-03-04 10:52 --------- d-----w c:\program files\LimeWire
2009-03-03 12:50 --------- d-----w c:\documents and settings\TEMP\Application Data\Orbit
2009-03-03 02:17 --------- d-----w c:\program files\Windows Live Safety Center
2009-02-27 11:00 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-18 12:41 --------- d-----w c:\program files\Microsoft
2009-02-18 12:31 --------- d-----w c:\program files\Windows Live
2009-02-13 00:51 --------- d-----w c:\program files\Microsoft Picture It! 10
2009-02-07 12:13 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-02-07 12:13 --------- d-----r c:\program files\Skype
2009-02-07 12:12 --------- d-----w c:\program files\IncrediMail
2009-02-07 12:03 --------- d-----w c:\documents and settings\TEMP\Application Data\skypePM
2009-02-06 18:39 308,600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 03:18 --------- d-----w c:\program files\SRSLabs
2009-02-06 03:18 --------- d-----w c:\program files\Fichiers communs\SRS
2009-02-06 03:18 --------- d-----w c:\documents and settings\All Users\Application Data\SRSLabs
2009-01-31 23:18 114,232 ----a-w c:\documents and settings\TEMP\Application Data\GDIPFONTCACHEV1.DAT
2009-01-25 10:57 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-24 22:07 --------- d-----w c:\program files\Graboid
2009-01-23 16:07 --------- d-----w c:\documents and settings\TEMP\Application Data\MozillaControl
2009-01-23 16:07 --------- d-----w c:\documents and settings\All Users\Application Data\Graboid Inc
2009-01-23 16:06 --------- d-----w c:\documents and settings\All Users\Application Data\Launcher
2009-01-14 17:19 --------- d-----w c:\documents and settings\TEMP\Application Data\Grisoft
2009-01-14 17:18 --------- d-----w c:\documents and settings\All Users\Application Data\Grisoft
2009-01-12 02:26 --------- d-----w c:\program files\Google
2008-12-20 22:46 63,488 ----a-w c:\windows\system32\dllcache\icardie.dll
2008-12-20 22:46 6,066,688 ----a-w c:\windows\system32\dllcache\ieframe.dll
2008-12-20 22:46 52,224 ----a-w c:\windows\system32\dllcache\msfeedsbs.dll
2008-12-20 22:46 459,264 ----a-w c:\windows\system32\dllcache\msfeeds.dll
2008-12-20 22:46 383,488 ----a-w c:\windows\system32\dllcache\ieapfltr.dll
2008-12-20 22:46 267,776 ----a-w c:\windows\system32\dllcache\iertutil.dll
2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-12 17:02 3,088,896 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2007-11-30 10:25 61,647,736 ----a-r c:\program files\directx_directx_9.0c_-_mise_a_jour_aout_2007_francais_10906.exe
2007-02-01 14:27 3,072 -csha-w c:\program files\Fichiers communs\Thumbs.db
1998-04-24 05:00 1,078 -c----w c:\program files\Fichiers communs\RECYFULL.ICO
2008-08-28 18:08 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008082820080829\index.dat
.

------- Sigcheck -------

2008-10-16 14:09 66584 2275f45e257d46e6500558b2930cb9a4 c:\windows\ServicePackFiles\i386\wuauclt.exe
2008-10-16 14:09 66584 2275f45e257d46e6500558b2930cb9a4 c:\windows\system32\wuauclt.exe
2008-10-16 14:09 51224 e654b78d2f1d791b30d0ed9a8195ec22 c:\windows\system32\dllcache\wuauclt.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-03-08_21.08.59.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-09 00:23:40 45,056 ----a-w c:\windows\BDOSCAN8\avxdisk.dll
+ 2009-03-09 00:23:40 10,240 ----a-w c:\windows\BDOSCAN8\avxs.dll
+ 2009-03-09 00:23:40 27,136 ----a-w c:\windows\BDOSCAN8\avxt.dll
+ 2009-03-09 00:23:42 102,400 ----a-w c:\windows\BDOSCAN8\bdcore.dll
+ 2006-05-25 00:21:00 118,784 ----a-w c:\windows\BDOSCAN8\bdupd.dll
+ 2006-05-25 00:21:14 53,248 ----a-w c:\windows\BDOSCAN8\ipsupd.dll
+ 2009-03-09 00:23:42 142,848 ----a-w c:\windows\BDOSCAN8\libfn.dll
+ 2009-03-09 00:23:41 86,016 ----a-w c:\windows\BDOSCAN8\librtvr.dll
+ 2006-05-25 00:22:06 53,248 ----a-w c:\windows\bdoscandel.exe
+ 2006-05-25 00:21:00 118,784 ----a-w c:\windows\Downloaded Program Files\bdupd.dll
+ 2006-05-25 00:21:14 53,248 ----a-w c:\windows\Downloaded Program Files\ipsupd.dll
+ 2009-03-09 11:21:33 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_72c.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-09-08 22:08 279944 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2009-01-30 15:12 650752 --a------ c:\program files\pdfforge Toolbar\WidgiToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-08 279944]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\WidgiToolbarIE.dll" [2009-01-30 650752]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-08 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-28 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"Microsoft Works Update Detection"="c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-18 28672]
"DrvIcon"="c:\windows\XP²Vista\Vista Drive Icon\DrvIcon.exe" [2008-04-13 49152]
"Visual Task Tips"="c:\windows\XP²Vista\VisualTaskTips.exe" [2008-06-22 65536]
"TopDesk"="c:\windows\XP²Vista\TopDesk.exe" [2007-11-16 1937920]
"TrayServer"="c:\program files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe" [2007-07-17 90112]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-01-30 992256]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\TEMP\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-09-17 110592]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-02-11 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-06-16 805392]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= "c:\progra~1\MarkAny\CONTEN~1\MACSMA~1.DLL" [2004-11-23 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42 72208 c:\program files\Fichiers communs\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Documents and Settings\\TEMP\\Mes documents\\Downloads1\\Azureus\\Azureus.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\WINDOWS\\system32\\[Emoticons-plus.com] Winkaa 2.0.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R2 KeenfinderSrch Service;KeenfinderSrch Service; [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136]
S2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - AFD
*Deregistered* - ALG
*Deregistered* - AntiVirScheduler
*Deregistered* - AntiVirService
*Deregistered* - AOL ACS
*Deregistered* - AudioSrv
*Deregistered* - AVG Anti-Spyware Driver
*Deregistered* - AVG Anti-Spyware Guard
*Deregistered* - AvgAsCln
*Deregistered* - avgio
*Deregistered* - avgntflt
*Deregistered* - avipbb
*Deregistered* - Beep
*Deregistered* - Browser
*Deregistered* - Cdfs
*Deregistered* - CLCapSvc
*Deregistered* - CLSched
*Deregistered* - CryptSvc
*Deregistered* - CyberLink Media Library Service
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - Dnscache
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - fssfltr
*Deregistered* - fsssvc
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - gusvc
*Deregistered* - helpsvc
*Deregistered* - HidServ
*Deregistered* - ImapiService
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - JavaQuickStarterService
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - LVUSBSta
*Deregistered* - mnmdd
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PartMgr
*Deregistered* - PCIIde
*Deregistered* - PolicyAgent
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasMan
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - RichVideo
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - SeaPort
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - sfdrv01
*Deregistered* - sfhlp02
*Deregistered* - sfsync02
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - sptd
*Deregistered* - sr
*Deregistered* - srservice
*Deregistered* - Srv
*Deregistered* - ssmdrv
*Deregistered* - stisvc
*Deregistered* - swenum
*Deregistered* - TapiSrv
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - Update
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - VolumeFilter
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - wanatw
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - WmiApSrv
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WZCSVC
.
.
------- Examen supplémentaire -------
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.fr/
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://192.168.1.1/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Owner\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} - hxxp://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://copainsdavant.linternaute.com/html_include_bibliotheque/objimageupload(...)
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-09 17:25:40
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
@SACL=
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"="c:\\WINDOWS\\System32\\shell32.dll,15"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="c:\\WINDOWS\\system32\\SHELL32.dll,17"
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"="c:\\WINDOWS\\system32\\SHELL32.dll,17"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="c:\\WINDOWS\\system32\\shell32.dll,22"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="c:\\WINDOWS\\system32\\shell32.dll,23"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="c:\\WINDOWS\\system32\\shell32.dll,24"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="c:\\WINDOWS\\system32\\shell32.dll,-175"
"{21EC2020-3AEA-1069-A2DD-08002B30309D}"="c:\\WINDOWS\\System32\\shell32.dll,-137"
"{2227A280-3AEA-1069-A2DE-08002B30309D}"="c:\\WINDOWS\\System32\\shell32.dll,-138"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="c:\\WINDOWS\\system32\\shell32.dll,38"
"AudioCD"="c:\\WINDOWS\\System32\\shell32.dll,40"
"{FBF23B42-E3F0-101B-8488-00AA003E56F8}"="c:\\WINDOWS\\system32\\shell32.dll,220"
"{450D8FBA-AD25-11D0-98A8-0800361B1103}"="c:\\WINDOWS\\system32\\mydocs.dll,0"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="c:\\WINDOWS\\system32\\main.cpl,10"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="c:\\WINDOWS\\system32\\wiashext.dll,0"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="c:\\WINDOWS\\system32\\mstask.dll,-100"
"{88C6C381-2E85-11D0-94DE-444553540000}"="c:\\WINDOWS\\System32\\occache.dll,0"
"{BDEADF00-C265-11d0-BCED-00A0C90AB50F}"="c:\\Program Files\\COMMON~1\\MICROS~1\\WEBFOL~1\\MSONSEXT.DLL,0"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="c:\\WINDOWS\\System32\\shdocvw.dll,-20785"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="c:\\WINDOWS\\System32\\webcheck.dll,0"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="c:\\WINDOWS\\system32\\syncui.dll,0"

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d0,eb,75,16,f7,e4,11,2b,6c,ce,de,94,7a,2f,b5,21,91,18,20,70,29,79,c1,
ac,40,96,a3,7c,37,76,5b,15,d5,40,bb,ac,ec,3d,fa,e4,88,8c,5c,13,23,bd,19,ef,\
"??"=hex:bc,46,c8,0a,5e,c7,50,9e,6a,8f,6f,14,c5,80,d5,74

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\SecuROM\License information*]
"datasecu"=hex:84,21,59,c6,2e,d8,0b,d8,05,61,17,c0,71,e3,12,65,96,17,71,68,b1,
a2,5c,6e,e6,f2,1c,0a,fc,82,dd,8b,d3,19,33,e8,e9,53,cd,0f,d7,bf,be,ef,6a,08,\
"rkeysecu"=hex:9f,ca,16,75,83,0a,d6,fd,d2,a5,ab,cb,c1,0d,12,f7
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(520)
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logitech\bluetooth\LBTServ.dll

- - - - - - - > 'lsass.exe'(576)
c:\windows\system32\scecli.dll
.
Heure de fin: 2009-03-09 17:30:10
ComboFix-quarantined-files.txt 2009-03-09 16:29:40
ComboFix2.txt 2009-03-08 20:11:30

Avant-CF: 64 221 310 976 octets libres
Après-CF: 64,256,098,304 octets libres

355 --- E O F --- 2009-03-06 22:41:41

répondre

Han!k le 09 mars 2009 à 18h04

supprime C:\GenProc

télécharge GenProc http://www.genproc.com/GenProc.exe

double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre

-------
http://www.genproc.com/

répondre

pascalou95 le 09 mars 2009 à 18h12

voila le rapport
Initialisation GenProc 2.415 [09/03/2009] à [18:07:37]

*** Variables initiales SET et temporaires ***

ALLUSERSPROFILE=C:\Documents and Settings\All Users
AnneeInstallation=2009
AnneeLancement=2009
APPDATA=C:\Documents and Settings\TEMP\Application Data
CheminBatch=C:\GenProc
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=LES-WARIORS
ComSpec=C:\WINDOWS\system32\cmd.exe
DifferenceJour=1
FP_NO_HOST_CHECK=NO
GenProcVersion=2.415
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\TEMP
JourInstallation=8
JourLancement=9
LOGONSERVER=\\LES-WARIORS
MoisInstallation=3
MoisLancement=3
NbJourInst=733353
NbJourLancement=733354
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Ulead Systems\DVD;C:\Program Files\Microsoft SQL Server\80\Tools\Binn
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2c02
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\TEMP\LOCALS~1\Temp
TMP=C:\DOCUME~1\TEMP\LOCALS~1\Temp
USERDOMAIN=LES-WARIORS
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\TEMP
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI

*** Liste des composants GenProc ***

C:\GenProc\Arguments
C:\GenProc\Canned
C:\GenProc\ChangeLog
C:\GenProc\GenProc.bat
C:\GenProc\outil
C:\GenProc\Page
C:\GenProc\Arguments\Argument.txt
C:\GenProc\Arguments\Debug.txt
C:\GenProc\Arguments\design.css
C:\GenProc\Canned\A-Squared.txt
C:\GenProc\Canned\Bagle2_Dl.txt
C:\GenProc\Canned\bfu_Dl.txt
C:\GenProc\Canned\CCleaner_Dl.txt
C:\GenProc\Canned\FixWareOut_Dl.txt
C:\GenProc\Canned\FixWebHancer_Dl.txt
C:\GenProc\Canned\FixWebHancer_Exec.txt
C:\GenProc\Canned\Flash_Disinfector_Dl.txt
C:\GenProc\Canned\Flash_Disinfector_Exec.txt
C:\GenProc\Canned\FxNdotN_Dl.txt
C:\GenProc\Canned\FxNdotN_Exec.txt
C:\GenProc\Canned\Haxfix_Dl.txt
C:\GenProc\Canned\Look2me_Dl.txt
C:\GenProc\Canned\Look2me_Exec.txt
C:\GenProc\Canned\Lop_Dl.txt
C:\GenProc\Canned\Lop_Exec.txt
C:\GenProc\Canned\MSE1.txt
C:\GenProc\Canned\MSNfix_Dl.txt
C:\GenProc\Canned\MSNfix_Exec.txt
C:\GenProc\Canned\Navilog1_Dl.txt
C:\GenProc\Canned\Navilog1_Exec.txt
C:\GenProc\Canned\Purity_Dl.txt
C:\GenProc\Canned\Purity_Exec.txt
C:\GenProc\Canned\RemGAIN_Dl.txt
C:\GenProc\Canned\RemGAIN_Exec.txt
C:\GenProc\Canned\rustock_Dl.txt
C:\GenProc\Canned\ScanAntivirusNod32.txt
C:\GenProc\Canned\ScanAntivirusPanda.txt
C:\GenProc\Canned\SDfix_Dl.txt
C:\GenProc\Canned\SDfix_Exec.txt
C:\GenProc\Canned\SmitfraudFix_Dl.txt
C:\GenProc\Canned\SmitfraudFix_Exec.txt
C:\GenProc\Canned\SpywareTerminator.txt
C:\GenProc\Canned\TeaTimer.txt
C:\GenProc\Canned\ToolbarSD_Dl.txt
C:\GenProc\Canned\ToolbarSD_Exec.txt
C:\GenProc\Canned\ToolCleaner.txt
C:\GenProc\Canned\Vundo_Dl.txt
C:\GenProc\Canned\Vundo_Exec.txt
C:\GenProc\Canned\Vundo_Recovery_Dl.txt
C:\GenProc\Canned\Winsoftware_bfu_Dl.txt
C:\GenProc\Canned\Winsoftware_bfu_Exec.txt
C:\GenProc\ChangeLog\BagleLog.txt
C:\GenProc\ChangeLog\FlashLog.txt
C:\GenProc\ChangeLog\HaxfixLog.txt
C:\GenProc\ChangeLog\Look2MeLog.txt
C:\GenProc\ChangeLog\LopLog.txt
C:\GenProc\ChangeLog\MSNFixLog.txt
C:\GenProc\ChangeLog\NaviLog.txt
C:\GenProc\ChangeLog\PurityLog.txt
C:\GenProc\ChangeLog\RemGainLog.txt
C:\GenProc\ChangeLog\SDfixLog.txt
C:\GenProc\ChangeLog\SmitLog.txt
C:\GenProc\ChangeLog\ToolbarSDLog.txt
C:\GenProc\ChangeLog\VundoLog.txt
C:\GenProc\ChangeLog\WinSoftware.txt
C:\GenProc\outil\1.txt
C:\GenProc\outil\BlocageDate.vbs
C:\GenProc\outil\commandes.sed
C:\GenProc\outil\CompareDate.bat
C:\GenProc\outil\curl.exe
C:\GenProc\outil\Curl_HJT.bat
C:\GenProc\outil\DateInst.txt
C:\GenProc\outil\EnableWSH.bat
C:\GenProc\outil\Exclusions.txt
C:\GenProc\outil\getmsiinfo.vbs
C:\GenProc\outil\grep.exe
C:\GenProc\outil\icon_genproc.ico
C:\GenProc\outil\info.vbs
C:\GenProc\outil\Lancements.bat
C:\GenProc\outil\libiconv2.dll
C:\GenProc\outil\libintl3.dll
C:\GenProc\outil\Norton.vbs
C:\GenProc\outil\OSVers.bat
C:\GenProc\outil\pcre3.dll
C:\GenProc\outil\regex2.dll
C:\GenProc\outil\sed.bat
C:\GenProc\outil\sed.exe
C:\GenProc\outil\Son.vbs
C:\GenProc\outil\supprime.bat
C:\GenProc\outil\swreg.exe
C:\GenProc\outil\tasklist.exe
C:\GenProc\outil\Termine.wav
C:\GenProc\outil\UAC.vbs
C:\GenProc\outil\Uninstall.bat
C:\GenProc\outil\uniq.exe
C:\GenProc\outil\Var.bat
C:\GenProc\outil\[3].txt
C:\GenProc\Page\GenProcPage
C:\GenProc\Page\GenProc[1].html
C:\GenProc\Page\GenProc[2].html
C:\GenProc\Page\GenProc[3].html
C:\GenProc\Page\GenProcPage\1.gif
C:\GenProc\Page\GenProcPage\2.gif
C:\GenProc\Page\GenProcPage\4.gif
C:\GenProc\Page\GenProcPage\aide.gif
C:\GenProc\Page\GenProcPage\design.css
C:\GenProc\Page\GenProcPage\important.gif

*** Liste des étapes franchies avec succès ***

OSVers
UAC
EnableWSH
ManqueFichiers
sed.bat
AVNorton
Var.bat
Lancements
Protections résidentes
TeaTimer

répondre

Han!k le 09 mars 2009 à 18h22

suit ce tuto http://www.malekal.com/tutorial_DrWebCureIt.php
poste le rapport à la fin

-------
http://www.genproc.com/

répondre

pascalou95 le 09 mars 2009 à 18h50

il me demande de desinstaller mon antivirus dois je le faire?

répondre

Han!k le 09 mars 2009 à 19h44

oui

-------
http://www.genproc.com/

répondre

pascalou95 le 09 mars 2009 à 22h34

voici le rapport que j obtien pa grand chose je sais pa si c bon
combofix.exe/data002\32788R22FWJFW\c.bat C:\Documents and Settings\TEMP\Mes documents\combofix.exe/data002 Probablement BATCH.Virus
combofix.exe/data002\32788R22FWJFW\psexec.cfexe C:\Documents and Settings\TEMP\Mes documents\combofix.exe/data002 Program.PsExec.171
data002 C:\Documents and Settings\TEMP\Mes documents L'archive contient des éléments infectés
combofix.exe C:\Documents and Settings\TEMP\Mes documents Conteneur comporte des objets infectés Quarantaine.
wywms.exe.vir C:\Qoobox\Quarantine\C\Documents and Settings\TEMP\Local Settings\Application Data Probablement Trojan.Packed.258
A0053067.dll C:\System Volume Information\_restore{7AFC631D-71A6-4CBE-9F8F-EFDBDC0F94C6}\RP246 Trojan.Packed.365 Supprimé.
A0054130.bat C:\System Volume Information\_restore{7AFC631D-71A6-4CBE-9F8F-EFDBDC0F94C6}\RP249 Probablement BATCH.Virus
A0054190.exe C:\System Volume Information\_restore{7AFC631D-71A6-4CBE-9F8F-EFDBDC0F94C6}\RP249 Probablement Trojan.Packed.258
A0054207.bat C:\System Volume Information\_restore{7AFC631D-71A6-4CBE-9F8F-EFDBDC0F94C6}\RP249 Probablement BATCH.Virus
A0054223.EXE C:\System Volume Information\_restore{7AFC631D-71A6-4CBE-9F8F-EFDBDC0F94C6}\RP249 Program.PsExec.170
A0054486.bat C:\System Volume Information\_restore{7AFC631D-71A6-4CBE-9F8F-EFDBDC0F94C6}\RP250 Probablement BATCH.Virus

répondre

pascalou95 le 09 mars 2009 à 22h35

c aparament que les infection trouver

répondre

Han!k le 09 mars 2009 à 22h58

virut est une merde
lis http://www.malekal.com/Win32:virut.php
formate

-------
http://www.genproc.com/

répondre

Curson le 09 mars 2009 à 23h00

Bonsoir Han!k,

Où constates-tu l'infection virut ?

-------
Si votre sujet reste sans réponse, merci de le signaler ici.

répondre

pascalou95 le 09 mars 2009 à 23h02

tant ou pas car sinon faut que je grave des trucs avant je veux pas les perde

répondre

pascalou95 le 09 mars 2009 à 23h04

pertte de dossier en formatant ou pas?

répondre

Han!k le 09 mars 2009 à 23h10

Bonsoir Han!k,

Où constates-tu l'infection virut ?

ici est depuis le debut genproc . .

Une copie infectée de c:\windows\system32\lsass.exe a été trouvée et désinfectée
opie restaurée à partir de - c:\qoobox\Quarantine\C\WINDOWS\system32\LSASS.EXE.vir

Une copie infectée de c:\windows\system32\winlogon.exe a été trouvée et désinfectée
opie restaurée à partir de - c:\qoobox\Quarantine\C\WINDOWS\system32\WINLOGON.EXE.vir

Une copie infectée de c:\windows\system32\services.exe a été trouvée et désinfectée
opie restaurée à partir de - c:\qoobox\Quarantine\C\WINDOWS\system32\SERVICES.EXE.vir

Une copie infectée de c:\windows\explorer.exe a été trouvée et désinfectée
opie restaurée à partir de - c:\qoobox\Quarantine\C\WINDOWS\explorer.exe.vir

-------
http://www.genproc.com/

répondre

Curson le 09 mars 2009 à 23h14

Le scan BitDefender n'indique que sept fichiers infectés.

Infectés Fichiers
7

Je ne pense pas que se soit Virut. On arriverait à un minimum de 100 fichiers infectés.

-------
Si votre sujet reste sans réponse, merci de le signaler ici.

répondre

pascalou95 le 09 mars 2009 à 23h16

merci han!k il me reste plus qu asuvegarder sur dvd les dossier que je garder puis mon avira version pro puis avoir un cd windows xp pro afin de formater l ordi entier pour remettre windows xp pro ou famillial comme j avais c bien ca (a ton avis je peux mettre windows pro sp3 fr j aurais asser de place ou pas vu que c etait le famillial que j avais ???????)

répondre

Han!k le 09 mars 2009 à 23h17

si tu veut te battre je te laisse

-------
http://www.genproc.com/

répondre

pascalou95 le 09 mars 2009 à 23h19

nan curson car si tu regarde bien moi avec bitdefender j en avais que 7 aussi donc va regarder le lien qu il ma mis juste audessus sa t aidera peu etre pour l identifier ou cas ou tu aurais bien virut qui es vraiment une merde car pour te dire ùon pc moi met 15 minute a s allumer et au moin 10 minute a ouvrir n importe quoi qui sois un exe bonne chance

répondre

pascalou95 le 09 mars 2009 à 23h21

formatage pc alpors c ca ?

répondre

Curson le 09 mars 2009 à 23h38

Bonsoir,

On va voir ce que l'on peut faire.

1) Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

- Double-clique maintenant sur le fichier téléchargé.
- Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
- Choisis maintenant l'option (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré. (C:\TB.txt)

2) Télécharge OTViewIt de OldTimer sur ton bureau.

- Ferme toutes les fenêtres et applications.
- Double clique sur OTViewIt.exe pour le lancer (sous Vista, clique droit sur l'icône > "Exécuter en tant qu'administrateur")
- Dans la liste déroulante "File Age" choisis : 30 days (ou selon votre choix)
- Clique sur le bouton "Run Scan".
- Patiente quelques minutes.
- le bloc note va s'ouvrir, poste les deux rapports obtenus dans ta prochaine réponse.

Cordialement.

-------
Si votre sujet reste sans réponse, merci de le signaler ici.

répondre

pascalou95 le 10 mars 2009 à 00h44

voila le 1er rapport

-----------\\ ToolBar S&D 1.2.8 XP/Vista

( : )
USER : Owner ( Administrator )

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 10/03/2009| 0:41 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\004E8B1D
C:\Program Files\AskBarDis\bar\Cache\004E8F54
C:\Program Files\AskBarDis\bar\Cache\004E90DA.bin
C:\Program Files\AskBarDis\bar\Cache\004E937A.bin
C:\Program Files\AskBarDis\bar\Cache\004E95CC.bin
C:\Program Files\AskBarDis\bar\Cache\004E984C.bin
C:\Program Files\AskBarDis\bar\Cache\004E9A50.bin
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30C88223.pf
C:\DOCUME~1\TEMP\APPLIC~1\Search Settings
C:\DOCUME~1\TEMP\APPLIC~1\Search Settings\kb128
C:\DOCUME~1\TEMP\APPLIC~1\Search Settings\kb128\temp
C:\DOCUME~1\TEMP\APPLIC~1\Search Settings\kb128\temp\ws-14309.log
C:\DOCUME~1\TEMP\APPLIC~1\Search Settings\kb128\temp\ws-14310.log
C:\WINDOWS\iun6002.exe

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.google.com"
"Start Page"="http://www.google.fr/"
"Search Bar"="http://www.google.com/ie"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkID=44406"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68929"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"

--------------------\\ Recherche d'autres infections

C:\DOCUME~1\TEMP\LOCALS~1\APPLIC~1\live-player
C:\DOCUME~1\TEMP\LOCALS~1\APPLIC~1\live-player\flv.swf
C:\DOCUME~1\TEMP\LOCALS~1\APPLIC~1\live-player\liveplayer.s3db
==> EGDACCESS <==

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\TEMP\Application Data\Azureus\torrents\Rapidshare+Firstload+usenext+Keygen+Key+!+Premium+v+3.6.rar.torrent
C:\DOCUME~1\TEMP\Application Data\Azureus\torrents\RicochetInfinity+CrackFull_By_Lespeed.rar[www.reload-paradise.net][1].torrent
C:\DOCUME~1\TEMP\Application Data\Azureus\torrents\Sony_Vegas_7.0e__+_Crack.rar[www.reload-paradise.net][1].torrent
C:\DOCUME~1\TEMP\Application Data\Azureus\torrents\Unreal_Tournament_3_KEYGEN___RELOADED-Fenopy.com.torrent
C:\DOCUME~1\TEMP\Mes documents\Ma musique\Artiste inconnu\Micropoint - Overdose United\10-micropoint-crackpipe-def.mp3

1 - "C:\ToolBar SD\TB_1.txt" - 10/03/2009| 0:43 - Option : [1]

-----------\\ Fin du rapport a 0:43:12,25

répondre

pascalou95 le 10 mars 2009 à 00h55

voila les deux autre rapport
OTViewIt Extras logfile created on: 10/03/2009 00:47:03 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\TEMP\Local Settings\Temporary Internet Files\Content.IE5\2XEKH0S2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

446,48 Mb Total Physical Memory | 166,35 Mb Available Physical Memory | 37,26% Memory free
1,11 Gb Paging File | 0,77 Gb Available in Paging File | 69,43% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,97 Gb Total Space | 59,69 Gb Free Space | 40,61% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LES-WARIORS
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
"Use My Stylesheet"=
"User Stylesheet"=

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DisableNotifications"=0
"DoNotAllowExceptions"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 18:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2004/04/08 05:25:04 | 01,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
[2004/04/08 05:25:04 | 00,496,752 | ---- | M] (America Online, Inc) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL
[2005/05/31 12:14:04 | 00,259,184 | ---- | M] (America Online, Inc.) -- C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0
[2008/02/11 01:08:57 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
[2008/04/13 10:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2009/02/06 18:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2009/01/14 11:07:06 | 00,732,352 | ---- | M] () -- C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla
[2008/02/11 01:08:57 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
[2008/05/27 11:29:45 | 00,254,976 | ---- | M] (Azureus Inc) -- C:\Documents and Settings\TEMP\Mes documents\Downloads1\Azureus\Azureus.exe:*:Enabled:Azureus
[2009/01/27 13:10:16 | 00,251,264 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail
[2009/01/27 13:10:06 | 00,189,824 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail
[2009/01/27 13:10:14 | 00,112,000 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail
[2007/11/30 10:13:04 | 00,096,256 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
[2008/12/12 10:44:30 | 00,356,352 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:P2P service of Orbit Downloader
[2008/06/10 00:21:04 | 00,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary
[2009/02/26 10:49:18 | 00,099,328 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
[2005/04/21 17:20:52 | 00,028,672 | ---- | M] (Aapie.Net) -- C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe:*:Enabled:[Emoticons-plus.com] Winkaa 2.0
[2006/04/11 09:03:44 | 00,163,840 | ---- | M] (Musiccity Co.Ltd.) -- C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player
[2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2009/02/06 18:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2008/02/11 01:08:57 | 00,028,711 | ---- | M] (Logitech Inc.) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (bwfile-8876480:{9462A756-7B47-47BC-8C80-C34B9B80B32B} (HKLM) [BackWeb GA Pluggable Protocol])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2004/01/29 15:08:23 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2009/02/06 18:52:44 | 00,062,304 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2004/01/29 15:08:23 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2004/01/29 15:08:23 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2001/06/20 10:26:46 | 00,221,184 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2009/02/06 18:52:44 | 00,062,304 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2008/01/24 15:22:56 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2009/02/06 18:53:40 | 00,791,392 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Mail\mailcomm.dll (wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} (HKLM) [Windows Live Mail HTML Asynchronous Pluggable Protocol Handler])

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01A2E33A-8ADA-42D1-9173-8F65149E952F}"=Microsoft Money
"{02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7}"=Extension Système de Microsoft Money
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}"=Windows Live Messenger
"{0BD83598-C2EF-3343-847B-7D2E84599128}"=Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}"=CDDRV_Installer
"{135BFFD7-D9C1-4374-B18C-BEB64FC7851C}"=CircleSurround II Plugin for Windows Media Player
"{18D10072035C4515918F7E37EAFAACFC}"=AutoUpdate
"{1967D67C-6F3F-4001-9644-BAC704F7EE84}"=Samsung PC Studio
"{1DAB6BE8-4B4F-4C08-AC96-4008057E3424}"=Samsung Media Studio
"{205C6BDD-7B73-42DE-8505-9A093F35A238}"=Outil de téléchargement Windows Live
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}"=EPSON Attach To Email
"{2231CE39-B963-4B9D-823A-F412ECA637B1}"=Windows Live Writer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}"=MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}"=Java(TM) 6 Update 11
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}"=EPSON Scan Assistant
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}"=Sonic Update Manager
"{3101CB58-3482-4D21-AF1A-7057FC935355}"=KhalInstallWrapper
"{314F6D08-A8B7-11D8-8446-0050BA1D384D}"=EPSON Image Clip Palette
"{3248F0A8-6813-11D6-A77B-00B0D0160020}"=Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}"=Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{369B36BE-3D64-4641-9AEA-808D436FE132}"=Microsoft Picture It! Photo 7.0
"{3A2AF807-9F9F-43C9-A24A-17B617238B74}"=OpenOffice.org Installer 1.0
"{3B4E636E-9D65-4D67-BA61-189800823F52}"=Windows Live Communications Platform
"{3E31821C-7917-367E-938E-E65FC413EA31}"=Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}"=Logitech Registration
"{3F262ADC-5AD2-48E5-A586-44315E04A9E2}"=Microsoft Picture It! Album 10
"{42756145-9997-4D28-809B-8756BFD00106}"=Microsoft Photo Premium 10
"{44E54A81-9D91-4AA1-9417-80AFF134F5FF}"=Galerie de photos Windows Live
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}"=Junk Mail filter update
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}"=Microsoft Office Live Add-in 1.3
"{5BB5868A-B631-47F7-8576-79E689FD1777}"=Samsung PC Studio
"{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}"=EPSON Easy Photo Print
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}"=Windows Genuine Advantage v1.3.0254.0
"{63DC2DA0-2A6C-4C38-9249-B75395458657}"=Windows Live Mail
"{64D114CE-4234-45C2-B60A-2B07D5A48F72}"=Microsoft Works 7.0
"{67EDD823-135A-4D59-87BD-950616D6E857}"=EPSON Copy Utility 3
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}"=Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}"=Installation Windows Live
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}"=Ulead VideoStudio 7 SE Basic
"{75B4292B-7E72-4167-BFF9-590B6A093F86}"=180664
"{7AC15160-A49B-4A89-B181-D4619C025FFF}"=Samsung Samples Installer
"{7B63B2922B174135AFC0E1377DD81EC2}"=DivX Codec
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}"=Macromedia Shockwave Player
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}"=EPSON Web-To-Page
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}"=Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}"=Windows Live Call
"{8795CBED-55E2-4693-9F14-84EC446935BE}"=SpeechRedist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}"=Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}"=DivX Player
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}"=Choice Guard
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}"=Logitech Desktop Messenger
"{9111040C-6000-11D3-8CFE-0050048383C9}"=Microsoft Office XP Professional
"{911B040C-6000-11D3-8CFE-0050048383C9}"=Microsoft Word 2002
"{95120000-00B9-0409-0000-0000000FF1CE}"=Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}"=Sonic RecordNow! Deluxe
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}"=AGEIA PhysX v7.11.13
"{993960EE-CA4D-443F-8F88-E24260DD5FD2}"=LG PC Suite
"{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}"=Windows Live Sync
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}"=Microsoft Search Enhancement Pack
"{9F7FC79B-3059-4264-9450-39EB368E3225}"=Microsoft Digital Image Library 9 - Blocker
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}"=Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}"=Microsoft .NET Framework 3.0 Service Pack 2
"{A654A805-41D9-40C7-AA46-4AF04F044D61}"=Adobe® Photoshop® Album Edition Découverte 3.2
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}"=ABBYY FineReader 6.0 Sprint
"{B13A7C41581B411290FBC0395694E2A9}"=DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player
"{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}"=pdfforge Toolbar v1.0
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}"=PIF DESIGNER
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}"=Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}"=Microsoft .NET Framework 2.0 Service Pack 2
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}"=Samsung Media Studio
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}"=LG USB Modem driver
"{C3FDA1E4-1E17-48D8-B4F0-C141E9FFB4BA}"=nullDC 1.0.0 Public Beta 1 Setup
"{C4A4722E-79F9-417C-BD72-8D359A090C97}"=Samsung PC Studio
"{C514C594-23AA-4F13-A070-DB8BDB27594F}"=Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}"=Microsoft .NET Framework 3.5 SP1
"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}"=Ulead Photo Explorer 8.0 SE Basic
"{D6A2DDE3-9D7C-412C-932A-756580D29919}"=Windows Live Contrôle parental
"{D9267488-4DC9-4D6B-866D-40E19A23CC04}_is1"=Neuf Giga Drive v2.3.0
"{DA2D4D11-1811-4A24-B719-BF9F048C6106}"=Windows XP Creativity Fun Packs - Windows Movie Maker 2
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}"=Assistant de connexion Windows Live
"{E09B48B5-E141-427A-AB0C-D3605127224A}"=Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E1BBBAC5-2857-4155-82A6-54492CE88620}"=Opera 9.64
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}"=Codeur Windows Media Série 9
"{E38D381A-ABCF-4D97-9D9C-B3A8529DCA15}"=OS Pack Works Suite
"{E86BC406-944E-41F6-ADE6-2C136734C96B}"=EPSON File Manager
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}"=Samsung PC Studio 3 USB Driver Installer
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}"=Adobe Flash Player 10 Plugin
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}"=Microsoft SQL Server 2005 Compact Edition [ENU]
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}"=Logitech SetPoint
"{F6B1CD0F-DB2D-4666-A168-C46390AD8C4A}"=Complément Microsoft Word pour Microsoft Works Suite
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}"=Windows Live Toolbar
"{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}"=Microsoft AutoRoute 2002
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1"=ACE Mega CoDecS Pack
"4x4 Evolution Demo"=4x4 Evolution Demo
"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX
"Adobe Photoshop 7.0"=Adobe Photoshop 7.0
"Adobe SVG Viewer"=Adobe SVG Viewer 3.0
"Adobe® Photoshop® Album Edition Découverte 3.2"=Adobe® Photoshop® Album Edition Découverte 3.2
"America Online fr"=AOL (France)
"AOL Connectivity Services"=Module de connectivité AOL
"AOLCoach fr"=AOL Coach Version 1.0(Build:20040229.1 fr)
"Arabian nights"=Arabian nights
"Ask Toolbar_is1"=Ask Toolbar
"audcle"=Plus! MP3 Audio Converter LE
"AVGAntiSpyware75"=AVG Anti-Spyware 7.5
"BitLord"=BitLord 1.1
"Dirt Track Racing - Sprint Cars Demo"=Dirt Track Racing - Sprint Cars Demo
"drmtool.inf"=Personal License Update Wizard for Windows Media Player
"EPSON Printer and Utilities"=EPSON Logiciel imprimante
"EPSON Scanner"=EPSON Scan
"ESDX3800 Guide d'utilisation"=ESDX3800 Guide d'utilisation
"Firebird SQL Server F"=Firebird SQL Server - MAGIX Edition
"Free Music Zilla_is1"=Free Music Zilla
"getPlus(R)_ocx"=getPlus(R)_ocx
"Google Updater"=Outil de mise à jour Google
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"IncrediMail"=IncrediMail
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}"=EPSON Attach To Email
"Jackpot Las Vegas Casino Lite"=Jackpot Las Vegas Casino Lite
"JetSki"=JetSki
"LabtecDrv"=Programme de gestion Camera de Logitech®
"Lame MP3 Codec (for the ACM)"=Lame ACM MP3 Codec
"LimeWire"=LimeWire PRO 4.18.8
"MAGIX Video deluxe 2008 e-version F"=MAGIX Video deluxe 2008 e-version 7.0.3.0 (F)
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra"=Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1"=Microsoft .NET Framework 3.5 SP1
"mmmusic"=Movie Maker Background Music Files
"mmsounds"=Movie Maker Sound Effects
"mmtitle"=Movie Maker Title Images
"Monopoly version 1.7"=Monopoly version 1.7
"Moon Buggy 98"=Moon Buggy 98
"mplibwiz.inf"=Media Library Management Wizard
"mpxlswiz.inf"=Windows Media Player Playlist Import to Excel Wizard
"mpxptray.inf"=Windows Media Player Tray Control
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST"=MSN
"Neuf_Kit"=Neuf - Kit de connexion
"Neuf_Media Center"=Neuf - Media Center
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"OpenAL"=OpenAL
"Orbit_is1"=Orbit Downloader
"Pack Vista Inspirat 2"=Pack Vista Inspirat 2 1.0
"PhotoShow Deluxe 3"=PhotoShow Deluxe 3
"PictureItPrem_v10"=Microsoft Photo Premium 10
"Replay Media Catcher 3.01"=Replay Media Catcher 3.01
"Safari Casino"=Safari Casino
"SAMSUNG CDMA Modem"=SAMSUNG CDMA Modem Driver Set
"Samsung Mobile USB Modem"=SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0"=SAMSUNG Mobile USB Modem 1.0 Software
"SeaWar The Battles"=SeaWar The Battles
"Slot_Machine_98_v5.2"=Slot Machine 98 v5.2
"ST4UNST #1"=LeTraducteur
"SWiSH Max2"=SWiSH Max2
"TankTime3D DM 2.5"=TankTime3D DM 2.5
"UxTheme Multipatcher Fr"=UxTheme Multipatcher Fr
"ViewpointMediaPlayer"=Viewpoint Media Player
"VLC media player"=VideoLAN VLC media player 0.8.6d
"Vodafone 804SS USB driver"=Vodafone 804SS USB driver Software
"wa2wmp"=Windows Media Player Skin Importer
"Windows Live OneCare safety scanner"=Windows Live OneCare safety scanner
"Windows Media Encoder 9"=Codeur Windows Media Série 9
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Lecteur Windows Media 11
"Windows XP Service"=Windows XP Service Pack 3
"Winkaa 1.0"=Winkaa 1.0 1.0
"WinLiveSuite_Wave3"=Installation Windows Live
"WinRAR archiver"=WinRAR archiver
"WMBK2"=Windows Media Bonus Pack for Windows XP
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"Works2003Setup"=Sélecteur d'installation de Microsoft Works Suite 2003
"Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0
"wywms"=Favorit
"Xentient Thumbnails_is1"=Xentient Thumbnails v1.0.2
"XP Reloaded"=XP ReloadedTheme
"XP²Vista Transformation Pack"=XP²Vista Transformation Pack
"XpsEPSC"=XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP"=XML Paper Specification Shared Components Language Pack 1.0
"Zelda Classic"=Zelda Classic

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 23/02/2009 17:28:43 | Computer Name = LES-WARIORS | Source = MsiInstaller | ID = 11706
Description = Produit : Microsoft Office XP Professional -- Erreur 1706. Le programme
d'installation ne peut pas trouver les fichiers requis. Vérifiez votre connexion
au réseau ou votre lecteur de CD-ROM. Pour des solutions éventuelles à ce problème,
consultez C:\Program Files\Microsoft Office\Office10\1036\SETUP.HLP.

Error - 26/02/2009 15:14:29 | Computer Name = LES-WARIORS | Source = Application Error | ID = 1000
Description = Application défaillante wmplayer.exe, version 11.0.5721.5145, module
défaillant ntdll.dll, version 5.1.2600.5512, adresse de défaillance 0x00011669.

Error - 03/03/2009 10:15:48 | Computer Name = LES-WARIORS | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 7.0.6000.16791, module
défaillant flash10b.ocx, version 10.0.22.87, adresse de défaillance 0x001c7e69.

Error - 04/03/2009 05:43:49 | Computer Name = LES-WARIORS | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 7.0.6000.16791, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 05/03/2009 07:06:36 | Computer Name = LES-WARIORS | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 7.0.6000.16791, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 05/03/2009 15:25:25 | Computer Name = LES-WARIORS | Source = Application Error | ID = 1000
Description = Application défaillante frostwire-4.17.2.windows.exe, version 4.17.2.0,
module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x0188297b.

Error - 06/03/2009 07:06:42 | Computer Name = LES-WARIORS | Source = Application Error | ID = 1000
Description = Application défaillante topdesk.exe, version 1.5.4.0, module défaillant
unknown, version 0.0.0.0, adresse de défaillance 0x0039a214.

Error - 06/03/2009 10:22:21 | Computer Name = LES-WARIORS | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 6.0.2900.2180, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 06/03/2009 10:22:21 | Computer Name = LES-WARIORS | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 6.0.2900.2180, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 09/03/2009 17:27:44 | Computer Name = LES-WARIORS | Source = Application Error | ID = 1000
Description = Application défaillante setup.exe, version 0.0.0.0, module défaillant
ntdll.dll, version 5.1.2600.5512, adresse de défaillance 0x000109f9.

[ System Events ]
Error - 09/03/2009 19:39:15 | Computer Name = LES-WARIORS | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 09/03/2009 19:39:27 | Computer Name = LES-WARIORS | Source = DCOM | ID = 10010
Description = Le serveur {89BC5589-1066-4EC1-B738-651DF9572A5E} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 09/03/2009 19:39:28 | Computer Name = LES-WARIORS | Source = DCOM | ID = 10010
Description = Le serveur {D6381B4A-D254-46EB-9018-A62E0F4BA6BA} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 09/03/2009 19:39:43 | Computer Name = LES-WARIORS | Source = DCOM | ID = 10010
Description = Le serveur {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 09/03/2009 19:41:15 | Computer Name = LES-WARIORS | Source = DCOM | ID = 10010
Description = Le serveur {8BC3F05E-D86B-11D0-A075-00C04FB68820} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 09/03/2009 19:41:28 | Computer Name = LES-WARIORS | Source = DCOM | ID = 10010
Description = Le serveur {D6381B4A-D254-46EB-9018-A62E0F4BA6BA} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 09/03/2009 19:42:00 | Computer Name = LES-WARIORS | Source = DCOM | ID = 10010
Description = Le serveur {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 09/03/2009 19:44:02 | Computer Name = LES-WARIORS | Source = DCOM | ID = 10010
Description = Le serveur {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 09/03/2009 19:46:04 | Computer Name = LES-WARIORS | Source = DCOM | ID = 10010
Description = Le serveur {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 09/03/2009 19:47:04 | Computer Name = LES-WARIORS | Source = DCOM | ID = 10010
Description = Le serveur {89BC5589-1066-4EC1-B738-651DF9572A5E} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

< End of report >

OTViewIt logfile created on: 10/03/2009 00:47:03 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\TEMP\Local Settings\Temporary Internet Files\Content.IE5\2XEKH0S2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

446,48 Mb Total Physical Memory | 166,35 Mb Available Physical Memory | 37,26% Memory free
1,11 Gb Paging File | 0,77 Gb Available in Paging File | 69,43% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,97 Gb Total Space | 59,69 Gb Free Space | 40,61% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LES-WARIORS
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2004/04/08 05:25:04 | 01,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
[2007/05/30 13:31:10 | 00,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
[2005/05/11 13:50:14 | 00,221,266 | ---- | M] () -- c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe
[2005/05/11 13:52:00 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
[2005/05/11 13:52:04 | 00,737,381 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
[2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
[2008/10/14 22:50:57 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[2008/11/10 05:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2007/05/14 11:54:36 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
[2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
[2005/05/11 13:50:34 | 00,110,672 | ---- | M] () -- c:\Apps\Powercinema\Kernel\TV\CLSched.exe
[2004/07/27 15:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
[2002/07/18 17:36:34 | 00,028,672 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
[2008/04/13 13:39:20 | 00,049,152 | ---- | M] (artArmin) -- C:\WINDOWS\XP²Vista\Vista Drive Icon\DrvIcon.exe
[2008/06/22 09:42:56 | 00,065,536 | ---- | M] (VisualTaskTips.com) -- C:\WINDOWS\XP²Vista\VisualTaskTips.exe
[2004/08/05 13:00:00 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2008/11/10 05:43:42 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2009/02/06 18:08:58 | 00,454,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
[2008/01/28 11:33:25 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2008/02/11 01:08:57 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[2008/05/02 01:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
[2008/05/02 01:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.exe
[2009/02/06 18:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
[2004/10/08 05:01:00 | 01,953,792 | ---- | M] () -- C:\Program Files\Sonic\RecordNow Deluxe\RecordNow! Deluxe\RecordNow.exe
[2008/10/16 14:09:44 | 00,066,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2009/03/10 00:46:44 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TEMP\Local Settings\Temporary Internet Files\Content.IE5\2XEKH0S2\OTViewIt[1].exe

========== (O23) Win32 Services ==========

[2004/04/08 05:25:04 | 01,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS [Auto | Running])
[2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2007/05/30 13:31:10 | 00,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard [Auto | Running])
[2005/05/11 13:50:14 | 00,221,266 | ---- | M] () -- c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Running])
[2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2005/05/11 13:50:34 | 00,110,672 | ---- | M] () -- c:\Apps\Powercinema\Kernel\TV\CLSched.exe -- (CLSched [Auto | Running])
[2005/05/11 13:52:00 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service [Auto | Running])
[2005/11/17 15:18:52 | 01,527,900 | ---- | M] (MAGIX®) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance [On_Demand | Stopped])
[2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Auto | Running])
[2008/10/14 22:50:57 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Running])
[2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2008/11/10 05:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
File not found -- -- (KeenfinderSrch Service [Auto | Stopped])
[2008/05/02 01:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped])
[2002/12/17 17:55:52 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR [On_Demand | Stopped])
[2002/12/17 17:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
[2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2007/05/14 11:54:36 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
[2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
[2002/12/17 17:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR [On_Demand | Stopped])
[2006/11/03 08:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services ==========

[2005/05/18 10:50:30 | 02,319,680 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2007/05/30 13:10:42 | 00,011,000 | ---- | M] () -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver [System | Running])
[2007/05/30 13:10:42 | 00,010,872 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\AvgAsCln.sys -- (AvgAsCln [System | Running])
[2004/10/08 12:59:11 | 00,326,656 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL [On_Demand | Running])
[2008/12/08 17:01:56 | 00,055,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
[2008/04/13 10:36:42 | 00,046,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gagp30kx.sys -- (gagp30kx [Boot | Running])
[2008/04/13 18:05:16 | 00,014,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Stopped])
[2008/02/29 02:12:48 | 00,020,240 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd [On_Demand | Running])
[2008/02/29 02:12:56 | 00,063,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou [On_Demand | Running])
[2008/02/29 02:13:36 | 00,079,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE [On_Demand | Running])
[2004/10/08 12:57:48 | 00,022,016 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])
[2004/01/21 02:14:46 | 00,005,915 | ---- | M] (Labtec Inc.) -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter [On_Demand | Stopped])
[2004/01/21 02:14:42 | 00,271,360 | ---- | M] (Labtec Inc.) -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0 [On_Demand | Stopped])
[2004/08/05 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/09/06 19:04:48 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2003/08/13 08:27:22 | 00,065,280 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023 [On_Demand | Running])
[2004/08/03 23:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Stopped])
[2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2005/05/17 13:48:21 | 00,050,176 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
[2005/05/16 14:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
[2005/05/16 14:23:38 | 00,019,968 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running])
[2008/07/27 10:43:38 | 00,717,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Running])
[2005/08/30 01:47:38 | 00,058,320 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus [On_Demand | Stopped])
[2005/03/29 21:47:58 | 00,006,096 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl [On_Demand | Stopped])
[2005/08/30 01:49:38 | 00,094,000 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm [On_Demand | Stopped])
[2008/04/13 10:45:14 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
[2007/07/11 10:40:18 | 00,012,416 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus [On_Demand | Stopped])
[2007/07/11 15:51:48 | 00,019,840 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag [On_Demand | Stopped])
[2007/07/11 10:45:00 | 00,021,632 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem [On_Demand | Stopped])
[2008/04/13 10:56:50 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis [On_Demand | Stopped])
[2005/04/06 11:31:36 | 00,173,696 | R--- | M] (Copyright (C) VIA/S3 Graphics Co, Ltd.) -- C:\WINDOWS\system32\drivers\vtmini.sys -- (viagfx [On_Demand | Running])
[2003/01/10 16:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw [On_Demand | Running])
[2004/08/05 13:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled | Stopped])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.google.com/ie
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Page_Transitions"=
"Search Page"=http://www.google.com
"Start Page"=http://www.google.fr/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Page_Transitions"=
"Search Page"=http://www.google.com
"Start Page"=http://www.google.fr/

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{000123B4-9B42-4900-B3F7-F4B073EFC214} (HKLM) -- C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
{201f27d4-3704-41d6-89c1-aa35e39143ed} (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
{243B17DE-77C7-46BF-B94B-0B5F309A0E64} (HKLM) -- C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} (HKLM) -- C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
{5C255C8A-E604-49b4-9D64-90988571CECB} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{64F56FC1-1272-44CD-BA6E-39723696E350} (HKLM) -- C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll File not found
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (HKLM) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (HKLM) -- C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
{B922D405-6D13-4A2B-AE89-08A030DA4402} (HKLM) -- C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} (HKLM) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (HKLM) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}" (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}" (HKLM) -- C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" (HKLM) -- C:\Program Files\Orbitdownloader\GrabPro.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}" (HKLM) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}" (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" (HKLM) -- C:\Program Files\Orbitdownloader\GrabPro.dll ()

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F2CF5485-4E02-4F68-819C-B92DE9277049}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}" (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" (HKLM) -- C:\Program Files\Orbitdownloader\GrabPro.dll ()

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F2CF5485-4E02-4F68-819C-B92DE9277049}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DrvIcon"=C:\WINDOWS\XP²Vista\Vista Drive Icon\DrvIcon.exe (artArmin)
"fssui"="C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun (Microsoft Corporation)
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup (InstallShield Software Corporation)
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
"Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE (Logitech, Inc.)
"Microsoft Works Update Detection"=C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe (GreenTree Applications, Inc.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
"TopDesk"=C:\WINDOWS\XP²Vista\TopDesk.exe (Otaku Software)
"TrayServer"=C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe (Magix)
"Visual Task Tips"=C:\WINDOWS\XP²Vista\VisualTaskTips.exe (VisualTaskTips.com)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

========== (O4) Startup Folders ==========

[2008/02/11 01:08:57 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[2008/05/02 01:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
[2001/02/13 09:01:04 | 00,083,360 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
[2002/02/06 22:11:12 | 00,110,592 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\TEMP\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoCDBurning"=0
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"NoDispBackgroundPage"=0
"DisableRegistryTools"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

========== (O8) IE Context Menu Extensions ==========

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 16:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 16:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Ajout Direct -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Ajout Direct dans Windows Live Writer -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
{85d1f590-48f4-11d9-9669-0800200c9a66}: Menu: Uninstall BitDefender Online Scanner v8 -- %SystemRoot%\bdoscandel.exe [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
{d9288080-1baa-4bc4-9cf8-a92d743db949}: Button: Run IMVU -- %SystemDrive%\Documents and Settings\Owner\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk File not found
{E023F504-0C5A-4750-A1E7-A9046DEA8A21}: Button: MoneySide -- %ProgramFiles%\Microsoft Money\System\mnyside.dll [2002/07/17 11:00:00 | 00,163,906 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 10:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Ajout Direct] -> [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
CmdMapping\\{d9288080-1baa-4bc4-9cf8-a92d743db949} [HKLM] -> %SystemDrive%\Documents and Settings\Owner\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk [Run IMVU] -> File not found
CmdMapping\\{E023F504-0C5A-4750-A1E7-A9046DEA8A21} [HKLM] -> %ProgramFiles%\Microsoft Money\System\mnyside.dll [MoneySide] -> [2002/07/17 11:00:00 | 00,163,906 | ---- | M] (Microsoft Corporation)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 10:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Ajout Direct] -> [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
CmdMapping\\{d9288080-1baa-4bc4-9cf8-a92d743db949} [HKLM] -> %SystemDrive%\Documents and Settings\Owner\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk [Run IMVU] -> File not found
CmdMapping\\{E023F504-0C5A-4750-A1E7-A9046DEA8A21} [HKLM] -> %ProgramFiles%\Microsoft Money\System\mnyside.dll [MoneySide] -> [2002/07/17 11:00:00 | 00,163,906 | ---- | M] (Microsoft Corporation)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 10:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Bibliothèque de contrôles ActiveX Microsoft

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{17492023-C23A-453E-A040-C7C580BBF700}: http://go.microsoft.com/fwlink/?linkid=39204 -- Windows Genuine Advantage Validation Tool
{48DD0448-9209-4F81-9F6D-D83562940134}: http://lads.myspace.com/upload/MySpaceUploader1006.cab -- MySpace Uploader Control
{4F1E5B1A-2A80-42CA-8532-2D05CB959537}: http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab -- MSN Photo Upload Tool
{55027008-315F-4F45-BBC3-8BE119764741}: http://static.slide.com/uploader/SlideImageUploader.cab -- Slide Image Uploader Control
{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}: http://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_incl(...) -- Image Uploader Control
{5D80A6D1-B500-47DA-82B8-EB9875F85B4D}: http://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab -- Google Gadget Control
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}: http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab -- BDSCANONLINE Control
{6414512B-B978-451D-A0D8-FCFDF33E833C}: http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_s(...) -- WUWebControl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.(...) -- Reg Error: Key does not exist or could not be opened.
{BA162249-F2C5-4851-8ADC-FC58CB424243}: http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageupload(...) -- Image Uploader Control
{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}: http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB -- MusicManagerPlugin.MediaBar
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab -- Shockwave Flash Object
CabBuilder: http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab -- Reg Error: Key does not exist or could not be opened.

========== (O17) DNS Name Servers ==========

{7FEC1A29-9C99-48B2-AB78-14F683838831} (Servers: | Description: Neuf Box 4 (BCM USB/NDIS))
{C7E2CE52-9C88-42D0-9975-B5EFDCC3184A} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)
{FDFB7065-16C0-464F-890B-DF7D76268667} (Servers: | Description: )

========== (O19) User Style Sheets ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
LBTWlgn: "DllName" = c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll -- c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" (HKLM) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (GRISOFT s.r.o.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentV

répondre

Curson le 10 mars 2009 à 01h01

Bonsoir

Le deuxième rapport est incomplet. Reposte-le dans un nouveau message.

Cordialement.

-------
Si votre sujet reste sans réponse, merci de le signaler ici.

répondre

pascalou95 le 10 mars 2009 à 01h04

OTViewIt logfile created on: 10/03/2009 00:47:03 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\TEMP\Local Settings\Temporary Internet Files\Content.IE5\2XEKH0S2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

446,48 Mb Total Physical Memory | 166,35 Mb Available Physical Memory | 37,26% Memory free
1,11 Gb Paging File | 0,77 Gb Available in Paging File | 69,43% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,97 Gb Total Space | 59,69 Gb Free Space | 40,61% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LES-WARIORS
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2004/04/08 05:25:04 | 01,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
[2007/05/30 13:31:10 | 00,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
[2005/05/11 13:50:14 | 00,221,266 | ---- | M] () -- c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe
[2005/05/11 13:52:00 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
[2005/05/11 13:52:04 | 00,737,381 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
[2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
[2008/10/14 22:50:57 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[2008/11/10 05:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2007/05/14 11:54:36 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
[2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
[2005/05/11 13:50:34 | 00,110,672 | ---- | M] () -- c:\Apps\Powercinema\Kernel\TV\CLSched.exe
[2004/07/27 15:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
[2002/07/18 17:36:34 | 00,028,672 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
[2008/04/13 13:39:20 | 00,049,152 | ---- | M] (artArmin) -- C:\WINDOWS\XP²Vista\Vista Drive Icon\DrvIcon.exe
[2008/06/22 09:42:56 | 00,065,536 | ---- | M] (VisualTaskTips.com) -- C:\WINDOWS\XP²Vista\VisualTaskTips.exe
[2004/08/05 13:00:00 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2008/11/10 05:43:42 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2009/02/06 18:08:58 | 00,454,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
[2008/01/28 11:33:25 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2008/02/11 01:08:57 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[2008/05/02 01:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
[2008/05/02 01:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.exe
[2009/02/06 18:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
[2004/10/08 05:01:00 | 01,953,792 | ---- | M] () -- C:\Program Files\Sonic\RecordNow Deluxe\RecordNow! Deluxe\RecordNow.exe
[2008/10/16 14:09:44 | 00,066,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2009/03/10 00:46:44 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TEMP\Local Settings\Temporary Internet Files\Content.IE5\2XEKH0S2\OTViewIt[1].exe

========== (O23) Win32 Services ==========

[2004/04/08 05:25:04 | 01,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS [Auto | Running])
[2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2007/05/30 13:31:10 | 00,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard [Auto | Running])
[2005/05/11 13:50:14 | 00,221,266 | ---- | M] () -- c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Running])
[2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2005/05/11 13:50:34 | 00,110,672 | ---- | M] () -- c:\Apps\Powercinema\Kernel\TV\CLSched.exe -- (CLSched [Auto | Running])
[2005/05/11 13:52:00 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service [Auto | Running])
[2005/11/17 15:18:52 | 01,527,900 | ---- | M] (MAGIX®) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance [On_Demand | Stopped])
[2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Auto | Running])
[2008/10/14 22:50:57 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Running])
[2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2008/11/10 05:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
File not found -- -- (KeenfinderSrch Service [Auto | Stopped])
[2008/05/02 01:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped])
[2002/12/17 17:55:52 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR [On_Demand | Stopped])
[2002/12/17 17:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
[2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2007/05/14 11:54:36 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
[2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
[2002/12/17 17:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR [On_Demand | Stopped])
[2006/11/03 08:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services ==========

[2005/05/18 10:50:30 | 02,319,680 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2007/05/30 13:10:42 | 00,011,000 | ---- | M] () -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver [System | Running])
[2007/05/30 13:10:42 | 00,010,872 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\AvgAsCln.sys -- (AvgAsCln [System | Running])
[2004/10/08 12:59:11 | 00,326,656 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL [On_Demand | Running])
[2008/12/08 17:01:56 | 00,055,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
[2008/04/13 10:36:42 | 00,046,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gagp30kx.sys -- (gagp30kx [Boot | Running])
[2008/04/13 18:05:16 | 00,014,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Stopped])
[2008/02/29 02:12:48 | 00,020,240 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd [On_Demand | Running])
[2008/02/29 02:12:56 | 00,063,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou [On_Demand | Running])
[2008/02/29 02:13:36 | 00,079,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE [On_Demand | Running])
[2004/10/08 12:57:48 | 00,022,016 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])
[2004/01/21 02:14:46 | 00,005,915 | ---- | M] (Labtec Inc.) -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter [On_Demand | Stopped])
[2004/01/21 02:14:42 | 00,271,360 | ---- | M] (Labtec Inc.) -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0 [On_Demand | Stopped])
[2004/08/05 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/09/06 19:04:48 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2003/08/13 08:27:22 | 00,065,280 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023 [On_Demand | Running])
[2004/08/03 23:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Stopped])
[2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2005/05/17 13:48:21 | 00,050,176 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
[2005/05/16 14:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
[2005/05/16 14:23:38 | 00,019,968 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running])
[2008/07/27 10:43:38 | 00,717,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Running])
[2005/08/30 01:47:38 | 00,058,320 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus [On_Demand | Stopped])
[2005/03/29 21:47:58 | 00,006,096 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl [On_Demand | Stopped])
[2005/08/30 01:49:38 | 00,094,000 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm [On_Demand | Stopped])
[2008/04/13 10:45:14 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
[2007/07/11 10:40:18 | 00,012,416 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus [On_Demand | Stopped])
[2007/07/11 15:51:48 | 00,019,840 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag [On_Demand | Stopped])
[2007/07/11 10:45:00 | 00,021,632 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem [On_Demand | Stopped])
[2008/04/13 10:56:50 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis [On_Demand | Stopped])
[2005/04/06 11:31:36 | 00,173,696 | R--- | M] (Copyright (C) VIA/S3 Graphics Co, Ltd.) -- C:\WINDOWS\system32\drivers\vtmini.sys -- (viagfx [On_Demand | Running])
[2003/01/10 16:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw [On_Demand | Running])
[2004/08/05 13:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled | Stopped])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.google.com/ie
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Page_Transitions"=
"Search Page"=http://www.google.com
"Start Page"=http://www.google.fr/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Page_Transitions"=
"Search Page"=http://www.google.com
"Start Page"=http://www.google.fr/

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{000123B4-9B42-4900-B3F7-F4B073EFC214} (HKLM) -- C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
{201f27d4-3704-41d6-89c1-aa35e39143ed} (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
{243B17DE-77C7-46BF-B94B-0B5F309A0E64} (HKLM) -- C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} (HKLM) -- C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
{5C255C8A-E604-49b4-9D64-90988571CECB} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{64F56FC1-1272-44CD-BA6E-39723696E350} (HKLM) -- C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll File not found
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (HKLM) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (HKLM) -- C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
{B922D405-6D13-4A2B-AE89-08A030DA4402} (HKLM) -- C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} (HKLM) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (HKLM) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}" (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}" (HKLM) -- C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" (HKLM) -- C:\Program Files\Orbitdownloader\GrabPro.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}" (HKLM) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}" (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" (HKLM) -- C:\Program Files\Orbitdownloader\GrabPro.dll ()

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F2CF5485-4E02-4F68-819C-B92DE9277049}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}" (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" (HKLM) -- C:\Program Files\Orbitdownloader\GrabPro.dll ()

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F2CF5485-4E02-4F68-819C-B92DE9277049}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DrvIcon"=C:\WINDOWS\XP²Vista\Vista Drive Icon\DrvIcon.exe (artArmin)
"fssui"="C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun (Microsoft Corporation)
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup (InstallShield Software Corporation)
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
"Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE (Logitech, Inc.)
"Microsoft Works Update Detection"=C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe (GreenTree Applications, Inc.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
"TopDesk"=C:\WINDOWS\XP²Vista\TopDesk.exe (Otaku Software)
"TrayServer"=C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe (Magix)
"Visual Task Tips"=C:\WINDOWS\XP²Vista\VisualTaskTips.exe (VisualTaskTips.com)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

========== (O4) Startup Folders ==========

[2008/02/11 01:08:57 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[2008/05/02 01:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
[2001/02/13 09:01:04 | 00,083,360 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
[2002/02/06 22:11:12 | 00,110,592 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\TEMP\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoCDBurning"=0
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"NoDispBackgroundPage"=0
"DisableRegistryTools"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

========== (O8) IE Context Menu Extensions ==========

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 16:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 16:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Ajout Direct -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Ajout Direct dans Windows Live Writer -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
{85d1f590-48f4-11d9-9669-0800200c9a66}: Menu: Uninstall BitDefender Online Scanner v8 -- %SystemRoot%\bdoscandel.exe [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
{d9288080-1baa-4bc4-9cf8-a92d743db949}: Button: Run IMVU -- %SystemDrive%\Documents and Settings\Owner\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk File not found
{E023F504-0C5A-4750-A1E7-A9046DEA8A21}: Button: MoneySide -- %ProgramFiles%\Microsoft Money\System\mnyside.dll [2002/07/17 11:00:00 | 00,163,906 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 10:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Ajout Direct] -> [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
CmdMapping\\{d9288080-1baa-4bc4-9cf8-a92d743db949} [HKLM] -> %SystemDrive%\Documents and Settings\Owner\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk [Run IMVU] -> File not found
CmdMapping\\{E023F504-0C5A-4750-A1E7-A9046DEA8A21} [HKLM] -> %ProgramFiles%\Microsoft Money\System\mnyside.dll [MoneySide] -> [2002/07/17 11:00:00 | 00,163,906 | ---- | M] (Microsoft Corporation)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 10:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Ajout Direct] -> [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
CmdMapping\\{d9288080-1baa-4bc4-9cf8-a92d743db949} [HKLM] -> %SystemDrive%\Documents and Settings\Owner\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk [Run IMVU] -> File not found
CmdMapping\\{E023F504-0C5A-4750-A1E7-A9046DEA8A21} [HKLM] -> %ProgramFiles%\Microsoft Money\System\mnyside.dll [MoneySide] -> [2002/07/17 11:00:00 | 00,163,906 | ---- | M] (Microsoft Corporation)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 10:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Bibliothèque de contrôles ActiveX Microsoft

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{17492023-C23A-453E-A040-C7C580BBF700}: http://go.microsoft.com/fwlink/?linkid=39204 -- Windows Genuine Advantage Validation Tool
{48DD0448-9209-4F81-9F6D-D83562940134}: http://lads.myspace.com/upload/MySpaceUploader1006.cab -- MySpace Uploader Control
{4F1E5B1A-2A80-42CA-8532-2D05CB959537}: http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab -- MSN Photo Upload Tool
{55027008-315F-4F45-BBC3-8BE119764741}: http://static.slide.com/uploader/SlideImageUploader.cab -- Slide Image Uploader Control
{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}: http://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_incl(...) -- Image Uploader Control
{5D80A6D1-B500-47DA-82B8-EB9875F85B4D}: http://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab -- Google Gadget Control
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}: http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab -- BDSCANONLINE Control
{6414512B-B978-451D-A0D8-FCFDF33E833C}: http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_s(...) -- WUWebControl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.(...) -- Reg Error: Key does not exist or could not be opened.
{BA162249-F2C5-4851-8ADC-FC58CB424243}: http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageupload(...) -- Image Uploader Control
{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}: http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB -- MusicManagerPlugin.MediaBar
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab -- Shockwave Flash Object
CabBuilder: http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab -- Reg Error: Key does not exist or could not be opened.

========== (O17) DNS Name Servers ==========

{7FEC1A29-9C99-48B2-AB78-14F683838831} (Servers: | Description: Neuf Box 4 (BCM USB/NDIS))
{C7E2CE52-9C88-42D0-9975-B5EFDCC3184A} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)
{FDFB7065-16C0-464F-890B-DF7D76268667} (Servers: | Description: )

========== (O19) User Style Sheets ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
LBTWlgn: "DllName" = c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll -- c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" (HKLM) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (GRISOFT s.r.o.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}" (HKLM) -- C:\Program Files\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Files/Folders - Created Within 30 Days ==========

[4 C:\WINDOWS\*.tmp files]
[2009/03/10 00:36:41 | 00,000,000 | ---D | C] -- C:\ToolBar SD
[2009/03/09 22:24:18 | 00,001,351 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\DrWeb.csv
[2009/03/09 18:09:42 | 00,278,016 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2009/03/09 17:20:42 | 00,000,000 | ---D | C] -- C:\combofix
[2009/03/09 17:18:33 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/03/09 02:29:34 | 00,022,404 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\bitdefender1.html
[2009/03/09 01:23:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009/03/08 20:53:15 | 00,000,000 | ---D | C] -- C:\bibite
[2009/03/08 20:40:54 | 00,000,216 | ---- | C] () -- C:\Boot.bak
[2009/03/08 20:40:50 | 00,263,488 | ---- | C] () -- C:\cmldr
[2009/03/08 20:40:47 | 00,000,000 | ---D | C] -- C:\cmdcons
[2009/03/08 20:37:20 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/03/08 20:37:20 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/03/08 20:37:20 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/03/08 20:37:20 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/03/08 20:37:20 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe
[2009/03/08 20:37:20 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/03/08 20:37:20 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/03/08 20:37:20 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2009/03/08 20:37:20 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/03/08 20:37:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/03/08 20:15:45 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/03/08 17:31:13 | 00,001,362 | ---- | C] () -- C:\Documents and Settings\TEMP\Bureau\GenProc - Raccourci.lnk
[2009/03/08 17:31:11 | 00,000,000 | ---D | C] -- C:\GenProc
[2009/03/08 12:12:12 | 46,824,2432 | -HS- | C] () -- C:\hiberfil.sys
[2009/03/06 20:37:16 | 00,000,099 | ---- | C] () -- C:\Documents and Settings\TEMP\Bureau\Internet Explorer - résolution de problèmes.url
[2009/03/06 16:35:27 | 01,089,883 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/03/06 14:43:37 | 00,000,000 | ---D | C] -- C:\05ebf9399de57b1050cc8dd3765e
[2009/03/06 13:41:19 | 01,499,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2009/03/06 12:24:04 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Opera.lnk
[2009/03/06 12:23:56 | 00,000,000 | ---D | C] -- C:\Program Files\Opera
[2009/03/05 22:00:23 | 00,014,911 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\Preaching_to_the_Perverted_(1997)_[LESBIAN_INTEREST]_---[www.bitcoca.com]---_.torrent
[2009/03/05 21:54:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Mes documents\UseNeXT
[2009/03/05 20:54:00 | 02,272,801 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\UseNeXTSetup_403463w.zip
[2009/03/05 20:42:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Mes documents\FrostWire
[2009/03/05 12:46:23 | 00,003,778 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\Replay_Media_Catcher_3.0.1.rar[www.reload-paradise.net].torrent
[2009/03/05 12:16:35 | 00,000,000 | ---D | C] -- C:\Program Files\Ratajik Software
[2009/03/04 11:52:37 | 00,001,588 | ---- | C] () -- C:\Documents and Settings\TEMP\Bureau\LimeWire PRO 4.18.8.lnk
[2009/03/04 11:41:40 | 00,000,000 | ---D | C] -- C:\Program Files\LimeWire Acceleration Patch
[2009/03/04 10:29:28 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009/03/04 10:29:28 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009/03/04 10:29:28 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009/03/04 10:29:27 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009/03/04 10:29:27 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009/03/04 10:29:27 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009/03/04 10:29:26 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009/03/04 10:29:25 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009/03/04 10:29:25 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009/03/04 10:29:24 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009/03/04 10:29:24 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009/03/04 10:29:24 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009/03/04 10:29:23 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009/03/04 10:29:22 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/03/04 10:29:22 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/03/04 10:29:21 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/03/04 10:29:21 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/03/04 10:29:20 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/03/04 10:29:20 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/03/04 10:29:19 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/03/04 10:29:14 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/03/04 10:29:10 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/03/04 10:29:08 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/03/04 10:29:05 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/03/04 10:29:05 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/03/04 10:29:02 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/03/04 10:27:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/03/04 10:27:00 | 00,000,000 | ---D | C] -- C:\Program Files\Utherverse Digital Inc
[2009/03/03 15:00:31 | 00,023,816 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\NITEMARE.TTF
[2009/02/27 23:33:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\Search Settings
[2009/02/27 23:33:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\pdfforge
[2009/02/27 23:27:43 | 00,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar
[2009/02/27 22:56:15 | 00,075,800 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\POEME[1].pdf
[2009/02/27 00:09:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Mes documents\assurance
[2009/02/23 22:59:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Mes documents\fetish project 14
[2009/02/23 21:42:58 | 00,413,696 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\papa_maman1.pps
[2009/02/23 13:56:08 | 00,035,097 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\Cunilingus.jpg
[2009/02/20 18:59:41 | 01,178,112 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\PG_LESVIEUXCOUPLES.pps
[2009/02/20 02:24:01 | 00,000,000 | ---D | C] -- C:\Program Files\Incomplete
[2009/02/19 13:11:22 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009/02/18 19:16:52 | 06,788,096 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\spartatouille GTA.AVI
[2009/02/18 13:31:23 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2009/02/09 23:54:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Mes documents\Mes fichiers pour ma TV
[2009/02/08 17:35:08 | 01,525,979 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\01. CAPCOM - DANCE WItH DEVILS.mp3

========== Files - Modified Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/03/09 22:24:18 | 00,001,351 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\DrWeb.csv
[2009/03/09 17:35:26 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/09 17:35:23 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/09 17:35:21 | 46,824,2432 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/09 17:25:45 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/09 02:28:40 | 00,022,404 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\bitdefender1.html
[2009/03/08 21:02:46 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/08 21:02:38 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/08 20:40:54 | 00,000,286 | RHS- | M] () -- C:\boot.ini
[2009/03/08 17:31:13 | 00,001,362 | ---- | M] () -- C:\Documents and Settings\TEMP\Bureau\GenProc - Raccourci.lnk
[2009/03/06 20:37:16 | 00,000,099 | ---- | M] () -- C:\Documents and Settings\TEMP\Bureau\Internet Explorer - résolution de problèmes.url
[2009/03/06 15:17:14 | 00,114,232 | ---- | M] () -- C:\Documents and Settings\TEMP\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/06 15:12:19 | 00,340,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/06 15:04:25 | 01,136,578 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/06 15:04:25 | 00,531,958 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/03/06 15:04:25 | 00,459,268 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/06 15:04:25 | 00,095,588 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/03/06 15:04:25 | 00,079,058 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/06 14:29:26 | 00,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/06 12:24:04 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Opera.lnk
[2009/03/05 22:00:25 | 00,014,911 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\Preaching_to_the_Perverted_(1997)_[LESBIAN_INTEREST]_---[www.bitcoca.com]---_.torrent
[2009/03/05 20:54:00 | 02,272,801 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\UseNeXTSetup_403463w.zip
[2009/03/05 12:46:24 | 00,003,778 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\Replay_Media_Catcher_3.0.1.rar[www.reload-paradise.net].torrent
[2009/03/05 12:38:49 | 00,237,568 | ---- | M] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009/03/05 12:38:49 | 00,156,672 | ---- | M] (Radioactive) -- C:\WINDOWS\System32\rmc_fixasf.exe
[2009/03/05 12:38:43 | 00,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL
[2009/03/05 12:07:53 | 00,000,071 | ---- | M] () -- C:\WINDOWS\pex.INI
[2009/03/04 21:06:12 | 00,278,016 | ---- | M] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2009/03/04 11:52:37 | 00,001,588 | ---- | M] () -- C:\Documents and Settings\TEMP\Bureau\LimeWire PRO 4.18.8.lnk
[2009/03/03 22:29:56 | 00,842,240 | -HS- | M] () -- C:\Documents and Settings\TEMP\Mes documents\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\TEMP\Mes documents\Thumbs.db:encryptable
[2009/02/27 22:56:15 | 00,075,800 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\POEME[1].pdf
[2009/02/23 21:43:04 | 00,413,696 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\papa_maman1.pps
[2009/02/23 13:55:59 | 00,035,097 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\Cunilingus.jpg
[2009/02/20 18:59:55 | 01,178,112 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\PG_LESVIEUXCOUPLES.pps
[2009/02/18 19:19:18 | 06,788,096 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\spartatouille GTA.AVI
[2009/02/08 17:35:09 | 01,525,979 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\01. CAPCOM - DANCE WItH DEVILS.mp3
< End of report >

répondre

pascalou95 le 10 mars 2009 à 01h05

desolé voila

répondre

pascalou95 le 10 mars 2009 à 01h42

OTViewIt logfile created on: 10/03/2009 00:47:03 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\TEMP\Local Settings\Temporary Internet Files\Content.IE5\2XEKH0S2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

446,48 Mb Total Physical Memory | 166,35 Mb Available Physical Memory | 37,26% Memory free
1,11 Gb Paging File | 0,77 Gb Available in Paging File | 69,43% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,97 Gb Total Space | 59,69 Gb Free Space | 40,61% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LES-WARIORS
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2004/04/08 05:25:04 | 01,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
[2007/05/30 13:31:10 | 00,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
[2005/05/11 13:50:14 | 00,221,266 | ---- | M] () -- c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe
[2005/05/11 13:52:00 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
[2005/05/11 13:52:04 | 00,737,381 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
[2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
[2008/10/14 22:50:57 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[2008/11/10 05:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2007/05/14 11:54:36 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
[2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
[2005/05/11 13:50:34 | 00,110,672 | ---- | M] () -- c:\Apps\Powercinema\Kernel\TV\CLSched.exe
[2004/07/27 15:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
[2002/07/18 17:36:34 | 00,028,672 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
[2008/04/13 13:39:20 | 00,049,152 | ---- | M] (artArmin) -- C:\WINDOWS\XP²Vista\Vista Drive Icon\DrvIcon.exe
[2008/06/22 09:42:56 | 00,065,536 | ---- | M] (VisualTaskTips.com) -- C:\WINDOWS\XP²Vista\VisualTaskTips.exe
[2004/08/05 13:00:00 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2008/11/10 05:43:42 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2009/02/06 18:08:58 | 00,454,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
[2008/01/28 11:33:25 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2008/02/11 01:08:57 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[2008/05/02 01:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
[2008/05/02 01:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.exe
[2009/02/06 18:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
[2004/10/08 05:01:00 | 01,953,792 | ---- | M] () -- C:\Program Files\Sonic\RecordNow Deluxe\RecordNow! Deluxe\RecordNow.exe
[2008/10/16 14:09:44 | 00,066,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2009/03/10 00:46:44 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TEMP\Local Settings\Temporary Internet Files\Content.IE5\2XEKH0S2\OTViewIt[1].exe

========== (O23) Win32 Services ==========

[2004/04/08 05:25:04 | 01,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS [Auto | Running])
[2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2007/05/30 13:31:10 | 00,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard [Auto | Running])
[2005/05/11 13:50:14 | 00,221,266 | ---- | M] () -- c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Running])
[2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2005/05/11 13:50:34 | 00,110,672 | ---- | M] () -- c:\Apps\Powercinema\Kernel\TV\CLSched.exe -- (CLSched [Auto | Running])
[2005/05/11 13:52:00 | 00,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service [Auto | Running])
[2005/11/17 15:18:52 | 01,527,900 | ---- | M] (MAGIX®) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance [On_Demand | Stopped])
[2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Auto | Running])
[2008/10/14 22:50:57 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Running])
[2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2008/11/10 05:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
File not found -- -- (KeenfinderSrch Service [Auto | Stopped])
[2008/05/02 01:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped])
[2002/12/17 17:55:52 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR [On_Demand | Stopped])
[2002/12/17 17:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
[2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2007/05/14 11:54:36 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
[2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
[2002/12/17 17:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR [On_Demand | Stopped])
[2006/11/03 08:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services ==========

[2005/05/18 10:50:30 | 02,319,680 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2007/05/30 13:10:42 | 00,011,000 | ---- | M] () -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver [System | Running])
[2007/05/30 13:10:42 | 00,010,872 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\AvgAsCln.sys -- (AvgAsCln [System | Running])
[2004/10/08 12:59:11 | 00,326,656 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL [On_Demand | Running])
[2008/12/08 17:01:56 | 00,055,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
[2008/04/13 10:36:42 | 00,046,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gagp30kx.sys -- (gagp30kx [Boot | Running])
[2008/04/13 18:05:16 | 00,014,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Stopped])
[2008/02/29 02:12:48 | 00,020,240 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd [On_Demand | Running])
[2008/02/29 02:12:56 | 00,063,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou [On_Demand | Running])
[2008/02/29 02:13:36 | 00,079,120 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE [On_Demand | Running])
[2004/10/08 12:57:48 | 00,022,016 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])
[2004/01/21 02:14:46 | 00,005,915 | ---- | M] (Labtec Inc.) -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter [On_Demand | Stopped])
[2004/01/21 02:14:42 | 00,271,360 | ---- | M] (Labtec Inc.) -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0 [On_Demand | Stopped])
[2004/08/05 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/09/06 19:04:48 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2003/08/13 08:27:22 | 00,065,280 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023 [On_Demand | Running])
[2004/08/03 23:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Stopped])
[2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2005/05/17 13:48:21 | 00,050,176 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
[2005/05/16 14:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
[2005/05/16 14:23:38 | 00,019,968 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running])
[2008/07/27 10:43:38 | 00,717,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Running])
[2005/08/30 01:47:38 | 00,058,320 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus [On_Demand | Stopped])
[2005/03/29 21:47:58 | 00,006,096 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl [On_Demand | Stopped])
[2005/08/30 01:49:38 | 00,094,000 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm [On_Demand | Stopped])
[2008/04/13 10:45:14 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
[2007/07/11 10:40:18 | 00,012,416 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus [On_Demand | Stopped])
[2007/07/11 15:51:48 | 00,019,840 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag [On_Demand | Stopped])
[2007/07/11 10:45:00 | 00,021,632 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem [On_Demand | Stopped])
[2008/04/13 10:56:50 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis [On_Demand | Stopped])
[2005/04/06 11:31:36 | 00,173,696 | R--- | M] (Copyright (C) VIA/S3 Graphics Co, Ltd.) -- C:\WINDOWS\system32\drivers\vtmini.sys -- (viagfx [On_Demand | Running])
[2003/01/10 16:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw [On_Demand | Running])
[2004/08/05 13:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled | Stopped])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.google.com/ie
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Page_Transitions"=
"Search Page"=http://www.google.com
"Start Page"=http://www.google.fr/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Page_Transitions"=
"Search Page"=http://www.google.com
"Start Page"=http://www.google.fr/

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{000123B4-9B42-4900-B3F7-F4B073EFC214} (HKLM) -- C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
{201f27d4-3704-41d6-89c1-aa35e39143ed} (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
{243B17DE-77C7-46BF-B94B-0B5F309A0E64} (HKLM) -- C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} (HKLM) -- C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
{5C255C8A-E604-49b4-9D64-90988571CECB} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{64F56FC1-1272-44CD-BA6E-39723696E350} (HKLM) -- C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll File not found
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (HKLM) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (HKLM) -- C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
{B922D405-6D13-4A2B-AE89-08A030DA4402} (HKLM) -- C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} (HKLM) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (HKLM) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}" (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}" (HKLM) -- C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" (HKLM) -- C:\Program Files\Orbitdownloader\GrabPro.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}" (HKLM) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}" (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" (HKLM) -- C:\Program Files\Orbitdownloader\GrabPro.dll ()

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F2CF5485-4E02-4F68-819C-B92DE9277049}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}" (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" (HKLM) -- C:\Program Files\Orbitdownloader\GrabPro.dll ()

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F2CF5485-4E02-4F68-819C-B92DE9277049}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DrvIcon"=C:\WINDOWS\XP²Vista\Vista Drive Icon\DrvIcon.exe (artArmin)
"fssui"="C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun (Microsoft Corporation)
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup (InstallShield Software Corporation)
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
"Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE (Logitech, Inc.)
"Microsoft Works Update Detection"=C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe (GreenTree Applications, Inc.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
"TopDesk"=C:\WINDOWS\XP²Vista\TopDesk.exe (Otaku Software)
"TrayServer"=C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe (Magix)
"Visual Task Tips"=C:\WINDOWS\XP²Vista\VisualTaskTips.exe (VisualTaskTips.com)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

========== (O4) Startup Folders ==========

[2008/02/11 01:08:57 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[2008/05/02 01:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
[2001/02/13 09:01:04 | 00,083,360 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
[2002/02/06 22:11:12 | 00,110,592 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\TEMP\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoCDBurning"=0
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"NoDispBackgroundPage"=0
"DisableRegistryTools"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

========== (O8) IE Context Menu Extensions ==========

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 16:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 16:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Ajout Direct -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Ajout Direct dans Windows Live Writer -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
{85d1f590-48f4-11d9-9669-0800200c9a66}: Menu: Uninstall BitDefender Online Scanner v8 -- %SystemRoot%\bdoscandel.exe [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
{d9288080-1baa-4bc4-9cf8-a92d743db949}: Button: Run IMVU -- %SystemDrive%\Documents and Settings\Owner\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk File not found
{E023F504-0C5A-4750-A1E7-A9046DEA8A21}: Button: MoneySide -- %ProgramFiles%\Microsoft Money\System\mnyside.dll [2002/07/17 11:00:00 | 00,163,906 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 10:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Ajout Direct] -> [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
CmdMapping\\{d9288080-1baa-4bc4-9cf8-a92d743db949} [HKLM] -> %SystemDrive%\Documents and Settings\Owner\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk [Run IMVU] -> File not found
CmdMapping\\{E023F504-0C5A-4750-A1E7-A9046DEA8A21} [HKLM] -> %ProgramFiles%\Microsoft Money\System\mnyside.dll [MoneySide] -> [2002/07/17 11:00:00 | 00,163,906 | ---- | M] (Microsoft Corporation)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 10:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Ajout Direct] -> [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2006/05/25 01:22:06 | 00,053,248 | ---- | M] ()
CmdMapping\\{d9288080-1baa-4bc4-9cf8-a92d743db949} [HKLM] -> %SystemDrive%\Documents and Settings\Owner\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk [Run IMVU] -> File not found
CmdMapping\\{E023F504-0C5A-4750-A1E7-A9046DEA8A21} [HKLM] -> %ProgramFiles%\Microsoft Money\System\mnyside.dll [MoneySide] -> [2002/07/17 11:00:00 | 00,163,906 | ---- | M] (Microsoft Corporation)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 10:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Bibliothèque de contrôles ActiveX Microsoft

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{17492023-C23A-453E-A040-C7C580BBF700}: http://go.microsoft.com/fwlink/?linkid=39204 -- Windows Genuine Advantage Validation Tool
{48DD0448-9209-4F81-9F6D-D83562940134}: http://lads.myspace.com/upload/MySpaceUploader1006.cab -- MySpace Uploader Control
{4F1E5B1A-2A80-42CA-8532-2D05CB959537}: http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab -- MSN Photo Upload Tool
{55027008-315F-4F45-BBC3-8BE119764741}: http://static.slide.com/uploader/SlideImageUploader.cab -- Slide Image Uploader Control
{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}: http://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_incl(...) -- Image Uploader Control
{5D80A6D1-B500-47DA-82B8-EB9875F85B4D}: http://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab -- Google Gadget Control
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}: http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab -- BDSCANONLINE Control
{6414512B-B978-451D-A0D8-FCFDF33E833C}: http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_s(...) -- WUWebControl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.(...) -- Reg Error: Key does not exist or could not be opened.
{BA162249-F2C5-4851-8ADC-FC58CB424243}: http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageupload(...) -- Image Uploader Control
{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}: http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB -- MusicManagerPlugin.MediaBar
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab -- Shockwave Flash Object
CabBuilder: http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab -- Reg Error: Key does not exist or could not be opened.

========== (O17) DNS Name Servers ==========

{7FEC1A29-9C99-48B2-AB78-14F683838831} (Servers: | Description: Neuf Box 4 (BCM USB/NDIS))
{C7E2CE52-9C88-42D0-9975-B5EFDCC3184A} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)
{FDFB7065-16C0-464F-890B-DF7D76268667} (Servers: | Description: )

========== (O19) User Style Sheets ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
LBTWlgn: "DllName" = c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll -- c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" (HKLM) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (GRISOFT s.r.o.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}" (HKLM) -- C:\Program Files\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Files/Folders - Created Within 30 Days ==========

[4 C:\WINDOWS\*.tmp files]
[2009/03/10 00:36:41 | 00,000,000 | ---D | C] -- C:\ToolBar SD
[2009/03/09 22:24:18 | 00,001,351 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\DrWeb.csv
[2009/03/09 18:09:42 | 00,278,016 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2009/03/09 17:20:42 | 00,000,000 | ---D | C] -- C:\combofix
[2009/03/09 17:18:33 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/03/09 02:29:34 | 00,022,404 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\bitdefender1.html
[2009/03/09 01:23:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009/03/08 20:53:15 | 00,000,000 | ---D | C] -- C:\bibite
[2009/03/08 20:40:54 | 00,000,216 | ---- | C] () -- C:\Boot.bak
[2009/03/08 20:40:50 | 00,263,488 | ---- | C] () -- C:\cmldr
[2009/03/08 20:40:47 | 00,000,000 | ---D | C] -- C:\cmdcons
[2009/03/08 20:37:20 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/03/08 20:37:20 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/03/08 20:37:20 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/03/08 20:37:20 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/03/08 20:37:20 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe
[2009/03/08 20:37:20 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/03/08 20:37:20 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/03/08 20:37:20 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2009/03/08 20:37:20 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/03/08 20:37:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/03/08 20:15:45 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/03/08 17:31:13 | 00,001,362 | ---- | C] () -- C:\Documents and Settings\TEMP\Bureau\GenProc - Raccourci.lnk
[2009/03/08 17:31:11 | 00,000,000 | ---D | C] -- C:\GenProc
[2009/03/08 12:12:12 | 46,824,2432 | -HS- | C] () -- C:\hiberfil.sys
[2009/03/06 20:37:16 | 00,000,099 | ---- | C] () -- C:\Documents and Settings\TEMP\Bureau\Internet Explorer - résolution de problèmes.url
[2009/03/06 16:35:27 | 01,089,883 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/03/06 14:43:37 | 00,000,000 | ---D | C] -- C:\05ebf9399de57b1050cc8dd3765e
[2009/03/06 13:41:19 | 01,499,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2009/03/06 12:24:04 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Opera.lnk
[2009/03/06 12:23:56 | 00,000,000 | ---D | C] -- C:\Program Files\Opera
[2009/03/05 22:00:23 | 00,014,911 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\Preaching_to_the_Perverted_(1997)_[LESBIAN_INTEREST]_---[www.bitcoca.com]---_.torrent
[2009/03/05 21:54:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Mes documents\UseNeXT
[2009/03/05 20:54:00 | 02,272,801 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\UseNeXTSetup_403463w.zip
[2009/03/05 20:42:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Mes documents\FrostWire
[2009/03/05 12:46:23 | 00,003,778 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\Replay_Media_Catcher_3.0.1.rar[www.reload-paradise.net].torrent
[2009/03/05 12:16:35 | 00,000,000 | ---D | C] -- C:\Program Files\Ratajik Software
[2009/03/04 11:52:37 | 00,001,588 | ---- | C] () -- C:\Documents and Settings\TEMP\Bureau\LimeWire PRO 4.18.8.lnk
[2009/03/04 11:41:40 | 00,000,000 | ---D | C] -- C:\Program Files\LimeWire Acceleration Patch
[2009/03/04 10:29:28 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009/03/04 10:29:28 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009/03/04 10:29:28 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009/03/04 10:29:27 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009/03/04 10:29:27 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009/03/04 10:29:27 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009/03/04 10:29:26 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009/03/04 10:29:25 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009/03/04 10:29:25 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009/03/04 10:29:24 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009/03/04 10:29:24 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009/03/04 10:29:24 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009/03/04 10:29:23 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009/03/04 10:29:22 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/03/04 10:29:22 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/03/04 10:29:21 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/03/04 10:29:21 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/03/04 10:29:20 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/03/04 10:29:20 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/03/04 10:29:19 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/03/04 10:29:14 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/03/04 10:29:10 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/03/04 10:29:08 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/03/04 10:29:05 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/03/04 10:29:05 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/03/04 10:29:02 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/03/04 10:27:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/03/04 10:27:00 | 00,000,000 | ---D | C] -- C:\Program Files\Utherverse Digital Inc
[2009/03/03 15:00:31 | 00,023,816 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\NITEMARE.TTF
[2009/02/27 23:33:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\Search Settings
[2009/02/27 23:33:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Application Data\pdfforge
[2009/02/27 23:27:43 | 00,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar
[2009/02/27 22:56:15 | 00,075,800 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\POEME[1].pdf
[2009/02/27 00:09:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Mes documents\assurance
[2009/02/23 22:59:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Mes documents\fetish project 14
[2009/02/23 21:42:58 | 00,413,696 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\papa_maman1.pps
[2009/02/23 13:56:08 | 00,035,097 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\Cunilingus.jpg
[2009/02/20 18:59:41 | 01,178,112 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\PG_LESVIEUXCOUPLES.pps
[2009/02/20 02:24:01 | 00,000,000 | ---D | C] -- C:\Program Files\Incomplete
[2009/02/19 13:11:22 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009/02/18 19:16:52 | 06,788,096 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\spartatouille GTA.AVI
[2009/02/18 13:31:23 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2009/02/09 23:54:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\TEMP\Mes documents\Mes fichiers pour ma TV
[2009/02/08 17:35:08 | 01,525,979 | ---- | C] () -- C:\Documents and Settings\TEMP\Mes documents\01. CAPCOM - DANCE WItH DEVILS.mp3

========== Files - Modified Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/03/09 22:24:18 | 00,001,351 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\DrWeb.csv
[2009/03/09 17:35:26 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/09 17:35:23 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/09 17:35:21 | 46,824,2432 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/09 17:25:45 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/09 02:28:40 | 00,022,404 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\bitdefender1.html
[2009/03/08 21:02:46 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/08 21:02:38 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/08 20:40:54 | 00,000,286 | RHS- | M] () -- C:\boot.ini
[2009/03/08 17:31:13 | 00,001,362 | ---- | M] () -- C:\Documents and Settings\TEMP\Bureau\GenProc - Raccourci.lnk
[2009/03/06 20:37:16 | 00,000,099 | ---- | M] () -- C:\Documents and Settings\TEMP\Bureau\Internet Explorer - résolution de problèmes.url
[2009/03/06 15:17:14 | 00,114,232 | ---- | M] () -- C:\Documents and Settings\TEMP\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/06 15:12:19 | 00,340,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/06 15:04:25 | 01,136,578 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/06 15:04:25 | 00,531,958 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/03/06 15:04:25 | 00,459,268 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/06 15:04:25 | 00,095,588 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/03/06 15:04:25 | 00,079,058 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/06 14:29:26 | 00,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/06 12:24:04 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Opera.lnk
[2009/03/05 22:00:25 | 00,014,911 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\Preaching_to_the_Perverted_(1997)_[LESBIAN_INTEREST]_---[www.bitcoca.com]---_.torrent
[2009/03/05 20:54:00 | 02,272,801 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\UseNeXTSetup_403463w.zip
[2009/03/05 12:46:24 | 00,003,778 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\Replay_Media_Catcher_3.0.1.rar[www.reload-paradise.net].torrent
[2009/03/05 12:38:49 | 00,237,568 | ---- | M] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009/03/05 12:38:49 | 00,156,672 | ---- | M] (Radioactive) -- C:\WINDOWS\System32\rmc_fixasf.exe
[2009/03/05 12:38:43 | 00,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL
[2009/03/05 12:07:53 | 00,000,071 | ---- | M] () -- C:\WINDOWS\pex.INI
[2009/03/04 21:06:12 | 00,278,016 | ---- | M] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2009/03/04 11:52:37 | 00,001,588 | ---- | M] () -- C:\Documents and Settings\TEMP\Bureau\LimeWire PRO 4.18.8.lnk
[2009/03/03 22:29:56 | 00,842,240 | -HS- | M] () -- C:\Documents and Settings\TEMP\Mes documents\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\TEMP\Mes documents\Thumbs.db:encryptable
[2009/02/27 22:56:15 | 00,075,800 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\POEME[1].pdf
[2009/02/23 21:43:04 | 00,413,696 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\papa_maman1.pps
[2009/02/23 13:55:59 | 00,035,097 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\Cunilingus.jpg
[2009/02/20 18:59:55 | 01,178,112 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\PG_LESVIEUXCOUPLES.pps
[2009/02/18 19:19:18 | 06,788,096 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\spartatouille GTA.AVI
[2009/02/08 17:35:09 | 01,525,979 | ---- | M] () -- C:\Documents and Settings\TEMP\Mes documents\01. CAPCOM - DANCE WItH DEVILS.mp3
< End of report >

répondre

Curson le 10 mars 2009 à 02h17

Bonsoir,

Désactive tes logiciels de sécurité durant la procédure.

1) Désinstalle les programmes ci-dessous (si présents) via "Ajout/Suppression de programmes".

AVG Anti-Spyware >> Il n'est plus mis à jour
Choice Guard
pdfforge Toolbar
Windows Live Toolbar
Ask Toolbar
getPlus
Jackpot Las Vegas Casino Lite
Safari Casino
Winkaa
Favorit
Search Enhancement Pack

2) Télécharge ATF-Cleaner by Atribune et enregistre-le sur ton bureau.

Ferme tes navigateurs et exécute le programme.

- Coche l'onglet "Select All".
- Clique sur "Empty Selected".

- Procède de même avec les onglets "Firefox" et "Opera"

3) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

KILLALL::

Driver::
gusvc
KeenfinderSrch Service
SeaPort

RegLock::
[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]

Registry::
[-HKEY_CLASSES_ROOT\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}]
[-HKEY_CLASSES_ROOT\EoRezoBHO.EoBho]
[-HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1]
[-HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}]
[-HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}]
[-HKEY_CURRENT_USER\SOFTWARE\EoRezo]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\EoRezoBHO.EoBho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\EoRezoBHO.EoBho.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}]
[-HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}"=-
[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}"=-
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F2CF5485-4E02-4F68-819C-B92DE9277049}"=-
[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"=-
[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}"=-
[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-
[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F2CF5485-4E02-4F68-819C-B92DE9277049}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=-
"ISUSScheduler"=-
"Microsoft Works Update Detection"=-
"SearchSettings"=-
"SunJavaUpdateSched"=-
"TrayServer"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\CabBuilder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"=-
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[-HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\[Emoticons-plus.com] Winkaa 2.0.exe"=-

File::
C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-30C88223.pf
C:\WINDOWS\iun6002.exe
C:\DOCUME~1\TEMP\Application Data\Azureus\torrents\Rapidshare+Firstload+usenext+Keygen+Key+!+Premium+v+3.6.rar.torrent
C:\DOCUME~1\TEMP\Application Data\Azureus\torrents\RicochetInfinity+CrackFull_By_Lespeed.rar[www.reload-paradise.net][1].torrent
C:\DOCUME~1\TEMP\Application Data\Azureus\torrents\Sony_Vegas_7.0e__+_Crack.rar[www.reload-paradise.net][1].torrent
C:\DOCUME~1\TEMP\Application Data\Azureus\torrents\Unreal_Tournament_3_KEYGEN___RELOADED-Fenopy.com.torrent
C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
C:\Documents and Settings\TEMP\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
C:\Documents and Settings\TEMP\Mes documents\Preaching_to_the_Perverted_(1997)_[LESBIAN_INTEREST]_---[www.bitcoca.com]---_.torrent
%SystemRoot%\bdoscandel.exe
C:\Documents and Settings\TEMP\Mes documents\UseNeXTSetup_403463w.zip
C:\Documents and Settings\TEMP\Mes documents\Replay_Media_Catcher_3.0.1.rar[www.reload-paradise.net].torrent
C:\WINDOWS\imsins.BAK
C:\WINDOWS\pex.INI
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Temp\Perflib_Perfdata_72c.dat

Folder::
C:\Program Files\AskBarDis
C:\DOCUME~1\TEMP\APPLIC~1\Search Settings
C:\DOCUME~1\TEMP\LOCALS~1\APPLIC~1\live-player
C:\Program Files\Grisoft
C:\Program Files\Microsoft\Search Enhancement Pack
C:\Program Files\pdfforge Toolbar
C:\Program Files\MarkAny
C:\32788R22FWJFW
C:\WINDOWS\BDOSCAN8
C:\05ebf9399de57b1050cc8dd3765e
C:\Program Files\LimeWire Acceleration Patch
C:\Documents and Settings\TEMP\Application Data\Search Settings
C:\Documents and Settings\TEMP\Application Data\pdfforge
C:\Program Files\pdfforge Toolbar
c:\documents and settings\TEMP\Application Data\Grisoft
c:\documents and settings\All Users\Application Data\Grisoft

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture

< inclued picture >

- Une fenêtre bleue va apparaître. Tape 1 si nécessaire.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.

- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

4) Télécharge Malwarebytes Anti-Malware.

- Installe-le et fais les mises à jour.

5) Lance MBAM :

- Coche la case "Exécuter un examen complet" puis clique sur Rechercher.
- Sélectionne (coche) toutes tes partitions puis clique sur "Lancer l'examen".
- Lorsque le scan est terminé, un message te prévient. Clique alors sur le bouton "Montrer les résultats".
- Dans la fenêtre suivante clique sur "Supprimer la sélection". Si le programme te propose de redémarrer l'ordinateur, accepte!
- Le rapport de scan va s'afficher. Sauvegarde le puis poste son contenu.

6) Je te conseille grandement d'installer l'antivirus AntiVir.
Tu trouveras un tutorial sur Antivir depuis ce lien : http://www.malekal.com/tutorial_antivir.php (EN) et http://www.libellules.ch/tuto_antivir.php (FR)

- Fais un scan complet de tous tes disques durs.
- Poste le rapport de scan dans ta prochaine réponse.

Cordialement.

-------
Si votre sujet reste sans réponse, merci de le signaler ici.

répondre

pascalou95 le 10 mars 2009 à 02h21

merci je vais faire ca et pour antivir c deja mon antivirus mais j ai du l enlever dans l une des etape que han!k m avais dits

répondre

pascalou95 le 10 mars 2009 à 13h32

j ai des programme que tu ma dis d enlever qu il ne veule pa etre desinstaller

répondre

pascalou95 le 10 mars 2009 à 17h14

voila le rapport de combofix et toujours aucune amelioration(au faite je suis sur ie 6 car avant mon probleme j ai pa pu mettre ie7 la mise ajour ne marche pas)
ComboFix 09-03-06.02 - Owner 2009-03-10 16:46:31.3 - NTFSx86
Lancé depuis: c:\documents and settings\TEMP\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\TEMP\Bureau\CFScript.txt

FILE ::
c:\docume~1\TEMP\Application Data\Azureus\torrents\Rapidshare+Firstload+usenext+Keygen+Key+!+Premium+v+3.6.rar.torrent
c:\docume~1\TEMP\Application Data\Azureus\torrents\RicochetInfinity+CrackFull_By_Lespeed.rar[www.reload-paradise.net][1].torrent
c:\docume~1\TEMP\Application Data\Azureus\torrents\Sony_Vegas_7.0e__+_Crack.rar[www.reload-paradise.net][1].torrent
c:\docume~1\TEMP\Application Data\Azureus\torrents\Unreal_Tournament_3_KEYGEN___RELOADED-Fenopy.com.torrent
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
c:\documents and settings\TEMP\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
c:\documents and settings\TEMP\Mes documents\Preaching_to_the_Perverted_(1997)_[LESBIAN_INTEREST]_---[www.bitcoca.com]---_.torrent
c:\windows\iun6002.exe
c:\windows\Prefetch\SEARCHSETTINGS.EXE-30C88223.pf
c:\windows\system32\[Emoticons-plus.com] Winkaa 2.0.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\05ebf9399de57b1050cc8dd3765e
c:\05ebf9399de57b1050cc8dd3765e\amd64\filterpipelineprintproc.dll
c:\05ebf9399de57b1050cc8dd3765e\amd64\msxpsdrv.cat
c:\05ebf9399de57b1050cc8dd3765e\amd64\msxpsdrv.inf
c:\05ebf9399de57b1050cc8dd3765e\amd64\msxpsinc.gpd
c:\05ebf9399de57b1050cc8dd3765e\amd64\msxpsinc.ppd
c:\05ebf9399de57b1050cc8dd3765e\amd64\mxdwdrv.dll
c:\05ebf9399de57b1050cc8dd3765e\amd64\xpssvcs.dll
c:\05ebf9399de57b1050cc8dd3765e\i386\filterpipelineprintproc.dll
c:\05ebf9399de57b1050cc8dd3765e\i386\msxpsdrv.cat
c:\05ebf9399de57b1050cc8dd3765e\i386\msxpsdrv.inf
c:\05ebf9399de57b1050cc8dd3765e\i386\msxpsinc.gpd
c:\05ebf9399de57b1050cc8dd3765e\i386\msxpsinc.ppd
c:\05ebf9399de57b1050cc8dd3765e\i386\mxdwdrv.dll
c:\05ebf9399de57b1050cc8dd3765e\i386\xpssvcs.dll
c:\docume~1\TEMP\APPLIC~1\Search Settings
c:\docume~1\TEMP\APPLIC~1\Search Settings\kb128\temp\ws-14310.log
c:\docume~1\TEMP\Application Data\Azureus\torrents\Rapidshare+Firstload+usenext+Keygen+Key+!+Premium+v+3.6.rar.torrent
c:\docume~1\TEMP\Application Data\Azureus\torrents\RicochetInfinity+CrackFull_By_Lespeed.rar[www.reload-paradise.net][1].torrent
c:\docume~1\TEMP\Application Data\Azureus\torrents\Sony_Vegas_7.0e__+_Crack.rar[www.reload-paradise.net][1].torrent
c:\docume~1\TEMP\Application Data\Azureus\torrents\Unreal_Tournament_3_KEYGEN___RELOADED-Fenopy.com.torrent
c:\docume~1\TEMP\LOCALS~1\APPLIC~1\live-player
c:\docume~1\TEMP\LOCALS~1\APPLIC~1\live-player\flv.swf
c:\docume~1\TEMP\LOCALS~1\APPLIC~1\live-player\liveplayer.s3db
c:\documents and settings\All Users\Application Data\Grisoft
c:\documents and settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
c:\documents and settings\TEMP\Application Data\pdfforge
c:\documents and settings\TEMP\Application Data\pdfforge\res\widgets.xml
c:\documents and settings\TEMP\Application Data\Search Settings\kb128\temp\ws-14310.log
c:\documents and settings\TEMP\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
c:\documents and settings\TEMP\Mes documents\Preaching_to_the_Perverted_(1997)_[LESBIAN_INTEREST]_---[www.bitcoca.com]---_.torrent
c:\program files\Grisoft
c:\program files\Grisoft\AVG Anti-Spyware 7.5\context.dll
c:\program files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
c:\program files\LimeWire Acceleration Patch
c:\program files\LimeWire Acceleration Patch\LimeWire Acceleration Patch.ini
c:\program files\MarkAny
c:\program files\MarkAny\ContentSafer\Data\markany.mp3
c:\program files\MarkAny\ContentSafer\FE250_DEVICE.dll
c:\program files\MarkAny\ContentSafer\MaAgent.exe
c:\program files\MarkAny\ContentSafer\MAAuthProc.dll
c:\program files\MarkAny\ContentSafer\MACLICX13.dll
c:\program files\MarkAny\ContentSafer\MACSMANAGER.dll
c:\program files\MarkAny\ContentSafer\MaCSMgr.exe
c:\program files\MarkAny\ContentSafer\MaCSProHook.dll
c:\program files\MarkAny\ContentSafer\MAGom.dll
c:\program files\MarkAny\ContentSafer\mapshapi.dll
c:\program files\MarkAny\ContentSafer\mapwij10.dll
c:\program files\MarkAny\ContentSafer\MaSyncP.dll
c:\program files\MarkAny\ContentSafer\MaWAMP.dll
c:\program files\MarkAny\ContentSafer\MAWebControl.exe
c:\program files\MarkAny\ContentSafer\MaWMP.dll
c:\program files\MarkAny\ContentSafer\MessageWind.dll
c:\program files\MarkAny\ContentSafer\MPXBox.exe
c:\program files\MarkAny\ContentSafer\MTDES.dll
c:\program files\MarkAny\ContentSafer\MtpAccess.dll
c:\program files\MarkAny\ContentSafer\MTTCC720U.dll
c:\program files\MarkAny\ContentSafer\MTTELECHIP.dll
c:\program files\MarkAny\ContentSafer\MTXSYNCMP1.dll
c:\program files\MarkAny\ContentSafer\MTXSYNCMP11.dll
c:\program files\MarkAny\ContentSafer\MTXSYNCMP12.dll
c:\program files\MarkAny\ContentSafer\MTXSYNCMP13.dll
c:\program files\MarkAny\ContentSafer\MTXSYNCMP2.dll
c:\program files\MarkAny\ContentSafer\MTXSYNCMP3.dll
c:\program files\MarkAny\ContentSafer\MTXSYNCMP4.dll
c:\program files\MarkAny\ContentSafer\MTXSYNCMP5.dll
c:\program files\MarkAny\ContentSafer\MTXSYNCMP6.dll
c:\program files\MarkAny\ContentSafer\MTXSYNCMP7.dll
c:\program files\MarkAny\ContentSafer\MTXSYNCMP8.dll
c:\program files\MarkAny\ContentSafer\MTXSYNCMP9.dll
c:\program files\MarkAny\ContentSafer\MTXUSB.dll
c:\program files\MarkAny\ContentSafer\T730usb.dll
c:\program files\MarkAny\ContentSafer\TCC730USB.dll
c:\program files\MarkAny\ContentSafer\UpdateClient\MAFileUpdate.dll
c:\program files\MarkAny\ContentSafer\UpdateClient\MAUpdateBoot.exe
c:\program files\MarkAny\ContentSafer\UpdateClient\MaUpdateClient.exe
c:\program files\MarkAny\ContentSafer\UpdateClient\musiccity@musiccity_Install.xml
c:\program files\MarkAny\ContentSafer\USBControl.dll
c:\program files\MarkAny\ContentSafer\UserShare.dll
c:\program files\MarkAny\ContentSafer\XSYNCClt.dll
c:\program files\Microsoft\Search Enhancement Pack
c:\program files\Microsoft\Search Enhancement Pack\Choice Guard\CGuard.exe
c:\program files\Microsoft\Search Enhancement Pack\Choice Guard\ChoiceGuard.dll
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft\Search Enhancement Pack\Search Box Extension\SRCHBXEX.DLL
c:\program files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
c:\program files\Microsoft\Search Enhancement Pack\SeaShadow\SEASHADO.DLL
c:\program files\pdfforge Toolbar
c:\program files\pdfforge Toolbar\config.ini
c:\program files\pdfforge Toolbar\Res\icon_settings.gif
c:\program files\pdfforge Toolbar\Res\pdfc_branding.gif
c:\program files\pdfforge Toolbar\Res\pdfc_branding_hover.gif
c:\program files\pdfforge Toolbar\Res\pdfc_icon.gif
c:\program files\pdfforge Toolbar\Res\pdfc_portal_logo.gif
c:\program files\pdfforge Toolbar\Res\search-button-hover.gif
c:\program files\pdfforge Toolbar\Res\search-button.gif
c:\program files\pdfforge Toolbar\Res\search-chevron-hover.gif
c:\program files\pdfforge Toolbar\Res\search-chevron.gif
c:\program files\pdfforge Toolbar\Res\search_amazon.gif
c:\program files\pdfforge Toolbar\Res\search_ebay.gif
c:\program files\pdfforge Toolbar\Res\search_yahoo.gif
c:\program files\pdfforge Toolbar\Res\separator.gif
c:\program files\pdfforge Toolbar\Res\widgets.xml
c:\program files\pdfforge Toolbar\SearchSettings.dll
c:\program files\pdfforge Toolbar\SearchSettings.exe
c:\program files\pdfforge Toolbar\SearchSettingsRes409.dll
c:\program files\pdfforge Toolbar\sscfg.ini
c:\program files\pdfforge Toolbar\WidgiHelper.exe
c:\program files\pdfforge Toolbar\WidgiToolbarIE.dll
c:\windows\BDOSCAN8
c:\windows\BDOSCAN8\avxdisk.dll
c:\windows\BDOSCAN8\avxs.dll
c:\windows\BDOSCAN8\avxt.dll
c:\windows\BDOSCAN8\bdcore.dll
c:\windows\BDOSCAN8\bdoscan.ini
c:\windows\BDOSCAN8\bdoscan.log
c:\windows\BDOSCAN8\bdupd.dll
c:\windows\BDOSCAN8\bdupd.dll.updpnd
c:\windows\BDOSCAN8\boot.xmd
c:\windows\BDOSCAN8\ipsupd.dll
c:\windows\BDOSCAN8\lang.ini
c:\windows\BDOSCAN8\libfn.dll
c:\windows\BDOSCAN8\librtvr.dll
c:\windows\BDOSCAN8\live.ini
c:\windows\BDOSCAN8\oscan8.ocx
c:\windows\BDOSCAN8\plugins.htm
c:\windows\BDOSCAN8\plugins\7zip.xmd
c:\windows\BDOSCAN8\plugins\access.xmd
c:\windows\BDOSCAN8\plugins\ace.xmd
c:\windows\BDOSCAN8\plugins\adsntfs.xmd
c:\windows\BDOSCAN8\plugins\alz.xmd
c:\windows\BDOSCAN8\plugins\arc.xmd
c:\windows\BDOSCAN8\plugins\arj.xmd
c:\windows\BDOSCAN8\plugins\aspy_emu.cvd
c:\windows\BDOSCAN8\plugins\bach.xmd
c:\windows\BDOSCAN8\plugins\boot.xmd
c:\windows\BDOSCAN8\plugins\bzip2.xmd
c:\windows\BDOSCAN8\plugins\cab.xmd
c:\windows\BDOSCAN8\plugins\ceva_dll.cvd
c:\windows\BDOSCAN8\plugins\ceva_emu.cvd
c:\windows\BDOSCAN8\plugins\ceva_vfs.cvd
c:\windows\BDOSCAN8\plugins\ceva_vfs.ivd
c:\windows\BDOSCAN8\plugins\cevakrnl.cvd
c:\windows\BDOSCAN8\plugins\cevakrnl.ivd
c:\windows\BDOSCAN8\plugins\cevakrnl.rv0
c:\windows\BDOSCAN8\plugins\cevakrnl.rvd
c:\windows\BDOSCAN8\plugins\cevakrnl.xmd
c:\windows\BDOSCAN8\plugins\chm.xmd
c:\windows\BDOSCAN8\plugins\cookie.cvd
c:\windows\BDOSCAN8\plugins\cookie.xmd
c:\windows\BDOSCAN8\plugins\cpio.xmd
c:\windows\BDOSCAN8\plugins\cran.cvd
c:\windows\BDOSCAN8\plugins\cran.ivd
c:\windows\BDOSCAN8\plugins\cran.xmd
c:\windows\BDOSCAN8\plugins\dbx.xmd
c:\windows\BDOSCAN8\plugins\docfile.xmd
c:\windows\BDOSCAN8\plugins\dummyarch.xmd
c:\windows\BDOSCAN8\plugins\dummyscan.xmd
c:\windows\BDOSCAN8\plugins\e_spyw.cvd
c:\windows\BDOSCAN8\plugins\e_spyw.i01
c:\windows\BDOSCAN8\plugins\e_spyw.i02
c:\windows\BDOSCAN8\plugins\e_spyw.i03
c:\windows\BDOSCAN8\plugins\e_spyw.i04
c:\windows\BDOSCAN8\plugins\e_spyw.i05
c:\windows\BDOSCAN8\plugins\e_spyw.i06
c:\windows\BDOSCAN8\plugins\e_spyw.i07
c:\windows\BDOSCAN8\plugins\e_spyw.i08
c:\windows\BDOSCAN8\plugins\e_spyw.i09
c:\windows\BDOSCAN8\plugins\e_spyw.i10
c:\windows\BDOSCAN8\plugins\e_spyw.i11
c:\windows\BDOSCAN8\plugins\e_spyw.i12
c:\windows\BDOSCAN8\plugins\e_spyw.i13
c:\windows\BDOSCAN8\plugins\e_spyw.i14
c:\windows\BDOSCAN8\plugins\e_spyw.i15
c:\windows\BDOSCAN8\plugins\e_spyw.i16
c:\windows\BDOSCAN8\plugins\e_spyw.i17
c:\windows\BDOSCAN8\plugins\e_spyw.i18
c:\windows\BDOSCAN8\plugins\e_spyw.i19
c:\windows\BDOSCAN8\plugins\e_spyw.i20
c:\windows\BDOSCAN8\plugins\e_spyw.i21
c:\windows\BDOSCAN8\plugins\e_spyw.i22
c:\windows\BDOSCAN8\plugins\e_spyw.i23
c:\windows\BDOSCAN8\plugins\e_spyw.i24
c:\windows\BDOSCAN8\plugins\e_spyw.i25
c:\windows\BDOSCAN8\plugins\e_spyw.i26
c:\windows\BDOSCAN8\plugins\e_spyw.i27
c:\windows\BDOSCAN8\plugins\e_spyw.i28
c:\windows\BDOSCAN8\plugins\e_spyw.i29
c:\windows\BDOSCAN8\plugins\e_spyw.i30
c:\windows\BDOSCAN8\plugins\e_spyw.i31
c:\windows\BDOSCAN8\plugins\e_spyw.i32
c:\windows\BDOSCAN8\plugins\e_spyw.i33
c:\windows\BDOSCAN8\plugins\e_spyw.i34
c:\windows\BDOSCAN8\plugins\e_spyw.i35
c:\windows\BDOSCAN8\plugins\e_spyw.i36
c:\windows\BDOSCAN8\plugins\e_spyw.i37
c:\windows\BDOSCAN8\plugins\e_spyw.i38
c:\windows\BDOSCAN8\plugins\e_spyw.i39
c:\windows\BDOSCAN8\plugins\e_spyw.i40
c:\windows\BDOSCAN8\plugins\e_spyw.i41
c:\windows\BDOSCAN8\plugins\e_spyw.i42
c:\windows\BDOSCAN8\plugins\e_spyw.i43
c:\windows\BDOSCAN8\plugins\e_spyw.i44
c:\windows\BDOSCAN8\plugins\e_spyw.i45
c:\windows\BDOSCAN8\plugins\e_spyw.i46
c:\windows\BDOSCAN8\plugins\e_spyw.i47
c:\windows\BDOSCAN8\plugins\e_spyw.i48
c:\windows\BDOSCAN8\plugins\e_spyw.i49
c:\windows\BDOSCAN8\plugins\e_spyw.ivd
c:\windows\BDOSCAN8\plugins\emalware.001
c:\windows\BDOSCAN8\plugins\emalware.002
c:\windows\BDOSCAN8\plugins\emalware.003
c:\windows\BDOSCAN8\plugins\emalware.004
c:\windows\BDOSCAN8\plugins\emalware.005
c:\windows\BDOSCAN8\plugins\emalware.006
c:\windows\BDOSCAN8\plugins\emalware.007
c:\windows\BDOSCAN8\plugins\emalware.008
c:\windows\BDOSCAN8\plugins\emalware.009
c:\windows\BDOSCAN8\plugins\emalware.010
c:\windows\BDOSCAN8\plugins\emalware.011
c:\windows\BDOSCAN8\plugins\emalware.012
c:\windows\BDOSCAN8\plugins\emalware.013
c:\windows\BDOSCAN8\plugins\emalware.014
c:\windows\BDOSCAN8\plugins\emalware.015
c:\windows\BDOSCAN8\plugins\emalware.016
c:\windows\BDOSCAN8\plugins\emalware.017
c:\windows\BDOSCAN8\plugins\emalware.018
c:\windows\BDOSCAN8\plugins\emalware.019
c:\windows\BDOSCAN8\plugins\emalware.020
c:\windows\BDOSCAN8\plugins\emalware.021
c:\windows\BDOSCAN8\plugins\emalware.022
c:\windows\BDOSCAN8\plugins\emalware.023
c:\windows\BDOSCAN8\plugins\emalware.024
c:\windows\BDOSCAN8\plugins\emalware.025
c:\windows\BDOSCAN8\plugins\emalware.026
c:\windows\BDOSCAN8\plugins\emalware.027
c:\windows\BDOSCAN8\plugins\emalware.028
c:\windows\BDOSCAN8\plugins\emalware.029
c:\windows\BDOSCAN8\plugins\emalware.030
c:\windows\BDOSCAN8\plugins\emalware.031
c:\windows\BDOSCAN8\plugins\emalware.032
c:\windows\BDOSCAN8\plugins\emalware.033
c:\windows\BDOSCAN8\plugins\emalware.034
c:\windows\BDOSCAN8\plugins\emalware.035
c:\windows\BDOSCAN8\plugins\emalware.036
c:\windows\BDOSCAN8\plugins\emalware.037
c:\windows\BDOSCAN8\plugins\emalware.038
c:\windows\BDOSCAN8\plugins\emalware.039
c:\windows\BDOSCAN8\plugins\emalware.040
c:\windows\BDOSCAN8\plugins\emalware.041
c:\windows\BDOSCAN8\plugins\emalware.042
c:\windows\BDOSCAN8\plugins\emalware.043
c:\windows\BDOSCAN8\plugins\emalware.044
c:\windows\BDOSCAN8\plugins\emalware.045
c:\windows\BDOSCAN8\plugins\emalware.046
c:\windows\BDOSCAN8\plugins\emalware.047
c:\windows\BDOSCAN8\plugins\emalware.048
c:\windows\BDOSCAN8\plugins\emalware.049
c:\windows\BDOSCAN8\plugins\emalware.050
c:\windows\BDOSCAN8\plugins\emalware.051
c:\windows\BDOSCAN8\plugins\emalware.052
c:\windows\BDOSCAN8\plugins\emalware.053
c:\windows\BDOSCAN8\plugins\emalware.054
c:\windows\BDOSCAN8\plugins\emalware.055
c:\windows\BDOSCAN8\plugins\emalware.056
c:\windows\BDOSCAN8\plugins\emalware.057
c:\windows\BDOSCAN8\plugins\emalware.058
c:\windows\BDOSCAN8\plugins\emalware.059
c:\windows\BDOSCAN8\plugins\emalware.060
c:\windows\BDOSCAN8\plugins\emalware.061
c:\windows\BDOSCAN8\plugins\emalware.062
c:\windows\BDOSCAN8\plugins\emalware.063
c:\windows\BDOSCAN8\plugins\emalware.064
c:\windows\BDOSCAN8\plugins\emalware.065
c:\windows\BDOSCAN8\plugins\emalware.066
c:\windows\BDOSCAN8\plugins\emalware.067
c:\windows\BDOSCAN8\plugins\emalware.068
c:\windows\BDOSCAN8\plugins\emalware.069
c:\windows\BDOSCAN8\plugins\emalware.070
c:\windows\BDOSCAN8\plugins\emalware.071
c:\windows\BDOSCAN8\plugins\emalware.072
c:\windows\BDOSCAN8\plugins\emalware.073
c:\windows\BDOSCAN8\plugins\emalware.074
c:\windows\BDOSCAN8\plugins\emalware.075
c:\windows\BDOSCAN8\plugins\emalware.076
c:\windows\BDOSCAN8\plugins\emalware.077
c:\windows\BDOSCAN8\plugins\emalware.078
c:\windows\BDOSCAN8\plugins\emalware.079
c:\windows\BDOSCAN8\plugins\emalware.080
c:\windows\BDOSCAN8\plugins\emalware.081
c:\windows\BDOSCAN8\plugins\emalware.082
c:\windows\BDOSCAN8\plugins\emalware.083
c:\windows\BDOSCAN8\plugins\emalware.084
c:\windows\BDOSCAN8\plugins\emalware.085
c:\windows\BDOSCAN8\plugins\emalware.086
c:\windows\BDOSCAN8\plugins\emalware.087
c:\windows\BDOSCAN8\plugins\emalware.088
c:\windows\BDOSCAN8\plugins\emalware.089
c:\windows\BDOSCAN8\plugins\emalware.090
c:\windows\BDOSCAN8\plugins\emalware.091
c:\windows\BDOSCAN8\plugins\emalware.092
c:\windows\BDOSCAN8\plugins\emalware.093
c:\windows\BDOSCAN8\plugins\emalware.094
c:\windows\BDOSCAN8\plugins\emalware.095
c:\windows\BDOSCAN8\plugins\emalware.096
c:\windows\BDOSCAN8\plugins\emalware.097
c:\windows\BDOSCAN8\plugins\emalware.098
c:\windows\BDOSCAN8\plugins\emalware.099
c:\windows\BDOSCAN8\plugins\emalware.100
c:\windows\BDOSCAN8\plugins\emalware.101
c:\windows\BDOSCAN8\plugins\emalware.102
c:\windows\BDOSCAN8\plugins\emalware.103
c:\windows\BDOSCAN8\plugins\emalware.104
c:\windows\BDOSCAN8\plugins\emalware.105
c:\windows\BDOSCAN8\plugins\emalware.106
c:\windows\BDOSCAN8\plugins\emalware.107
c:\windows\BDOSCAN8\plugins\emalware.108
c:\windows\BDOSCAN8\plugins\emalware.109
c:\windows\BDOSCAN8\plugins\emalware.110
c:\windows\BDOSCAN8\plugins\emalware.111
c:\windows\BDOSCAN8\plugins\emalware.112
c:\windows\BDOSCAN8\plugins\emalware.113
c:\windows\BDOSCAN8\plugins\emalware.114
c:\windows\BDOSCAN8\plugins\emalware.115
c:\windows\BDOSCAN8\plugins\emalware.116
c:\windows\BDOSCAN8\plugins\emalware.117
c:\windows\BDOSCAN8\plugins\emalware.118
c:\windows\BDOSCAN8\plugins\emalware.119
c:\windows\BDOSCAN8\plugins\emalware.120
c:\windows\BDOSCAN8\plugins\emalware.121
c:\windows\BDOSCAN8\plugins\emalware.122
c:\windows\BDOSCAN8\plugins\emalware.123
c:\windows\BDOSCAN8\plugins\emalware.124
c:\windows\BDOSCAN8\plugins\emalware.125
c:\windows\BDOSCAN8\plugins\emalware.126
c:\windows\BDOSCAN8\plugins\emalware.127
c:\windows\BDOSCAN8\plugins\emalware.128
c:\windows\BDOSCAN8\plugins\emalware.129
c:\windows\BDOSCAN8\plugins\emalware.130
c:\windows\BDOSCAN8\plugins\emalware.131
c:\windows\BDOSCAN8\plugins\emalware.132
c:\windows\BDOSCAN8\plugins\emalware.133
c:\windows\BDOSCAN8\plugins\emalware.134
c:\windows\BDOSCAN8\plugins\emalware.135
c:\windows\BDOSCAN8\plugins\emalware.136
c:\windows\BDOSCAN8\plugins\emalware.137
c:\windows\BDOSCAN8\plugins\emalware.138
c:\windows\BDOSCAN8\plugins\emalware.139
c:\windows\BDOSCAN8\plugins\emalware.140
c:\windows\BDOSCAN8\plugins\emalware.141
c:\windows\BDOSCAN8\plugins\emalware.142
c:\windows\BDOSCAN8\plugins\emalware.143
c:\windows\BDOSCAN8\plugins\emalware.144
c:\windows\BDOSCAN8\plugins\emalware.145
c:\windows\BDOSCAN8\plugins\emalware.146
c:\windows\BDOSCAN8\plugins\emalware.147
c:\windows\BDOSCAN8\plugins\emalware.148
c:\windows\BDOSCAN8\plugins\emalware.149
c:\windows\BDOSCAN8\plugins\emalware.150
c:\windows\BDOSCAN8\plugins\emalware.151
c:\windows\BDOSCAN8\plugins\emalware.152
c:\windows\BDOSCAN8\plugins\emalware.153
c:\windows\BDOSCAN8\plugins\emalware.154
c:\windows\BDOSCAN8\plugins\emalware.155
c:\windows\BDOSCAN8\plugins\emalware.156
c:\windows\BDOSCAN8\plugins\emalware.157
c:\windows\BDOSCAN8\plugins\emalware.158
c:\windows\BDOSCAN8\plugins\emalware.159
c:\windows\BDOSCAN8\plugins\emalware.160
c:\windows\BDOSCAN8\plugins\emalware.161
c:\windows\BDOSCAN8\plugins\emalware.162
c:\windows\BDOSCAN8\plugins\emalware.163
c:\windows\BDOSCAN8\plugins\emalware.164
c:\windows\BDOSCAN8\plugins\emalware.165
c:\windows\BDOSCAN8\plugins\emalware.166
c:\windows\BDOSCAN8\plugins\emalware.167
c:\windows\BDOSCAN8\plugins\emalware.168
c:\windows\BDOSCAN8\plugins\emalware.169
c:\windows\BDOSCAN8\plugins\emalware.170
c:\windows\BDOSCAN8\plugins\emalware.171
c:\windows\BDOSCAN8\plugins\emalware.172
c:\windows\BDOSCAN8\plugins\emalware.173
c:\windows\BDOSCAN8\plugins\emalware.174
c:\windows\BDOSCAN8\plugins\emalware.175
c:\windows\BDOSCAN8\plugins\emalware.176
c:\windows\BDOSCAN8\plugins\emalware.177
c:\windows\BDOSCAN8\plugins\emalware.178
c:\windows\BDOSCAN8\plugins\emalware.179
c:\windows\BDOSCAN8\plugins\emalware.180
c:\windows\BDOSCAN8\plugins\emalware.181
c:\windows\BDOSCAN8\plugins\emalware.182
c:\windows\BDOSCAN8\plugins\emalware.183
c:\windows\BDOSCAN8\plugins\emalware.184
c:\windows\BDOSCAN8\plugins\emalware.185
c:\windows\BDOSCAN8\plugins\emalware.186
c:\windows\BDOSCAN8\plugins\emalware.187
c:\windows\BDOSCAN8\plugins\emalware.188
c:\windows\BDOSCAN8\plugins\emalware.189
c:\windows\BDOSCAN8\plugins\emalware.190
c:\windows\BDOSCAN8\plugins\emalware.191
c:\windows\BDOSCAN8\plugins\emalware.192
c:\windows\BDOSCAN8\plugins\emalware.193
c:\windows\BDOSCAN8\plugins\emalware.194
c:\windows\BDOSCAN8\plugins\emalware.195
c:\windows\BDOSCAN8\plugins\emalware.196
c:\windows\BDOSCAN8\plugins\emalware.197
c:\windows\BDOSCAN8\plugins\emalware.198
c:\windows\BDOSCAN8\plugins\emalware.199
c:\windows\BDOSCAN8\plugins\emalware.200
c:\windows\BDOSCAN8\plugins\emalware.201
c:\windows\BDOSCAN8\plugins\emalware.202
c:\windows\BDOSCAN8\plugins\emalware.203
c:\windows\BDOSCAN8\plugins\emalware.204
c:\windows\BDOSCAN8\plugins\emalware.205
c:\windows\BDOSCAN8\plugins\emalware.206
c:\windows\BDOSCAN8\plugins\emalware.207
c:\windows\BDOSCAN8\plugins\emalware.208
c:\windows\BDOSCAN8\plugins\emalware.209
c:\windows\BDOSCAN8\plugins\emalware.210
c:\windows\BDOSCAN8\plugins\emalware.211
c:\windows\BDOSCAN8\plugins\emalware.212
c:\windows\BDOSCAN8\plugins\emalware.213
c:\windows\BDOSCAN8\plugins\emalware.214
c:\windows\BDOSCAN8\plugins\emalware.215
c:\windows\BDOSCAN8\plugins\emalware.216
c:\windows\BDOSCAN8\plugins\emalware.217
c:\windows\BDOSCAN8\plugins\emalware.218
c:\windows\BDOSCAN8\plugins\emalware.219
c:\windows\BDOSCAN8\plugins\emalware.220
c:\windows\BDOSCAN8\plugins\emalware.221
c:\windows\BDOSCAN8\plugins\emalware.222
c:\windows\BDOSCAN8\plugins\emalware.223
c:\windows\BDOSCAN8\plugins\emalware.224
c:\windows\BDOSCAN8\plugins\emalware.225
c:\windows\BDOSCAN8\plugins\emalware.226
c:\windows\BDOSCAN8\plugins\emalware.227
c:\windows\BDOSCAN8\plugins\emalware.228
c:\windows\BDOSCAN8\plugins\emalware.229
c:\windows\BDOSCAN8\plugins\emalware.230
c:\windows\BDOSCAN8\plugins\emalware.231
c:\windows\BDOSCAN8\plugins\emalware.232
c:\windows\BDOSCAN8\plugins\emalware.233
c:\windows\BDOSCAN8\plugins\emalware.234
c:\windows\BDOSCAN8\plugins\emalware.235
c:\windows\BDOSCAN8\plugins\emalware.236
c:\windows\BDOSCAN8\plugins\emalware.237
c:\windows\BDOSCAN8\plugins\emalware.238
c:\windows\BDOSCAN8\plugins\emalware.239
c:\windows\BDOSCAN8\plugins\emalware.240
c:\windows\BDOSCAN8\plugins\emalware.241
c:\windows\BDOSCAN8\plugins\emalware.242
c:\windows\BDOSCAN8\plugins\emalware.243
c:\windows\BDOSCAN8\plugins\emalware.244
c:\windows\BDOSCAN8\plugins\emalware.245
c:\windows\BDOSCAN8\plugins\emalware.246
c:\windows\BDOSCAN8\plugins\emalware.247
c:\windows\BDOSCAN8\plugins\emalware.248
c:\windows\BDOSCAN8\plugins\emalware.249
c:\windows\BDOSCAN8\plugins\emalware.250
c:\windows\BDOSCAN8\plugins\emalware.251
c:\windows\BDOSCAN8\plugins\emalware.252
c:\windows\BDOSCAN8\plugins\emalware.253
c:\windows\BDOSCAN8\plugins\emalware.254
c:\windows\BDOSCAN8\plugins\emalware.255
c:\windows\BDOSCAN8\plugins\emalware.256
c:\windows\BDOSCAN8\plugins\emalware.257
c:\windows\BDOSCAN8\plugins\emalware.258
c:\windows\BDOSCAN8\plugins\emalware.259
c:\windows\BDOSCAN8\plugins\emalware.260
c:\windows\BDOSCAN8\plugins\emalware.261
c:\windows\BDOSCAN8\plugins\emalware.262
c:\windows\BDOSCAN8\plugins\emalware.263
c:\windows\BDOSCAN8\plugins\emalware.264
c:\windows\BDOSCAN8\plugins\emalware.265
c:\windows\BDOSCAN8\plugins\emalware.266
c:\windows\BDOSCAN8\plugins\emalware.267
c:\windows\BDOSCAN8\plugins\emalware.268
c:\windows\BDOSCAN8\plugins\emalware.269
c:\windows\BDOSCAN8\plugins\emalware.270
c:\windows\BDOSCAN8\plugins\emalware.271
c:\windows\BDOSCAN8\plugins\emalware.272
c:\windows\BDOSCAN8\plugins\emalware.273
c:\windows\BDOSCAN8\plugins\emalware.274
c:\windows\BDOSCAN8\plugins\emalware.275
c:\windows\BDOSCAN8\plugins\emalware.276
c:\windows\BDOSCAN8\plugins\emalware.277
c:\windows\BDOSCAN8\plugins\emalware.278
c:\windows\BDOSCAN8\plugins\emalware.279
c:\windows\BDOSCAN8\plugins\emalware.280
c:\windows\BDOSCAN8\plugins\emalware.281
c:\windows\BDOSCAN8\plugins\emalware.282
c:\windows\BDOSCAN8\plugins\emalware.283
c:\windows\BDOSCAN8\plugins\emalware.284
c:\windows\BDOSCAN8\plugins\emalware.285
c:\windows\BDOSCAN8\plugins\emalware.286
c:\windows\BDOSCAN8\plugins\emalware.287
c:\windows\BDOSCAN8\plugins\emalware.288
c:\windows\BDOSCAN8\plugins\emalware.289
c:\windows\BDOSCAN8\plugins\emalware.290
c:\windows\BDOSCAN8\plugins\emalware.291
c:\windows\BDOSCAN8\plugins\emalware.292
c:\windows\BDOSCAN8\plugins\emalware.293
c:\windows\BDOSCAN8\plugins\emalware.294
c:\windows\BDOSCAN8\plugins\emalware.295
c:\windows\BDOSCAN8\plugins\emalware.296
c:\windows\BDOSCAN8\plugins\emalware.297
c:\windows\BDOSCAN8\plugins\emalware.298
c:\windows\BDOSCAN8\plugins\emalware.299
c:\windows\BDOSCAN8\plugins\emalware.300
c:\windows\BDOSCAN8\plugins\emalware.301
c:\windows\BDOSCAN8\plugins\emalware.302
c:\windows\BDOSCAN8\plugins\emalware.303
c:\windows\BDOSCAN8\plugins\emalware.304
c:\windows\BDOSCAN8\plugins\emalware.305
c:\windows\BDOSCAN8\plugins\emalware.306
c:\windows\BDOSCAN8\plugins\emalware.307
c:\windows\BDOSCAN8\plugins\emalware.308
c:\windows\BDOSCAN8\plugins\emalware.309
c:\windows\BDOSCAN8\plugins\emalware.310
c:\windows\BDOSCAN8\plugins\emalware.311
c:\windows\BDOSCAN8\plugins\emalware.312
c:\windows\BDOSCAN8\plugins\emalware.313
c:\windows\BDOSCAN8\plugins\emalware.314
c:\windows\BDOSCAN8\plugins\emalware.315
c:\windows\BDOSCAN8\plugins\emalware.316
c:\windows\BDOSCAN8\plugins\emalware.317
c:\windows\BDOSCAN8\plugins\emalware.318
c:\windows\BDOSCAN8\plugins\emalware.319
c:\windows\BDOSCAN8\plugins\emalware.320
c:\windows\BDOSCAN8\plugins\emalware.321
c:\windows\BDOSCAN8\plugins\emalware.322
c:\windows\BDOSCAN8\plugins\emalware.323
c:\windows\BDOSCAN8\plugins\emalware.324
c:\windows\BDOSCAN8\plugins\emalware.325
c:\windows\BDOSCAN8\plugins\emalware.326
c:\windows\BDOSCAN8\plugins\emalware.327
c:\windows\BDOSCAN8\plugins\emalware.328
c:\windows\BDOSCAN8\plugins\emalware.329
c:\windows\BDOSCAN8\plugins\emalware.330
c:\windows\BDOSCAN8\plugins\emalware.331
c:\windows\BDOSCAN8\plugins\emalware.332
c:\windows\BDOSCAN8\plugins\emalware.333
c:\windows\BDOSCAN8\plugins\emalware.334
c:\windows\BDOSCAN8\plugins\emalware.335
c:\windows\BDOSCAN8\plugins\emalware.336
c:\windows\BDOSCAN8\plugins\emalware.337
c:\windows\BDOSCAN8\plugins\emalware.338
c:\windows\BDOSCAN8\plugins\emalware.339
c:\windows\BDOSCAN8\plugins\emalware.340
c:\windows\BDOSCAN8\plugins\emalware.341
c:\windows\BDOSCAN8\plugins\emalware.342
c:\windows\BDOSCAN8\plugins\emalware.343
c:\windows\BDOSCAN8\plugins\emalware.344
c:\windows\BDOSCAN8\plugins\emalware.345
c:\windows\BDOSCAN8\plugins\emalware.346
c:\windows\BDOSCAN8\plugins\emalware.347
c:\windows\BDOSCAN8\plugins\emalware.348
c:\windows\BDOSCAN8\plugins\emalware.349
c:\windows\BDOSCAN8\plugins\emalware.350
c:\windows\BDOSCAN8\plugins\emalware.351
c:\windows\BDOSCAN8\plugins\emalware.352
c:\windows\BDOSCAN8\plugins\emalware.353
c:\windows\BDOSCAN8\plugins\emalware.354
c:\windows\BDOSCAN8\plugins\emalware.355
c:\windows\BDOSCAN8\plugins\emalware.356
c:\windows\BDOSCAN8\plugins\emalware.357
c:\windows\BDOSCAN8\plugins\emalware.358
c:\windows\BDOSCAN8\plugins\emalware.359
c:\windows\BDOSCAN8\plugins\emalware.360
c:\windows\BDOSCAN8\plugins\emalware.361
c:\windows\BDOSCAN8\plugins\emalware.362
c:\windows\BDOSCAN8\plugins\emalware.363
c:\windows\BDOSCAN8\plugins\emalware.364
c:\windows\BDOSCAN8\plugins\emalware.365
c:\windows\BDOSCAN8\plugins\emalware.366
c:\windows\BDOSCAN8\plugins\emalware.367
c:\windows\BDOSCAN8\plugins\emalware.368
c:\windows\BDOSCAN8\plugins\emalware.369
c:\windows\BDOSCAN8\plugins\emalware.c00
c:\windows\BDOSCAN8\plugins\emalware.c01
c:\windows\BDOSCAN8\plugins\emalware.c02
c:\windows\BDOSCAN8\plugins\emalware.c03
c:\windows\BDOSCAN8\plugins\emalware.c04
c:\windows\BDOSCAN8\plugins\emalware.c05
c:\windows\BDOSCAN8\plugins\emalware.c06
c:\windows\BDOSCAN8\plugins\emalware.c07
c:\windows\BDOSCAN8\plugins\emalware.c08
c:\windows\BDOSCAN8\plugins\emalware.c09
c:\windows\BDOSCAN8\plugins\emalware.c10
c:\windows\BDOSCAN8\plugins\emalware.cvd
c:\windows\BDOSCAN8\plugins\emalware.i01
c:\windows\BDOSCAN8\plugins\emalware.i02
c:\windows\BDOSCAN8\plugins\emalware.i03
c:\windows\BDOSCAN8\plugins\emalware.i04
c:\windows\BDOSCAN8\plugins\emalware.i05
c:\windows\BDOSCAN8\plugins\emalware.i06
c:\windows\BDOSCAN8\plugins\emalware.i07
c:\windows\BDOSCAN8\plugins\emalware.i08
c:\windows\BDOSCAN8\plugins\emalware.i09
c:\windows\BDOSCAN8\plugins\emalware.i10
c:\windows\BDOSCAN8\plugins\emalware.i11
c:\windows\BDOSCAN8\plugins\emalware.i12
c:\windows\BDOSCAN8\plugins\emalware.i13
c:\windows\BDOSCAN8\plugins\emalware.i14
c:\windows\BDOSCAN8\plugins\emalware.i15
c:\windows\BDOSCAN8\plugins\emalware.i16
c:\windows\BDOSCAN8\plugins\emalware.i17
c:\windows\BDOSCAN8\plugins\emalware.i18
c:\windows\BDOSCAN8\plugins\emalware.i19
c:\windows\BDOSCAN8\plugins\emalware.i20
c:\windows\BDOSCAN8\plugins\emalware.i21
c:\windows\BDOSCAN8\plugins\emalware.i22
c:\windows\BDOSCAN8\plugins\emalware.i23
c:\windows\BDOSCAN8\plugins\emalware.i24
c:\windows\BDOSCAN8\plugins\emalware.i25
c:\windows\BDOSCAN8\plugins\emalware.i26
c:\windows\BDOSCAN8\plugins\emalware.i27
c:\windows\BDOSCAN8\plugins\emalware.i28
c:\windows\BDOSCAN8\plugins\emalware.i29
c:\windows\BDOSCAN8\plugins\emalware.i30
c:\windows\BDOSCAN8\plugins\emalware.i31
c:\windows\BDOSCAN8\plugins\emalware.i32
c:\windows\BDOSCAN8\plugins\emalware.i33
c:\windows\BDOSCAN8\plugins\emalware.i34
c:\windows\BDOSCAN8\plugins\emalware.i35
c:\windows\BDOSCAN8\plugins\emalware.i36
c:\windows\BDOSCAN8\plugins\emalware.i37
c:\windows\BDOSCAN8\plugins\emalware.i38
c:\windows\BDOSCAN8\plugins\emalware.i39
c:\windows\BDOSCAN8\plugins\emalware.i40
c:\windows\BDOSCAN8\plugins\emalware.i41
c:\windows\BDOSCAN8\plugins\emalware.i42
c:\windows\BDOSCAN8\plugins\emalware.i43
c:\windows\BDOSCAN8\plugins\emalware.i44
c:\windows\BDOSCAN8\plugins\emalware.i45
c:\windows\BDOSCAN8\plugins\emalware.i46
c:\windows\BDOSCAN8\plugins\emalware.i47
c:\windows\BDOSCAN8\plugins\emalware.i48
c:\windows\BDOSCAN8\plugins\emalware.i49
c:\windows\BDOSCAN8\plugins\emalware.i50
c:\windows\BDOSCAN8\plugins\emalware.i51
c:\windows\BDOSCAN8\plugins\emalware.i52
c:\windows\BDOSCAN8\plugins\emalware.i53
c:\windows\BDOSCAN8\plugins\emalware.i54
c:\windows\BDOSCAN8\plugins\emalware.i55
c:\windows\BDOSCAN8\plugins\emalware.i56
c:\windows\BDOSCAN8\plugins\emalware.i57
c:\windows\BDOSCAN8\plugins\emalware.i58
c:\windows\BDOSCAN8\plugins\emalware.i59
c:\windows\BDOSCAN8\plugins\emalware.i60
c:\windows\BDOSCAN8\plugins\emalware.i61
c:\windows\BDOSCAN8\plugins\emalware.i62
c:\windows\BDOSCAN8\plugins\emalware.i63
c:\windows\BDOSCAN8\plugins\emalware.i64
c:\windows\BDOSCAN8\plugins\emalware.i65
c:\windows\BDOSCAN8\plugins\emalware.i66
c:\windows\BDOSCAN8\plugins\emalware.i67
c:\windows\BDOSCAN8\plugins\emalware.i68
c:\windows\BDOSCAN8\plugins\emalware.i69
c:\windows\BDOSCAN8\plugins\emalware.i70
c:\windows\BDOSCAN8\plugins\emalware.i71
c:\windows\BDOSCAN8\plugins\emalware.i72
c:\windows\BDOSCAN8\plugins\emalware.i73
c:\windows\BDOSCAN8\plugins\emalware.i74
c:\windows\BDOSCAN8\plugins\emalware.i75
c:\windows\BDOSCAN8\plugins\emalware.i76
c:\windows\BDOSCAN8\plugins\emalware.i77
c:\windows\BDOSCAN8\plugins\emalware.i78
c:\windows\BDOSCAN8\plugins\emalware.i79
c:\windows\BDOSCAN8\plugins\emalware.i80
c:\windows\BDOSCAN8\plugins\emalware.i81
c:\windows\BDOSCAN8\plugins\emalware.i82
c:\windows\BDOSCAN8\plugins\emalware.i83
c:\windows\BDOSCAN8\plugins\emalware.i84
c:\windows\BDOSCAN8\plugins\emalware.i85
c:\windows\BDOSCAN8\plugins\emalware.i86
c:\windows\BDOSCAN8\plugins\emalware.i87
c:\windows\BDOSCAN8\plugins\emalware.i88
c:\windows\BDOSCAN8\plugins\emalware.i89
c:\windows\BDOSCAN8\plugins\emalware.i90
c:\windows\BDOSCAN8\plugins\emalware.i91
c:\windows\BDOSCAN8\plugins\emalware.i92
c:\windows\BDOSCAN8\plugins\emalware.i93
c:\windows\BDOSCAN8\plugins\emalware.i94
c:\windows\BDOSCAN8\plugins\emalware.i95
c:\windows\BDOSCAN8\plugins\emalware.i96
c:\windows\BDOSCAN8\plugins\emalware.i97
c:\windows\BDOSCAN8\plugins\emalware.i98
c:\windows\BDOSCAN8\plugins\emalware.i99
c:\windows\BDOSCAN8\plugins\emalware.ivd
c:\windows\BDOSCAN8\plugins\emalware.xmd
c:\windows\BDOSCAN8\plugins\epoc.xmd
c:\windows\BDOSCAN8\plugins\gvmscripts.cvd
c:\windows\BDOSCAN8\plugins\gzip.xmd
c:\windows\BDOSCAN8\plugins\ha.xmd
c:\windows\BDOSCAN8\plugins\hlp.xmd
c:\windows\BDOSCAN8\plugins\hpe.cvd
c:\windows\BDOSCAN8\plugins\hpe.xmd
c:\windows\BDOSCAN8\plugins\hqx.xmd
c:\windows\BDOSCAN8\plugins\html.xmd
c:\windows\BDOSCAN8\plugins\imp.xmd
c:\windows\BDOSCAN8\plugins\inno.xmd
c:\windows\BDOSCAN8\plugins\instyler.xmd
c:\windows\BDOSCAN8\plugins\iso.xmd
c:\windows\BDOSCAN8\plugins\java.cvd
c:\windows\BDOSCAN8\plugins\java.xmd
c:\windows\BDOSCAN8\plugins\jpeg.xmd
c:\windows\BDOSCAN8\plugins\lha.xmd
c:\windows\BDOSCAN8\plugins\lnk.xmd
c:\windows\BDOSCAN8\plugins\mbox.xmd
c:\windows\BDOSCAN8\plugins\mbx.xmd
c:\windows\BDOSCAN8\plugins\mdx.xmd
c:\windows\BDOSCAN8\plugins\mdx_97.cvd
c:\windows\BDOSCAN8\plugins\mdx_97.ivd
c:\windows\BDOSCAN8\plugins\mdx_w95.cvd
c:\windows\BDOSCAN8\plugins\mdx_x95.cvd
c:\windows\BDOSCAN8\plugins\mdx_xf.cvd
c:\windows\BDOSCAN8\plugins\mime.xmd
c:\windows\BDOSCAN8\plugins\mobmalware.cvd
c:\windows\BDOSCAN8\plugins\mobmalware.xmd
c:\windows\BDOSCAN8\plugins\mso.xmd
c:\windows\BDOSCAN8\plugins\na.cvd
c:\windows\BDOSCAN8\plugins\na.xmd
c:\windows\BDOSCAN8\plugins\nelf.cvd
c:\windows\BDOSCAN8\plugins\nelf.xmd
c:\windows\BDOSCAN8\plugins\nsis.xmd
c:\windows\BDOSCAN8\plugins\objd.xmd
c:\windows\BDOSCAN8\plugins\orice.rvd
c:\windows\BDOSCAN8\plugins\pdf.xmd
c:\windows\BDOSCAN8\plugins\proc.xmd
c:\windows\BDOSCAN8\plugins\pst.xmd
c:\windows\BDOSCAN8\plugins\rar.xmd
c:\windows\BDOSCAN8\plugins\regarch.cvd
c:\windows\BDOSCAN8\plugins\regarch.xmd
c:\windows\BDOSCAN8\plugins\regscan.cvd
c:\windows\BDOSCAN8\plugins\regscan.xmd
c:\windows\BDOSCAN8\plugins\rpm.xmd
c:\windows\BDOSCAN8\plugins\rtf.xmd
c:\windows\BDOSCAN8\plugins\rup.cvd
c:\windows\BDOSCAN8\plugins\rup.xmd
c:\windows\BDOSCAN8\plugins\sdx.cvd
c:\windows\BDOSCAN8\plugins\sdx.ivd
c:\windows\BDOSCAN8\plugins\sdx.xmd
c:\windows\BDOSCAN8\plugins\sfx.xmd
c:\windows\BDOSCAN8\plugins\swf.xmd
c:\windows\BDOSCAN8\plugins\tar.xmd
c:\windows\BDOSCAN8\plugins\td0.xmd
c:\windows\BDOSCAN8\plugins\thebat.xmd
c:\windows\BDOSCAN8\plugins\tnef.xmd
c:\windows\BDOSCAN8\plugins\uif.xmd
c:\windows\BDOSCAN8\plugins\unpack.cvd
c:\windows\BDOSCAN8\plugins\unpack.ivd
c:\windows\BDOSCAN8\plugins\unpack.xmd
c:\windows\BDOSCAN8\plugins\update.txt
c:\windows\BDOSCAN8\plugins\uudecode.xmd
c:\windows\BDOSCAN8\plugins\ve.cvd
c:\windows\BDOSCAN8\plugins\ve.ivd
c:\windows\BDOSCAN8\plugins\ve.xmd
c:\windows\BDOSCAN8\plugins\vedata.cvd
c:\windows\BDOSCAN8\plugins\viza.xmd
c:\windows\BDOSCAN8\plugins\wise.xmd
c:\windows\BDOSCAN8\plugins\xar.xmd
c:\windows\BDOSCAN8\plugins\xcookies.xmd
c:\windows\BDOSCAN8\plugins\xishield.xmd
c:\windows\BDOSCAN8\plugins\xlmrd.cvd
c:\windows\BDOSCAN8\plugins\xlmrd.ivd
c:\windows\BDOSCAN8\plugins\z.xmd
c:\windows\BDOSCAN8\plugins\zip.xmd
c:\windows\BDOSCAN8\plugins\zoo.xmd
c:\windows\BDOSCAN8\rtvr.html
c:\windows\BDOSCAN8\rtvr_rep.html
c:\windows\BDOSCAN8\rtvr2.html
c:\windows\BDOSCAN8\scanoptions.tsi
c:\windows\BDOSCAN8\scanoptions.tsk
c:\windows\BDOSCAN8\scanrep.html
c:\windows\BDOSCAN8\scanres.html
c:\windows\BDOSCAN8\scanres2.html
c:\windows\iun6002.exe
c:\windows\system32\[Emoticons-plus.com] Winkaa 2.0.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GUSVC
-------\Legacy_KEENFINDERSRCH_SERVICE
-------\Legacy_SEAPORT
-------\Service_gusvc
-------\Service_KeenfinderSrch Service
-------\Service_SeaPort

((((((((((((((((((((((((((((( Fichiers créés du 2009-02-10 au 2009-03-10 ))))))))))))))))))))))))))))))))))))
.

2009-03-10 00:36 . 2009-03-10 00:43 <REP> d-------- C:\ToolBar SD
2009-03-09 19:30 . 2009-03-09 20:18 <REP> d-------- c:\documents and settings\TEMP\DoctorWeb
2009-03-08 20:53 . 2009-03-08 21:11 <REP> d-------- C:\bibite
2009-03-08 17:31 . 2009-03-08 17:31 <REP> d-------- C:\GenProc
2009-03-06 16:35 . 2009-01-09 20:19 1,089,883 --------- c:\windows\system32\dllcache\ntprint.cat
2009-03-06 13:41 . 2008-10-16 02:01 1,499,648 --------- c:\windows\system32\dllcache\shdocvw.dll
2009-03-06 12:23 . 2009-03-06 12:24 <REP> d-------- c:\program files\Opera
2009-03-05 12:16 . 2009-03-05 12:16 <REP> d-------- c:\program files\Ratajik Software
2009-03-04 10:27 . 2009-03-04 10:27 <REP> d-------- c:\windows\Logs
2009-03-04 10:27 . 2009-03-04 10:27 <REP> d-------- c:\program files\Utherverse Digital Inc
2009-02-20 02:24 . 2009-03-05 20:43 <REP> d-------- c:\program files\Incomplete
2009-02-18 13:31 . 2009-02-18 13:31 <REP> d-------- c:\program files\Microsoft Sync Framework

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-10 15:48 --------- d-----w c:\program files\Microsoft
2009-03-10 13:34 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-03-10 11:21 --------- d-----w c:\documents and settings\All Users\Application Data\Avira
2009-03-09 01:10 --------- d-----w c:\program files\Replay Media Catcher
2009-03-08 12:05 --------- d-----w c:\documents and settings\TEMP\Application Data\Azureus
2009-03-07 11:19 --------- d-----w c:\program files\Fichiers communs\Adobe
2009-03-06 11:59 --------- d-----w c:\program files\UseNeXT
2009-03-06 01:54 --------- d-----w c:\program files\Free Music Zilla
2009-03-05 11:07 --------- d-----w c:\documents and settings\TEMP\Application Data\Ulead Systems
2009-03-04 11:08 --------- d-----w c:\documents and settings\TEMP\Application Data\LimeWire
2009-03-04 10:52 --------- d-----w c:\program files\LimeWire
2009-03-03 12:50 --------- d-----w c:\documents and settings\TEMP\Application Data\Orbit
2009-03-03 02:17 --------- d-----w c:\program files\Windows Live Safety Center
2009-02-27 11:00 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-18 12:31 --------- d-----w c:\program files\Windows Live
2009-02-13 00:51 --------- d-----w c:\program files\Microsoft Picture It! 10
2009-02-07 12:13 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-02-07 12:13 --------- d-----r c:\program files\Skype
2009-02-07 12:12 --------- d-----w c:\program files\IncrediMail
2009-02-07 12:03 --------- d-----w c:\documents and settings\TEMP\Application Data\skypePM
2009-02-06 18:39 308,600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 03:18 --------- d-----w c:\program files\SRSLabs
2009-02-06 03:18 --------- d-----w c:\program files\Fichiers communs\SRS
2009-02-06 03:18 --------- d-----w c:\documents and settings\All Users\Application Data\SRSLabs
2009-01-31 23:18 114,232 ----a-w c:\documents and settings\TEMP\Application Data\GDIPFONTCACHEV1.DAT
2009-01-25 10:57 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-24 22:07 --------- d-----w c:\program files\Graboid
2009-01-23 16:07 --------- d-----w c:\documents and settings\TEMP\Application Data\MozillaControl
2009-01-23 16:07 --------- d-----w c:\documents and settings\All Users\Application Data\Graboid Inc
2009-01-23 16:06 --------- d-----w c:\documents and settings\All Users\Application Data\Launcher
2009-01-12 02:26 --------- d-----w c:\program files\Google
2007-11-30 10:25 61,647,736 ----a-r c:\program files\directx_directx_9.0c_-_mise_a_jour_aout_2007_francais_10906.exe
2007-02-01 14:27 3,072 -csha-w c:\program files\Fichiers communs\Thumbs.db
1998-04-24 05:00 1,078 -c----w c:\program files\Fichiers communs\RECYFULL.ICO
2008-08-28 18:08 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008082820080829\index.dat
.

------- Sigcheck -------

2008-10-16 14:09 66584 2275f45e257d46e6500558b2930cb9a4 c:\windows\ServicePackFiles\i386\wuauclt.exe
2008-10-16 14:09 66584 2275f45e257d46e6500558b2930cb9a4 c:\windows\system32\wuauclt.exe
2008-10-16 14:09 51224 e654b78d2f1d791b30d0ed9a8195ec22 c:\windows\system32\dllcache\wuauclt.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-03-08_21.08.59.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-05-25 00:22:06 53,248 ----a-w c:\windows\bdoscandel.exe
+ 2006-05-25 00:21:00 118,784 ----a-w c:\windows\Downloaded Program Files\bdupd.dll
+ 2006-05-25 00:21:14 53,248 ----a-w c:\windows\Downloaded Program Files\ipsupd.dll
+ 2009-03-10 15:53:12 16,384 ----atw c:\windows\temp\Perflib_Perfdata_3d4.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DrvIcon"="c:\windows\XP²Vista\Vista Drive Icon\DrvIcon.exe" [2008-04-13 49152]
"Visual Task Tips"="c:\windows\XP²Vista\VisualTaskTips.exe" [2008-06-22 65536]
"TopDesk"="c:\windows\XP²Vista\TopDesk.exe" [2007-11-16 1937920]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-06-16 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42 72208 c:\program files\Fichiers communs\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Documents and Settings\\TEMP\\Mes documents\\Downloads1\\Azureus\\Azureus.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136]
S2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - AFD
*Deregistered* - ALG
*Deregistered* - AOL ACS
*Deregistered* - AudioSrv
*Deregistered* - Beep
*Deregistered* - Browser
*Deregistered* - Cdfs
*Deregistered* - CLCapSvc
*Deregistered* - CLSched
*Deregistered* - CryptSvc
*Deregistered* - CyberLink Media Library Service
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - Dnscache
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - fssfltr
*Deregistered* - fsssvc
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - helpsvc
*Deregistered* - HidServ
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - JavaQuickStarterService
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - LVUSBSta
*Deregistered* - mnmdd
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PartMgr
*Deregistered* - PCIIde
*Deregistered* - PolicyAgent
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - RichVideo
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - sfdrv01
*Deregistered* - sfhlp02
*Deregistered* - sfsync02
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - sptd
*Deregistered* - sr
*Deregistered* - srservice
*Deregistered* - Srv
*Deregistered* - stisvc
*Deregistered* - swenum
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - Update
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - VolumeFilter
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - wanatw
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - WmiApSrv
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WZCSVC
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
Toolbar-{B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)

.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Connection Wizard,ShellNext = hxxp://192.168.1.1/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Owner\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} - hxxp://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://copainsdavant.linternaute.com/html_include_bibliotheque/objimageupload(...)
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-10 16:55:29
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d0,eb,75,16,f7,e4,11,2b,6c,ce,de,94,7a,2f,b5,21,91,18,20,70,29,79,c1,
ac,40,96,a3,7c,37,76,5b,15,d5,40,bb,ac,ec,3d,fa,e4,88,8c,5c,13,23,bd,19,ef,\
"??"=hex:bc,46,c8,0a,5e,c7,50,9e,6a,8f,6f,14,c5,80,d5,74

[HKEY_USERS\S-1-5-21-1760609789-3514300150-1056817054-1005\Software\SecuROM\License information*]
"datasecu"=hex:84,21,59,c6,2e,d8,0b,d8,05,61,17,c0,71,e3,12,65,96,17,71,68,b1,
a2,5c,6e,e6,f2,1c,0a,fc,82,dd,8b,d3,19,33,e8,e9,53,cd,0f,d7,bf,be,ef,6a,08,\
"rkeysecu"=hex:9f,ca,16,75,83,0a,d6,fd,d2,a5,ab,cb,c1,0d,12,f7
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(520)
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logitech\bluetooth\LBTServ.dll

- - - - - - - > 'lsass.exe'(576)
c:\windows\system32\scecli.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\apps\Powercinema\Kernel\TV\CLSched.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Heure de fin: 2009-03-10 16:59:58 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-03-10 15:59:36
ComboFix2.txt 2009-03-09 16:30:11
ComboFix3.txt 2009-03-08 20:11:30

Avant-CF: 65 303 040 000 octets libres
Après-CF: 65,277,591,552 octets libres

1077 --- E O F --- 2009-03-06 22:41:41

répondre

pascalou95 le 10 mars 2009 à 18h43

voila le rapport de MBAM
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1831
Windows 5.1.2600 Service Pack 3

10/03/2009 18:38:19
mbam-log-2009-03-10 (18-38-19).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 181740
Temps écoulé: 1 hour(s), 14 minute(s), 29 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 25
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 7

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{02a89bf5-0ca6-4a9b-8573-776d1ef0fa22} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{125e9d24-2428-38d2-8e23-804e3275209c} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1ccc8f99-3a66-4217-bf04-d45022047b2b} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3f2579e9-ec37-3112-9bde-d2db14e95c32} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cdc0fc73-27c5-4818-b866-40e73c088e74} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e12688ce-9384-28e3-a041-4e1a9ce14506} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{98d555cc-a569-43fb-2f43-3a98ccda4b50} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{40b2127e-cc18-37d0-43ca-afa158c64001} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BrowsingEnhancer.DLL (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.codecplugin.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.xmldomdocumenteventssink.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\OOO (Rogue.LivePlayer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OOO (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\SalesMon (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SalesMon\Data (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\Owner\Local Settings\Application Data\iejhtog_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\iejhtog_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\iejhtog.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\yicyi_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\yicyi_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\yicyi.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\GenProc\outil\curl.exe (Trojan.Agent) -> Quarantined and deleted successfully.

répondre

pascalou95 le 10 mars 2009 à 20h34

pour pouvoir installer antivir pro j ai besoin de adoe reader car j ai les cles ds un fichier pdf mais voila quand j isntalle adobe il me dis que windows installer est mal installer aou autres comment faire je peux pas te poster le dernier rapport pour l instant et mon pc es toujours un zombi

:?

répondre

pascalou95 le 10 mars 2009 à 22h39

bon c bon j ai mon rapport avec antivir le voila ( j ai un windows xp officiel avec cles si besoin de formater en format iso c sa pour l installer ?)merci

répondre

pascalou95 le 10 mars 2009 à 23h37

Avira AntiVir Premium
Date de création du fichier de rapport : mardi 10 mars 2009 22:20

La recherche porte sur 1292653 souches de virus.

Détenteur de la licence :Sascha Lukas
Numéro de série : 1101039552-PEPWE-0001
Plateforme : Windows XP
Version de Windows :(Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur :LES-WARIORS

Informations de version :
BUILD.DAT : 8.2.0.33 20009 Bytes 02/12/2008 14:57:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 10/03/2009 20:58:04
AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 14:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 08:30:27
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 20:58:07
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 20:58:08
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 20:58:08
ANTIVIR3.VDF : 7.1.2.151 242688 Bytes 10/03/2009 20:58:09
Version du moteur: 8.2.0.109
AEVDF.DLL : 8.1.1.0 106868 Bytes 10/03/2009 20:58:11
AESCRIPT.DLL : 8.1.1.60 360826 Bytes 10/03/2009 20:58:11
AESCN.DLL : 8.1.1.8 127346 Bytes 10/03/2009 20:58:11
AERDL.DLL : 8.1.1.3 438645 Bytes 10/03/2009 20:58:11
AEPACK.DLL : 8.1.3.10 397686 Bytes 10/03/2009 20:58:10
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 10/03/2009 20:58:10
AEHEUR.DLL : 8.1.0.104 1634679 Bytes 10/03/2009 20:58:10
AEHELP.DLL : 8.1.2.2 119158 Bytes 10/03/2009 20:58:09
AEGEN.DLL : 8.1.1.27 336244 Bytes 10/03/2009 20:58:09
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/03/2009 20:58:09
AECORE.DLL : 8.1.6.6 176501 Bytes 10/03/2009 20:58:09
AEBB.DLL : 8.1.0.3 53618 Bytes 10/03/2009 20:58:09
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:27:58
AVREP.DLL : 8.0.0.2 98344 Bytes 10/03/2009 20:58:09
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:07
RCIMAGE.DLL : 8.0.0.51 2564353 Bytes 21/07/2008 14:46:29
RCTEXT.DLL : 8.0.51.1 90369 Bytes 14/07/2008 11:41:24

Configuration pour la recherche actuelle :
Nom de la tâche..................: Contrôle intégral du système
Fichier de configuration.........: c:\program files\avira\antivir personaledition premium\sysscan.avp
Documentation....................: bas
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Secteurs d'amorçage..............: C:,
Recherche dans les programmes actifs: marche
Recherche en cours sur l'enregistrement: marche
Recherche de Rootkits............: arrêt
Fichier mode de recherche........: Sélection de fichiers intelligente
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: moyen

Début de la recherche : mardi 10 mars 2009 22:20

La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avwebgrd.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avmailc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avesvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wltuser.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
Processus de recherche 'KHALMNPR.exe' - '1' module(s) sont contrôlés
Processus de recherche 'imapi.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SetPoint.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'fsui.exe' - '1' module(s) sont contrôlés
Processus de recherche 'VisualTaskTips.exe' - '1' module(s) sont contrôlés
Processus de recherche 'DrvIcon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'taskmgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CLSched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RichVideo.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'fsssvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CLMLService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CLMLServer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CLCapSvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'AOLacsd.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'41' processus ont été contrôlés avec '41' modules

La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD1
[INFO] Aucun virus trouvé !
[AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt.
Secteur d'amorçage maître HD2
[INFO] Aucun virus trouvé !
[AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt.
Secteur d'amorçage maître HD3
[INFO] Aucun virus trouvé !
[AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt.
Secteur d'amorçage maître HD4
[INFO] Aucun virus trouvé !
[AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt.

La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence.
Le registre a été contrôlé ( '56' fichiers).

La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\'
C:\hiberfil.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\System Volume Information\_restore{7AFC631D-71A6-4CBE-9F8F-EFDBDC0F94C6}\RP251\A0055956.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49e6e46f.qua' !
C:\WINDOWS\system32\drivers\sptd.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !

Fin de la recherche : mardi 10 mars 2009 23:32
Temps nécessaire: 1:12:11 Heure(s)

La recherche a été effectuée intégralement

9669 Les répertoires ont été contrôlés
385132 Des fichiers ont été contrôlés
1 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
1 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
3 Impossible de contrôler des fichiers
385128 Fichiers non infectés
8281 Les archives ont été contrôlées
7 Avertissements
1 Consignes

répondre

pascalou95 le 11 mars 2009 à 13h37

attend toujours une reponse merci

répondre

Curson le 11 mars 2009 à 17h00

Bonjour,

Un peu de patience.

Désactive tous tes logiciels de sécurité durant la procédure.

1) Télécharge le StarForce Removal Tool

- Dezippe-le sur ton bureau.
- Double-clique sur sfdrvrem.exe.

2) Télécharge JavaRa et suis les instructions de ce tutorial.
Poste le rapport obtenu.

3) Internet Explorer n'est pas à jour, il contient des failles de sécurités qui peuvent via des exploits sur des sites WEB conduire à l'infection.

Lire ce sujet IE6 VS IE 7 : Pourquoi maintenir son navigateur à jour ? et mets Internet Explorer 6 à jour.
En outre, tu peux faire un scan de vulnérabilités afin de vérifier que tes logiciels soient à jour sans failles de sécurités.

Comment se comporte le système ?

Cordialement.

-------
Si votre sujet reste sans réponse, merci de le signaler ici.

répondre

PRODUITS

TÉLÉCHARGER - LOGICIELS

JEUX VIDÉOS

LOISIRS

01NET PRO

AVIS ET COMMENTAIRES

A PROPOS DE 01NET

		Application iPhone 01netpro L’actualité Pro 24h/24, sur votre iPhone avec SAP.