[PB eorezo]changement pge d'accueil & modules complémentaire

Bonsoir !
Je suis sous Windows XP, Mozilla Firefox 3.5, j'ai téléchargé ya quelques jours Eodesk sur Eorezo, sans savoir que ct la merde...
depuis hier j'avais lo.st en page d'accueil, impossible de la changer en passant par les options, j'ai cherché sur le net, donc je suis allée dans programs and settings/user/application data/firefox et j'ai changé lo.st dans prefs et invalid prefs, que j'ai remplacé par google...
le soucis c que maintenant impossible de changer google dans les options !
De plus, impossible de modifier mes modules complémentaires (thèmes etc...), la configuration par défaut reste, pas possible de changer quoi que ce soit.
j'ai cherché partout des traces de fichiers en "eo" j'ai tout supprimé mais rien n'y fait.
j'ai tenté de restaurer, mais la restauration ne veut pas se faire.
j'ai passé CCleaner, l'antivirus, ainsi que malwarebytes, mais sans succès.
Merci de m'aider

Salut ptitealice81


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

merci de ta réponse voici les rapports

LOG:

Logfile of random's system information tool 1.06 (written by random/random)
Run by tof at 2009-08-09 19:49:19
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 56 GB (42%) free of 131 GB
Total RAM: 1023 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:49:28, on 09/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmon.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe
C:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\AXMA\Fax-internet\faxtray.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Plugins\Plugins\61BEB79ECBDD451F9554700542EE2D92\WinampMood.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\tof\Bureau\RSIT.exe
C:\Documents and Settings\tof\Bureau\tof.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.01net.com | http://www.telecharger.com | http://www.rmc.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par IE 8 FOURNI PAR 01NET.COM
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Mario Forever Toolbar - {463DF6D5-BEC1-4d67-B217-59DB692DFC53} - C:\Program Files\Mario Forever Toolbar\v2.0.0.3\Mario_Forever_Toolbar.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Fnac] "C:\Program Files\Fnac\Fnac.exe" /check
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [YahooWidgets] C:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe
O4 - Global Startup: Gestionnaire de lancement d'application fax.lnk = C:\Program Files\AXMA\Fax-internet\faxtray.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: karna.dat
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1c9db1cd0a766ae) (gupdate1c9db1cd0a766ae) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - file:///C://PROGRA~1//EUROBA~1//pub.bmp

--
End of file - 14343 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\A85BF49091886B50.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\SOFTWARE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-18 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-05-22 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06 61808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-04-24 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-18 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-19 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-01 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2009-03-02 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-24 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-24 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]
{463DF6D5-BEC1-4d67-B217-59DB692DFC53} - Mario Forever Toolbar - C:\Program Files\Mario Forever Toolbar\v2.0.0.3\Mario_Forever_Toolbar.dll [2007-11-03 491520]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-09-26 352256]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-18 259696]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
Locked

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-10-16 16855552]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-07-13 8466432]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-07-13 81920]
"Lexmark 2200 Series"=C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe [2004-02-13 57344]
"FaxCenterServer"=C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2004-02-04 294912]
"snpstd"=C:\WINDOWS\vsnpstd.exe [2004-06-10 286720]
"KMCONFIG"=C:\Program Files\Mouse Driver\StartAutorun.exe [2007-03-06 212992]
"RegistryMechanic"= []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-24 136600]
"fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-02-06 454000]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-05-22 198160]
"EoEngine"= []
"EoDesk3d"= []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"Fnac"=C:\Program Files\Fnac\Fnac.exe [2009-02-26 933984]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2009-03-22 251264]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
""= []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-08-08 1830128]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2008-09-29 1279216]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-27 68856]
"YahooWidgets"=C:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe [2009-03-19 4742184]
"VistaStartMenu"=C:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe [2009-03-19 2171392]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-03-02 3399727]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-18 21633320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftwareHelper]
C:\Documents and Settings\tof\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2008-09-26 3660848]

C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
Gestionnaire de lancement d'application fax.lnk - C:\Program Files\AXMA\Fax-internet\faxtray.exe
Post-it® Software Notes Lite.lnk - C:\Program Files\3M\PSNLite\PsnLite.exe

C:\Documents and Settings\tof\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
Yahoo! Widgets.lnk - C:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="karna.dat"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-08-08 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TDSSjnfo.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDSSjnfo.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoRun"=0
"NoFind"=0
"NoLogOff"=0
"NoSetFolders"=0
"DisallowRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Documents and Settings\tof\Bureau\incredimail_incredimail_build_3088_francais_10318.exe"="C:\Documents and Settings\tof\Bureau\incredimail_incredimail_build_3088_francais_10318.exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Kazaa\kazaa.exe"="C:\Program Files\Kazaa\kazaa.exe:*:Enabled:Kazaa"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\tof\Bureau\Raccourcis Bureau non utilisés\fox\FoxHot.exe"="C:\Documents and Settings\tof\Bureau\Raccourcis Bureau non utilisés\fox\FoxHot.exe:*:Enabled:Foxmail-Hotmail Proxy Application"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
"C:\WINDOWS\system32\drivers\svchost.exe"="C:\WINDOWS\system32\drivers\svchost.exe:*:Disabled:svchost"
"C:\Documents and Settings\tof\Mes documents\aMSNPortable\App\aMSN\bin\wish.exe"="C:\Documents and Settings\tof\Mes documents\aMSNPortable\App\aMSN\bin\wish.exe:*:Enabled:Wish Application"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{75ada59e-f4b0-11dd-8b9e-001a922287ca}]
shell\AutoRun\command - E:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b9ef25a5-cf91-11dc-8b12-001a922287ca}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe


======List of files/folders created in the last 1 months======

2009-08-09 19:49:19 ----DC---- C:\rsit
2009-08-09 18:36:08 ----D---- C:\Program Files\Winamp Toolbar
2009-08-09 18:35:27 ----D---- C:\Program Files\Winamp
2009-08-09 18:35:27 ----D---- C:\Documents and Settings\tof\Application Data\Winamp
2009-08-09 17:45:16 ----A---- C:\WINDOWS\ntbtlog.txt
2009-08-09 16:06:44 ----D---- C:\Program Files\Mozilla Firefox
2009-08-09 14:14:01 ----D---- C:\WINDOWS\ie8updates
2009-08-09 14:09:40 ----HDC---- C:\WINDOWS\ie8
2009-08-08 15:10:37 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-08-08 01:18:56 ----D---- C:\Program Files\Fnac
2009-08-07 21:21:34 ----D---- C:\Documents and Settings\tof\Application Data\3M
2009-08-07 00:00:36 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-08-06 19:57:05 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2009-08-06 19:56:51 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\SweetIM
2009-08-06 19:55:08 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony Ericsson
2009-08-06 19:55:07 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Teleca
2009-08-06 19:54:14 ----D---- C:\Documents and Settings\tof\Application Data\InstallShield
2009-08-06 19:54:01 ----D---- C:\Program Files\Play65
2009-08-06 19:52:19 ----D---- C:\Program Files\MSN Messenger
2009-08-06 19:52:17 ----D---- C:\Program Files\Windows Live Toolbar
2009-08-06 19:52:17 ----D---- C:\Program Files\Windows Live SkyDrive
2009-08-06 19:52:17 ----D---- C:\Program Files\msn
2009-08-06 19:51:20 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-08-06 19:50:57 ----D---- C:\Program Files\MSN Apps
2009-08-06 19:50:55 ----D---- C:\Program Files\Messenger Plus! Live
2009-07-29 03:01:10 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2009-07-28 02:12:50 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-07-16 03:30:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-16 03:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-16 03:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$

======List of files/folders modified in the last 1 months======

2009-08-09 19:47:02 ----D---- C:\Documents and Settings\tof\Application Data\Free Download Manager
2009-08-09 19:42:12 ----D---- C:\Documents and Settings\tof\Application Data\Skype
2009-08-09 18:42:14 ----D---- C:\Documents and Settings\tof\Application Data\Vista Start Menu
2009-08-09 18:40:45 ----D---- C:\WINDOWS\Temp
2009-08-09 18:39:45 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-09 18:39:36 ----D---- C:\WINDOWS
2009-08-09 18:37:33 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-08-09 18:36:08 ----RD---- C:\Program Files
2009-08-09 18:21:08 ----DC---- C:\Downloads
2009-08-09 18:07:15 ----RASHC---- C:\boot.ini
2009-08-09 18:07:15 ----A---- C:\WINDOWS\system.ini
2009-08-09 17:55:18 ----D---- C:\WINDOWS\pss
2009-08-09 17:52:05 ----D---- C:\Program Files\The Adventure Company
2009-08-09 17:51:14 ----SHDC---- C:\Config.Msi
2009-08-09 17:51:14 ----SHD---- C:\WINDOWS\Installer
2009-08-09 17:51:14 ----HD---- C:\WINDOWS\inf
2009-08-09 17:51:14 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-08-09 17:46:56 ----D---- C:\WINDOWS\Prefetch
2009-08-09 16:34:06 ----D---- C:\WINDOWS\system32
2009-08-09 16:33:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-09 16:33:46 ----D---- C:\Program Files\SUPERAntiSpyware
2009-08-09 16:33:27 ----D---- C:\WINDOWS\WBEM
2009-08-09 16:32:47 ----D---- C:\Program Files\Internet Explorer
2009-08-09 16:32:44 ----HD---- C:\WINDOWS\msdownld.tmp
2009-08-09 16:01:55 ----D---- C:\Documents and Settings\tof\Application Data\skypePM
2009-08-09 15:33:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-08-09 14:19:15 ----D---- C:\WINDOWS\Debug
2009-08-09 14:16:32 ----D---- C:\WINDOWS\system32\fr-fr
2009-08-09 14:16:31 ----D---- C:\WINDOWS\Help
2009-08-09 14:14:13 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-09 14:11:58 ----D---- C:\WINDOWS\system32\config
2009-08-09 14:11:39 ----D---- C:\WINDOWS\Media
2009-08-09 03:38:29 ----D---- C:\Documents and Settings\tof\Application Data\dvdcss
2009-08-08 23:39:59 ----D---- C:\WINDOWS\system32\drivers
2009-08-07 13:13:05 ----D---- C:\Program Files\QuickTime
2009-08-07 00:07:23 ----RSD---- C:\WINDOWS\Fonts
2009-08-07 00:07:23 ----D---- C:\WINDOWS\Cursors
2009-08-07 00:07:23 ----D---- C:\Program Files\Outlook Express
2009-08-07 00:07:23 ----D---- C:\Program Files\Movie Maker
2009-08-07 00:07:21 ----D---- C:\WINDOWS\system32\usmt
2009-08-07 00:03:48 ----A---- C:\WINDOWS\BricoPackUninst.txt
2009-08-07 00:03:48 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2009-08-06 23:59:19 ----D---- C:\WINDOWS\BricoPacks
2009-08-06 20:12:15 ----D---- C:\Documents and Settings\tof\Application Data\Samsung
2009-08-06 20:11:15 ----DC---- C:\Gamigo Games
2009-08-06 20:09:19 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-06 20:07:23 ----D---- C:\Program Files\Fichiers communs
2009-08-06 19:57:29 ----D---- C:\WINDOWS\system32\wbem
2009-08-06 19:57:29 ----D---- C:\WINDOWS\Registration
2009-08-06 19:57:09 ----DC---- C:\Ares Tube
2009-08-06 19:57:04 ----D---- C:\Program Files\WordBiz
2009-08-06 19:55:24 ----D---- C:\Program Files\Fichiers communs\Teleca Shared
2009-08-06 19:51:44 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-08-06 19:51:11 ----D---- C:\Program Files\Windows Live
2009-08-06 15:06:47 ----SD---- C:\Documents and Settings\tof\Application Data\Microsoft
2009-08-05 20:43:25 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-05 20:43:25 ----D---- C:\Program Files\Samsung
2009-08-05 20:42:39 ----D---- C:\Program Files\Sony
2009-08-05 20:40:24 ----D---- C:\WINDOWS\WinSxS
2009-08-05 20:40:23 ----D---- C:\WINDOWS\Downloaded Installations
2009-08-05 20:31:52 ----D---- C:\Documents and Settings\tof\Application Data\SUPERAntiSpyware.com
2009-08-05 20:31:47 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-08-05 20:30:29 ----D---- C:\Program Files\Yahoo!
2009-08-04 17:54:34 ----A---- C:\WINDOWS\lexstat.ini
2009-08-03 10:58:30 ----D---- C:\Program Files\ShotOnline
2009-08-01 20:38:46 ----D---- C:\Program Files\Microsoft Silverlight
2009-07-28 17:03:20 ----D---- C:\Documents and Settings\tof\Application Data\BitTorrent
2009-07-28 02:15:57 ----D---- C:\Program Files\DivX
2009-07-26 16:24:50 ----D---- C:\WINDOWS\Minidump
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-18 18:03:49 ----A---- C:\WINDOWS\system32\shdocvw.dll
2009-07-16 03:36:02 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-05-11 278728]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-05-11 25416]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-02-26 43520]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-10-16 4615168]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-07-13 6807744]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 snpstd;VideoCAM Messenger; C:\WINDOWS\system32\DRIVERS\snpstd.sys [2004-06-25 331008]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files\Goa\PangYa_Eu\GameGuard\dump_wmimmc.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 hitmanpro2;Hitman Pro 2 Driver; \??\C:\Program Files\Hitman Pro\hitmanpro2.sys []
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 SE2Fbus;Sony Ericsson Device 047 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Fbus.sys [2006-11-10 61600]
S3 SE2Fmdfl;Sony Ericsson Device 047 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Fmdfl.sys [2006-11-10 9360]
S3 SE2Fmdm;Sony Ericsson Device 047 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Fmdm.sys [2006-11-10 97184]
S3 SE2Fmgmt;Sony Ericsson Device 047 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Fmgmt.sys [2006-11-10 88688]
S3 se2Fnd5;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (NDIS); C:\WINDOWS\system32\DRIVERS\se2Fnd5.sys [2006-11-10 18704]
S3 SE2Fobex;Sony Ericsson Device 047 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Fobex.sys [2006-11-10 86560]
S3 se2Funic;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (WDM); C:\WINDOWS\system32\DRIVERS\se2Funic.sys [2006-11-10 90800]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-24 152984]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2004-01-14 311296]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-07-13 155716]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 gupdate1c9db1cd0a766ae;Service Google Update (gupdate1c9db1cd0a766ae); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-22 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-10-10 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-01 182768]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-02-15 2794234]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------








Info


info.txt logfile of random's system information tool 1.06 2009-08-09 19:49:31

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->MsiExec /X{7032E73F-68A0-48F9-8100-E70E79169BAE}
-->MsiExec.exe /X{69495273-FCDC-4A86-BCB7-49B504D3FB0E}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22EB2FA7-1BA0-4FFB-972F-353EC6ABA9D5}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x40c /cont -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x40c -removeonly
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
ABBYY FineReader 5.0 Sprint Plus-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Stock Photos 1.0-->MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
AGEIA PhysX v6.12.02-->MsiExec.exe /X{7032E73F-68A0-48F9-8100-E70E79169BAE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ares Tube 3.0-->"c:\Ares Tube\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AXMA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\AXMA\Fax-internet\Uninst.isu" -c"C:\Program Files\AXMA\Fax-internet\install.dll"
Bink and Smacker-->C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DD PlayCam-->C:\WINDOWS\unvise32.exe C:\Program Files\DD PlayCam\1.0\Thempty.log
Désinstallation du Fnac Video Manager-->C:\Program Files\Fnac\uninst-Fnac.exe
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Decoder Pak for Windows XP-->MsiExec.exe /X{92C5DB3D-9D6F-4324-BB11-57825F4C2635}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall
Favorit-->"c:\documents and settings\tof\local settings\application data\uwmko.exe" -uninstall
Free Download Manager 3.0-->C:\Program Files\Free Download Manager\uninst.exe
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\2.0.172.39\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\tof\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IncrediMail-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Keyboard & Mouse Driver-->C:\Program Files\InstallShield Installation Information\{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}\setup.exe -runfromtemp -l0x0409
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lexmark 2200 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBVUN5C.EXE -dLexmark 2200 Series
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Mario Forever 3.0-->"C:\WINDOWS\Mario_Forever_Toolbar_Uninstaller_7968.exe" -hu _?=C:\Program Files\Mario Forever Toolbar
Mario Forever Toolbar-->"C:\WINDOWS\Mario_Forever_Toolbar_Uninstaller_7968.exe" _?=C:\Program Files\Mario Forever Toolbar
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst

Salut ptitealice81


Télécharge combofix.exe (de sUBs) sur le bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm


==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

Double clique sur combofix.exe, clique sur OUI et valide par Entrée

Il te sera demandé d’installer la console si elle n’est pas installer, clique sur NON

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\ Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


@++

Voici le rapport combofix (qui soit dit en passant m'a changé mon fond d'ecran )

ComboFix 09-08-08.04 - tof 09/08/2009 20:11.1.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.495 [GMT 2:00]
Running from: c:\documents and settings\tof\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090808-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Altnet
c:\program files\Altnet\DBBackup\Sigfiles.db
c:\program files\Altnet\Download Manager\admdata.dll
c:\program files\Altnet\Download Manager\dminfo3.cab
c:\program files\Altnet\Download Manager\dminstall7.cab
c:\program files\Altnet\Download Manager\dmsetup.bmp
c:\program files\Altnet\Download Manager\dmsetupbig.bmp
c:\program files\Altnet\Download Manager\jsinstall.cab
c:\program files\Altnet\Download Manager\jslegals.txt
c:\program files\Altnet\Download Manager\selectdir.txt
c:\program files\Altnet\Download Manager\selectdir1st.txt
c:\program files\Need2Find
c:\program files\Need2Find\bar\1.bin\N2FFXTBR.JAR
c:\program files\Need2Find\bar\1.bin\N2NTSTBR.JAR
c:\program files\Need2Find\bar\1.bin\PARTNER.DAT
c:\program files\Need2Find\bar\Cache\033E968D
c:\program files\Need2Find\bar\Cache\files.ini
c:\program files\Need2Find\bar\History\search
c:\program files\Need2Find\bar\Settings\prevcfg.htm
c:\recycler\S-1-5-21-1844237615-1390067357-839522115-1003

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Legacy_TDSSSERV
-------\Service_TDSSserv


((((((((((((((((((((((((( Files Created from 2009-07-09 to 2009-08-09 )))))))))))))))))))))))))))))))
.

2009-08-09 17:49 . 2009-08-09 17:49 -------- dc----w- C:\rsit
2009-08-09 16:36 . 2009-08-09 16:36 -------- d-----w- c:\program files\Winamp Toolbar
2009-08-09 16:35 . 2009-08-09 16:37 -------- d-----w- c:\documents and settings\tof\Application Data\Winamp
2009-08-09 16:35 . 2009-08-09 16:36 -------- d-----w- c:\program files\Winamp
2009-08-09 15:44 . 2009-08-09 15:44 -------- d-sh--w- c:\documents and settings\tof\PrivacIE
2009-08-09 12:19 . 2009-08-09 12:19 -------- d-sh--w- c:\documents and settings\tof\IECompatCache
2009-08-09 12:17 . 2009-08-09 12:17 -------- d-sh--w- c:\documents and settings\tof\IETldCache
2009-08-09 12:14 . 2009-08-09 12:14 -------- d-----w- c:\windows\ie8updates
2009-08-09 12:09 . 2009-08-09 14:33 -------- dc-h--w- c:\windows\ie8
2009-08-09 12:07 . 2009-07-03 16:57 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-08-09 12:07 . 2009-07-03 16:57 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-08-09 12:07 . 2009-07-03 16:57 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-08-09 12:07 . 2009-07-03 16:57 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-08-09 12:07 . 2009-07-03 16:57 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-08-09 12:06 . 2009-07-01 07:08 101376 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-08-08 13:11 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-08 13:11 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-08 13:11 . 2009-02-05 20:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-08-08 13:11 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-08-08 13:11 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-08 13:11 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-08 13:11 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-08-08 13:11 . 2009-02-05 20:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-08-08 13:10 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-07 23:19 . 2009-08-07 23:19 -------- d-----w- c:\documents and settings\tof\Local Settings\Application Data\Glowria
2009-08-07 23:18 . 2009-08-07 23:18 -------- d-----w- c:\program files\Fnac
2009-08-07 19:21 . 2009-08-07 19:21 -------- d-----w- c:\documents and settings\tof\Application Data\3M
2009-08-06 22:00 . 2009-08-06 22:03 5366 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2009-08-06 21:02 . 2008-12-03 23:25 120832 ----a-w- c:\documents and settings\tof\Application Data\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll
2009-08-06 18:49 . 2009-07-09 09:01 110592 ----a-w- c:\documents and settings\tof\Application Data\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
2009-08-06 18:01 . 2009-08-09 18:20 117760 ----a-w- c:\documents and settings\tof\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-08-06 17:57 . 2009-08-06 17:57 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-06 17:57 . 2009-08-06 17:57 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2009-08-06 17:56 . 2009-08-09 15:44 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SweetIM
2009-08-06 17:55 . 2009-08-06 17:55 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Sony Ericsson
2009-08-06 17:55 . 2009-08-06 17:55 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Teleca
2009-08-06 17:54 . 2009-08-06 17:54 -------- d-----w- c:\documents and settings\tof\Application Data\InstallShield
2009-08-06 17:54 . 2009-08-06 17:54 -------- d-----w- c:\program files\Play65
2009-08-06 17:52 . 2009-08-06 17:52 -------- d-----w- c:\program files\MSN Messenger
2009-08-06 17:52 . 2009-08-06 17:52 -------- d-----w- c:\program files\Windows Live Toolbar
2009-08-06 17:52 . 2009-08-06 17:52 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-06 17:51 . 2009-08-06 17:51 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-08-06 17:50 . 2009-08-06 17:50 -------- d-----w- c:\program files\MSN Apps
2009-08-06 17:50 . 2009-08-06 17:50 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-28 00:12 . 2009-07-28 00:12 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
2009-07-19 16:45 . 2009-07-19 16:45 11067392 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-07-17 20:28 . 2009-08-01 21:47 -------- d-----w- c:\documents and settings\tof\Local Settings\Application Data\Temp
2009-07-15 17:35 . 2009-07-15 17:35 62760 ----a-w- c:\documents and settings\tof\Application Data\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
2009-07-13 12:59 . 2009-07-13 12:59 -------- d-----w- c:\documents and settings\tof\Local Settings\Application Data\Winamp Toolbar

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-09 18:24 . 2009-06-05 07:54 -------- d-----w- c:\documents and settings\tof\Application Data\Free Download Manager
2009-08-09 17:42 . 2009-03-26 16:11 -------- d-----w- c:\documents and settings\tof\Application Data\Skype
2009-08-09 16:42 . 2009-04-22 20:26 -------- d-----w- c:\documents and settings\tof\Application Data\Vista Start Menu
2009-08-09 15:52 . 2008-05-11 17:06 -------- d-----w- c:\program files\The Adventure Company
2009-08-09 14:33 . 2008-10-20 16:31 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-08-09 14:01 . 2009-01-03 22:00 -------- d-----w- c:\documents and settings\tof\Application Data\skypePM
2009-08-09 13:33 . 2004-08-05 12:00 79240 ----a-w- c:\windows\system32\perfc00C.dat
2009-08-09 13:33 . 2004-08-05 12:00 478950 ----a-w- c:\windows\system32\perfh00C.dat
2009-08-09 01:38 . 2008-08-24 16:01 -------- d-----w- c:\documents and settings\tof\Application Data\dvdcss
2009-08-07 11:13 . 2009-01-02 15:04 -------- d-----w- c:\program files\QuickTime
2009-08-06 22:03 . 2009-04-22 21:01 72382 ----a-w- c:\windows\BricoPackUninst.cmd
2009-08-06 19:32 . 2007-10-29 16:37 73968 ----a-w- c:\documents and settings\tof\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-06 18:12 . 2008-01-15 22:07 -------- d-----w- c:\documents and settings\tof\Application Data\Samsung
2009-08-06 17:57 . 2009-04-22 19:59 -------- d-----w- c:\program files\WordBiz
2009-08-06 17:55 . 2007-05-25 08:42 -------- d-----w- c:\program files\Fichiers communs\Teleca Shared
2009-08-06 17:51 . 2007-09-30 20:46 -------- d-----w- c:\program files\Windows Live
2009-08-05 18:43 . 2007-09-29 16:41 -------- d-----w- c:\program files\Samsung
2009-08-05 18:43 . 2006-09-08 15:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-05 18:42 . 2007-12-23 21:14 -------- d-----w- c:\program files\Sony
2009-08-05 18:31 . 2008-10-20 16:31 -------- d-----w- c:\documents and settings\tof\Application Data\SUPERAntiSpyware.com
2009-08-05 18:31 . 2006-11-07 18:50 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-08-05 18:30 . 2007-02-26 19:12 -------- d-----w- c:\program files\Yahoo!
2009-08-03 08:58 . 2008-11-02 23:18 -------- d-----w- c:\program files\ShotOnline
2009-08-01 18:38 . 2008-08-11 10:43 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-28 15:03 . 2008-05-31 13:30 -------- d-----w- c:\documents and settings\tof\Application Data\BitTorrent
2009-07-28 00:15 . 2006-10-01 09:08 -------- d-----w- c:\program files\DivX
2009-07-16 01:36 . 2007-11-01 21:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-07-04 20:36 . 2007-10-28 00:05 -------- d-----w- c:\program files\eMule
2009-07-03 16:57 . 2004-08-05 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-21 18:48 . 2009-06-21 18:48 -------- d-----w- c:\program files\Goa
2009-06-21 15:46 . 2009-06-21 15:46 516096 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Skype\Plugins\Plugins\61BEB79ECBDD451F9554700542EE2D92\WinampMood.exe
2009-06-21 15:25 . 2009-06-21 15:25 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Winamp Toolbar
2009-06-16 14:40 . 2004-08-05 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 2004-08-05 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 02:56 . 2008-01-31 00:15 -------- d-----w- c:\program files\Everest Poker
2009-06-03 19:10 . 2004-08-05 12:00 1297408 ----a-w- c:\windows\system32\quartz.dll
2009-05-12 12:21 . 2009-01-09 21:20 10 ----a-w- c:\windows\popcinfo.dat
2009-02-11 06:07 . 2009-02-11 06:07 5632 --sha-w- c:\program files\Thumbs.db
2008-10-20 16:19 . 2008-10-20 16:19 18737 ----a-w- c:\program files\Fichiers communs\rocygugymu.bat
2008-10-20 15:51 . 2008-10-20 15:51 18178 ----a-w- c:\program files\Fichiers communs\ovih.sys
2008-10-20 12:59 . 2008-10-20 12:59 16816 ----a-w- c:\program files\Fichiers communs\ubeq.sys
2008-10-20 12:21 . 2008-10-20 12:21 18071 ----a-w- c:\program files\Fichiers communs\ojuhucemi.dll
2008-10-20 01:22 . 2008-10-20 01:22 19388 ----a-w- c:\program files\Fichiers communs\cocuzazedo.reg
2008-10-20 01:22 . 2008-10-20 01:22 18387 ----a-w- c:\program files\Fichiers communs\ocahedi.scr
2008-10-20 01:22 . 2008-10-20 01:22 13732 ----a-w- c:\program files\Fichiers communs\huwoh.pif
2008-10-20 01:22 . 2008-10-20 01:22 13394 ----a-w- c:\program files\Fichiers communs\fena.exe
2008-10-20 01:22 . 2008-10-20 01:22 12826 ----a-w- c:\program files\Fichiers communs\sohusaro.sys
2008-10-20 01:22 . 2008-10-20 01:22 11898 ----a-w- c:\program files\Fichiers communs\abuniwako.vbs
2008-10-20 01:18 . 2008-10-20 01:18 19883 ----a-w- c:\program files\Fichiers communs\umehorali.dll
2008-10-20 01:18 . 2008-10-20 01:18 17504 ----a-w- c:\program files\Fichiers communs\ufowep.dat
2008-10-20 01:18 . 2008-10-20 01:18 15998 ----a-w- c:\program files\Fichiers communs\vomal.dll
2008-10-20 01:18 . 2008-10-20 01:18 13344 ----a-w- c:\program files\Fichiers communs\vapoxip._sy
2008-10-20 01:18 . 2008-10-20 01:18 12456 ----a-w- c:\program files\Fichiers communs\funyxyta.dl
2007-04-02 04:09 . 2006-09-08 15:47 245760 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-03-22 251264]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-08-08 1830128]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-09-29 1279216]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 68856]
"YahooWidgets"="c:\program files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe" [2009-03-19 4742184]
"VistaStartMenu"="c:\program files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe" [2009-03-19 2171392]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-03-02 3399727]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-13 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-13 81920]
"Lexmark 2200 Series"="c:\program files\Lexmark 2200 Series\lxbvbmgr.exe" [2004-02-13 57344]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2004-02-04 294912]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-24 136600]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-05-22 198160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"Fnac"="c:\program files\Fnac\Fnac.exe" [2009-02-26 933984]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\Rthdcpl.exe [2007-10-16 16855552]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-07-13 1626112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Christophe Alegre\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\tof\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-12-23 344064]
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]
Yahoo! Widgets.lnk - c:\program files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe [2009-4-22 4742184]

c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
Gestionnaire de lancement d'application fax.lnk - c:\program files\AXMA\Fax-internet\faxtray.exe [2009-5-27 335872]
Post-it© Software Notes Lite.lnk - c:\program files\3M\PSNLite\PsnLite.exe [2004-10-15 2080768]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-08-08 18:29 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"13277:TCP"= 13277:TCP:BitComet 13277 TCP
"13277:UDP"= 13277:UDP:BitComet 13277 UDP

R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [28/10/2007 11:28 15172]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [08/08/2009 15:11 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [03/09/2008 14:07 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [03/09/2008 14:07 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [08/08/2009 15:11 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [23/12/2008 15:46 55152]
R2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [03/09/2008 14:07 7408]
S2 gupdate1c9db1cd0a766ae;Service Google Update (gupdate1c9db1cd0a766ae);c:\program files\Google\Update\GoogleUpdate.exe [22/05/2009 22:35 133104]
S3 dump_wmimmc;dump_wmimmc;\??\c:\program files\Goa\PangYa_Eu\GameGuard\dump_wmimmc.sys --> c:\program files\Goa\PangYa_Eu\GameGuard\dump_wmimmc.sys [?]
S3 hitmanpro2;Hitman Pro 2 Driver;c:\program files\Hitman Pro\hitmanpro2.sys [24/01/2007 16:04 10336]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SE2Fbus;Sony Ericsson Device 047 Driver driver (WDM);c:\windows\system32\drivers\SE2Fbus.sys [28/10/2007 12:55 61600]
S3 SE2Fmdfl;Sony Ericsson Device 047 USB WMC Modem Filter;c:\windows\system32\drivers\SE2Fmdfl.sys [28/10/2007 12:58 9360]
S3 SE2Fmdm;Sony Ericsson Device 047 USB WMC Modem Driver;c:\windows\system32\drivers\SE2Fmdm.sys [28/10/2007 12:58 97184]
S3 SE2Fmgmt;Sony Ericsson Device 047 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\SE2Fmgmt.sys [28/10/2007 12:59 88688]
S3 se2Fnd5;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (NDIS);c:\windows\system32\drivers\se2Fnd5.sys [28/10/2007 12:59 18704]
S3 SE2Fobex;Sony Ericsson Device 047 USB WMC OBEX Interface;c:\windows\system32\drivers\SE2Fobex.sys [28/10/2007 12:59 86560]
S3 se2Funic;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (WDM);c:\windows\system32\drivers\se2Funic.sys [28/10/2007 12:59 90800]
.
Contents of the 'Scheduled Tasks' folder

2009-08-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-22 20:35]

2009-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-22 20:35]
.
- - - - ORPHANS REMOVED - - - -

BHO-{EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
Toolbar-Locked - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
HKLM-Run-RegistryMechanic - (no file)
HKLM-Run-EoEngine - (no file)
HKLM-Run-EoDesk3d - (no file)
SafeBoot-TDSSjnfo.sys


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.fr/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 3128
Trusted Zone: fnac.com\vod
FF - ProfilePath - c:\documents and settings\tof\Application Data\Mozilla\Firefox\Profiles\0qyyur6j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocat(...)
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocat(...)
FF - component: c:\documents and settings\tof\Application Data\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- FIREFOX POLICIES ----

FF - user.js: browser.sessionstore.resume_from_crash - false
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-09 20:20
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(748)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL

- - - - - - - > 'lsass.exe'(804)
c:\windows\system32\scecli.dll

- - - - - - - > 'explorer.exe'(4024)
c:\windows\system32\SHDOCVW.dll
c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
c:\program files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.dll
c:\windows\system32\msi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Mouse Driver\KMCONFIG.exe
c:\program files\Lexmark 2200 Series\lxbvbmon.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Mouse Driver\KMProcess.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\IncrediMail\bin\ImApp.exe
c:\progra~1\3M\PSNLite\PSNGive.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\documents and settings\All Users.WINDOWS\Application Data\Skype\Plugins\Plugins\61BEB79ECBDD451F9554700542EE2D92\WinampMood.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Completion time: 2009-08-09 20:27 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-09 18:27
ComboFix2.txt 2007-10-25 15:30

Pre-Run: 58 229 448 704 octets libres
Post-Run: 59 422 167 040 octets libres

386 --- E O F --- 2009-08-01 01:00

Salut ptitealice81

Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

Déconnecte-toi et ferme toutes applications en cours

Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).

Double-clique sur l'icône AD-Remover située sur ton Bureau.

Au menu principal, choisis l'option L.

Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

Aide : http://commentcestfait.forumactif.net/tutos-securite-f31/tutorielad-remover-t(...)


@++

merci
voici le rapport de AD REMOVER

.
======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 24/06/2009 à 7:10 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 20:52:01, 09/08/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: TOTOF-53DF5DC79 | Utilisateur actuel: tof
.
Administrateur: Administrateur
N'est pas administrateur: ASPNET
N'est pas administrateur: HelpAssistant *Desactive*
N'est pas administrateur: Invité *Desactive*
N'est pas administrateur: SUPPORT_388945a0 *Desactive*
Administrateur: tof
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
HKCR\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
HKCR\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
HKCR\SWEETIE.IEToolbar
HKCR\SWEETIE.IEToolbar.1
HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKCR\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKCU\Software\EoRezo
HKCU\Software\Grand Virtual
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKCU\Software\pacificpoker
HKCU\Software\SweetIM
HKCU\Software\VB and VBA Program Settings\eurobarre
HKLM\Software\EoRezo
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\shared tools\msconfig\startupreg\SoftwareHelper
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{266C7330-C0F4-49E5-8F20-A56F9F822875}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
HKLM\Software\SweetIM
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
.
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SweetIM\Toolbars
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SweetIM\Toolbars\Internet Explorer
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SweetIM\Toolbars\Internet Explorer\cache
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SweetIM
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Everest Casino\Everest Casino.lnk
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Everest Casino\Uninstall Everest Casino.lnk
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Everest Casino
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Everest Poker\Everest Poker.lnk
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Everest Poker\Uninstall Everest Poker.lnk
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Everest Poker
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Kiwee Toolbar\FAQ.url
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Kiwee Toolbar\Help Forum.url
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Kiwee Toolbar\Privacy Policy.url
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Kiwee Toolbar\Read License Agreement.url
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Kiwee Toolbar\Send Us Feedback.url
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Kiwee Toolbar\Visit Kiwee.com.url
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\Kiwee Toolbar
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome.manifest
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\install.rdf
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar.jar
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components\SIMAutoCompleteSearch.js
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\manifest.mf
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\zigbert.rsa
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\zigbert.sf
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\SweetIMToolbarData\logs
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\SweetIMToolbarData
C:\Program Files\Eurobarre\inf.bmp
C:\Program Files\Eurobarre\pub.bmp
C:\Program Files\Eurobarre\skin
C:\Program Files\Eurobarre\Thumbs.db
C:\Program Files\Eurobarre\skin\doslike.gif
C:\Program Files\Eurobarre\skin\doslike.txt
C:\Program Files\Eurobarre
C:\Program Files\Everest Poker\cstart-tmp.exe
C:\Program Files\Everest Poker\cstart.exe
C:\Program Files\Everest Poker\data
C:\Program Files\Everest Poker\Everest Poker.exe
C:\Program Files\Everest Poker\gvbase.dll
C:\Program Files\Everest Poker\gvcrt.dll
C:\Program Files\Everest Poker\gvgfx-dib.dll
C:\Program Files\Everest Poker\gvgfx.dll
C:\Program Files\Everest Poker\gvmain.dll
C:\Program Files\Everest Poker\gvmain.exe
C:\Program Files\Everest Poker\gvnetwork.dll
C:\Program Files\Everest Poker\gvsound.dll
C:\Program Files\Everest Poker\history
C:\Program Files\Everest Poker\init.ini
C:\Program Files\Everest Poker\log.dat
C:\Program Files\Everest Poker\notes
C:\Program Files\Everest Poker\settings.ini
C:\Program Files\Everest Poker\toc_fr.ini
C:\Program Files\Everest Poker\var
C:\Program Files\Everest Poker\data\fonts
C:\Program Files\Everest Poker\data\mp-lobby
C:\Program Files\Everest Poker\data\mp-poker
C:\Program Files\Everest Poker\data\shared
C:\Program Files\Everest Poker\data\startup
C:\Program Files\Everest Poker\data\fonts\kgp-en.ttf
C:\Program Files\Everest Poker\data\mp-lobby\fr.gvt
C:\Program Files\Everest Poker\data\mp-lobby\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background
C:\Program Files\Everest Poker\data\mp-poker\fr
C:\Program Files\Everest Poker\data\mp-poker\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\black.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\contemp.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\default.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\hawaii.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\japan.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\med.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\medieval.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\bitmaps.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_strings.txt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_tutorial.txt
C:\Program Files\Everest Poker\data\shared\fr
C:\Program Files\Everest Poker\data\shared\shared
C:\Program Files\Everest Poker\data\shared\fr\country.txt
C:\Program Files\Everest Poker\data\shared\fr\language.txt
C:\Program Files\Everest Poker\data\shared\fr\ordinal.txt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps
C:\Program Files\Everest Poker\data\shared\shared\sounds
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\check.art
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art
C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\carddeal.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\cardflip.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\chipclick.ogg
C:\Program Files\Everest Poker\data\startup\en
C:\Program Files\Everest Poker\data\startup\fr
C:\Program Files\Everest Poker\data\startup\shared
C:\Program Files\Everest Poker\data\startup\en\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\fr\cstart.txt
C:\Program Files\Everest Poker\data\startup\fr\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\shared\bitmaps
C:\Program Files\Everest Poker\data\startup\shared\icons
C:\Program Files\Everest Poker\data\startup\shared\sounds
C:\Program Files\Everest Poker\data\startup\shared\bitmaps\splash_poker.art
C:\Program Files\Everest Poker\data\startup\shared\icons\ep.ico
C:\Program Files\Everest Poker\data\startup\shared\sounds\alert.ogg
C:\Program Files\Everest Poker\history\571.txt
C:\Program Files\Everest Poker\history\572.txt
C:\Program Files\Everest Poker\history\573.txt
C:\Program Files\Everest Poker\history\574.txt
C:\Program Files\Everest Poker\history\575.txt
C:\Program Files\Everest Poker\history\576.txt
C:\Program Files\Everest Poker\history\577.txt
C:\Program Files\Everest Poker\history\578.txt
C:\Program Files\Everest Poker\history\579.txt
C:\Program Files\Everest Poker\history\580.txt
C:\Program Files\Everest Poker\history\581.txt
C:\Program Files\Everest Poker\history\582.txt
C:\Program Files\Everest Poker\history\583.txt
C:\Program Files\Everest Poker\history\584.txt
C:\Program Files\Everest Poker\history\585.txt
C:\Program Files\Everest Poker\history\586.txt
C:\Program Files\Everest Poker\history\587.txt
C:\Program Files\Everest Poker\history\588.txt
C:\Program Files\Everest Poker\history\589.txt
C:\Program Files\Everest Poker\history\590.txt
C:\Program Files\Everest Poker\history\591.txt
C:\Program Files\Everest Poker\history\592.txt
C:\Program Files\Everest Poker\history\593.txt
C:\Program Files\Everest Poker\history\594.txt
C:\Program Files\Everest Poker\history\595.txt
C:\Program Files\Everest Poker\history\596.txt
C:\Program Files\Everest Poker\history\597.txt
C:\Program Files\Everest Poker\history\598.txt
C:\Program Files\Everest Poker\history\599.txt
C:\Program Files\Everest Poker\history\600.txt
C:\Program Files\Everest Poker\history\601.txt
C:\Program Files\Everest Poker\history\602.txt
C:\Program Files\Everest Poker\history\603.txt
C:\Program Files\Everest Poker\history\604.txt
C:\Program Files\Everest Poker\history\605.txt
C:\Program Files\Everest Poker\history\606.txt
C:\Program Files\Everest Poker\history\607.txt
C:\Program Files\Everest Poker\history\608.txt
C:\Program Files\Everest Poker\history\609.txt
C:\Program Files\Everest Poker\history\610.txt
C:\Program Files\Everest Poker\history\611.txt
C:\Program Files\Everest Poker\history\612.txt
C:\Program Files\Everest Poker\history\613.txt
C:\Program Files\Everest Poker\history\614.txt
C:\Program Files\Everest Poker\history\615.txt
C:\Program Files\Everest Poker\history\616.txt
C:\Program Files\Everest Poker\history\617.txt
C:\Program Files\Everest Poker\history\618.txt
C:\Program Files\Everest Poker\history\619.txt
C:\Program Files\Everest Poker\history\620.txt
C:\Program Files\Everest Poker\history\621.txt
C:\Program Files\Everest Poker\history\622.txt
C:\Program Files\Everest Poker\history\623.txt
C:\Program Files\Everest Poker\history\624.txt
C:\Program Files\Everest Poker\history\625.txt
C:\Program Files\Everest Poker\history\626.txt
C:\Program Files\Everest Poker\history\627.txt
C:\Program Files\Everest Poker\history\628.txt
C:\Program Files\Everest Poker\history\629.txt
C:\Program Files\Everest Poker\history\630.txt
C:\Program Files\Everest Poker\history\631.txt
C:\Program Files\Everest Poker\history\632.txt
C:\Program Files\Everest Poker\history\633.txt
C:\Program Files\Everest Poker\history\634.txt
C:\Program Files\Everest Poker\history\635.txt
C:\Program Files\Everest Poker\history\636.txt
C:\Program Files\Everest Poker\history\637.txt
C:\Program Files\Everest Poker\history\638.txt
C:\Program Files\Everest Poker\history\639.txt
C:\Program Files\Everest Poker\history\640.txt
C:\Program Files\Everest Poker\history\641.txt
C:\Program Files\Everest Poker\history\642.txt
C:\Program Files\Everest Poker\history\643.txt
C:\Program Files\Everest Poker\history\644.txt
C:\Program Files\Everest Poker\history\645.txt
C:\Program Files\Everest Poker\history\646.txt
C:\Program Files\Everest Poker\history\647.txt
C:\Program Files\Everest Poker\history\648.txt
C:\Program Files\Everest Poker\history\649.txt
C:\Program Files\Everest Poker\history\650.txt
C:\Program Files\Everest Poker\history\651.txt
C:\Program Files\Everest Poker\history\652.txt
C:\Program Files\Everest Poker\history\653.txt
C:\Program Files\Everest Poker\history\654.txt
C:\Program Files\Everest Poker\history\655.txt
C:\Program Files\Everest Poker\history\656.txt
C:\Program Files\Everest Poker\history\657.txt
C:\Program Files\Everest Poker\history\658.txt
C:\Program Files\Everest Poker\history\659.txt
C:\Program Files\Everest Poker\history\660.txt
C:\Program Files\Everest Poker\history\661.txt
C:\Program Files\Everest Poker\history\662.txt
C:\Program Files\Everest Poker\history\663.txt
C:\Program Files\Everest Poker\history\664.txt
C:\Program Files\Everest Poker\history\665.txt
C:\Program Files\Everest Poker\history\666.txt
C:\Program Files\Everest Poker\history\667.txt
C:\Program Files\Everest Poker\history\668.txt
C:\Program Files\Everest Poker\history\669.txt
C:\Program Files\Everest Poker\history\670.txt
C:\Program Files\Everest Poker\history\671.txt
C:\Program Files\Everest Poker\history\672.txt
C:\Program Files\Everest Poker\history\673.txt
C:\Program Files\Everest Poker\history\674.txt
C:\Program Files\Everest Poker\history\675.txt
C:\Program Files\Everest Poker\history\676.txt
C:\Program Files\Everest Poker\history\677.txt
C:\Program Files\Everest Poker\history\678.txt
C:\Program Files\Everest Poker\history\679.txt
C:\Program Files\Everest Poker\history\680.txt
C:\Program Files\Everest Poker\history\681.txt
C:\Program Files\Everest Poker\history\682.txt
C:\Program Files\Everest Poker\history\683.txt
C:\Program Files\Everest Poker\history\684.txt
C:\Program Files\Everest Poker\history\685.txt
C:\Program Files\Everest Poker\history\686.txt
C:\Program Files\Everest Poker\history\687.txt
C:\Program Files\Everest Poker\history\688.txt
C:\Program Files\Everest Poker\history\689.txt
C:\Program Files\Everest Poker\history\691.txt
C:\Program Files\Everest Poker\history\692.txt
C:\Program Files\Everest Poker\history\693.txt
C:\Program Files\Everest Poker\history\694.txt
C:\Program Files\Everest Poker\history\695.txt
C:\Program Files\Everest Poker\history\697.txt
C:\Program Files\Everest Poker\history\698.txt
C:\Program Files\Everest Poker\history\699.txt
C:\Program Files\Everest Poker\history\700.txt
C:\Program Files\Everest Poker\history\701.txt
C:\Program Files\Everest Poker\history\702.txt
C:\Program Files\Everest Poker\history\703.txt
C:\Program Files\Everest Poker\history\704.txt
C:\Program Files\Everest Poker\history\705.txt
C:\Program Files\Everest Poker\history\706.txt
C:\Program Files\Everest Poker\history\707.txt
C:\Program Files\Everest Poker\history\708.txt
C:\Program Files\Everest Poker\history\709.txt
C:\Program Files\Everest Poker\history\710.txt
C:\Program Files\Everest Poker\history\712.txt
C:\Program Files\Everest Poker\history\713.txt
C:\Program Files\Everest Poker\history\714.txt
C:\Program Files\Everest Poker\history\715.txt
C:\Program Files\Everest Poker\history\716.txt
C:\Program Files\Everest Poker\history\717.txt
C:\Program Files\Everest Poker\history\718.txt
C:\Program Files\Everest Poker\history\719.txt
C:\Program Files\Everest Poker\history\720.txt
C:\Program Files\Everest Poker\history\721.txt
C:\Program Files\Everest Poker\history\722.txt
C:\Program Files\Everest Poker\history\723.txt
C:\Program Files\Everest Poker\history\724.txt
C:\Program Files\Everest Poker\history\725.txt
C:\Program Files\Everest Poker\history\726.txt
C:\Program Files\Everest Poker\history\728.txt
C:\Program Files\Everest Poker\history\729.txt
C:\Program Files\Everest Poker\history\730.txt
C:\Program Files\Everest Poker\notes\Player-aristocats81
C:\Program Files\Everest Poker\notes\Player-ptitealice8
C:\Program Files\Everest Poker\notes\Player-aristocats81\Opponent-monbonleo.xpn
C:\Program Files\Everest Poker\notes\Player-ptitealice8\Opponent-D@m@deCop@s.xpn
C:\Program Files\Everest Poker\notes\Player-ptitealice8\Opponent-kunha10.xpn
C:\Program Files\Everest Poker\notes\Player-ptitealice8\Opponent-manya81.xpn
C:\Program Files\Everest Poker\notes\Player-ptitealice8\Opponent-tt_yc.xpn
C:\Program Files\Everest Poker\var\content-fr.dat
C:\Program Files\Everest Poker
C:\Program Files\Kiwee Toolbar\2.8.167
C:\Program Files\Kiwee Toolbar\2.8.167\firefox
C:\Program Files\Kiwee Toolbar\2.8.167\kiweetoolbar.zip
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\firefox.xpi
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\install.rdf
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome\kiweetoolbar.jar
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.xpt
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\KiweeSearchHistory.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.xpt
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences\defaults.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\manifest.mf
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.rsa
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.sf
C:\Program Files\Kiwee Toolbar
C:\DOCUME~1\tof\APPLIC~1\Mozilla\Firefox\Profiles\0qyyur6j.default\searchplugins\sweetim.xml
C:\WINDOWS\Installer\13cfa391.msi
C:\DOCUME~1\tof\Cookies\tof@eorezo[1].txt
C:\DOCUME~1\tof\Cookies\tof@eorezo[2].txt
C:\DOCUME~1\tof\Cookies\tof@eorezo[3].txt
C:\DOCUME~1\tof\Cookies\tof@www.everestpoker[1].txt
C:\DOCUME~1\tof\Cookies\tof@imgfarm[1].txt
C:\DOCUME~1\tof\Cookies\tof@search.sweetim[1].txt
C:\DOCUME~1\tof\Cookies\tof@sweetim[1].txt
C:\DOCUME~1\tof\Cookies\tof@sweetim[2].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.

* Mozilla FireFox Version 3.5.2 *

Nom du profil: 0qyyur6j.default (tof)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Winamp Search");
(Prefs.js) user_pref("browser.search.selectedEngine", "Bing");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.2");
(Invalidprefs.js) user_pref("browser.search.defaultenginename", "Winamp Search");
(Invalidprefs.js) user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "MyStart Rechercher");
(Invalidprefs.js) user_pref("browser.search.selectedEngine", "Live Search");
(Invalidprefs.js) user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Google");
(Invalidprefs.js) user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Google");
(Invalidprefs.js) user_pref("browser.search.defaulturl", "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=");
(Invalidprefs.js) user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=");
(Invalidprefs.js) user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=");
(Invalidprefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr");
(Invalidprefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.13");
(Invalidprefs.js) user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.rescue.forumactif.fr");
(Invalidprefs.js) user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.rescue.forumactif.fr");
.
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.mode.debug", "false");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "MyStart Rechercher");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Google");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.rescue.forumactif.fr");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.sweetim.*\" param=\"q=\" /><EXTERNAL_œ÷SEARCH engine=\"hxxp://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.search.history", "police%20municipale%20lavaur%20chiens,audition%20nouvelle%20star%202006%20christophe%20willem,simpson%20streaming,cradle%20of%20filth%20nymphetamine,cradle%20of%20filfh,facebook,blog%20gay,soonnight,bague%20or%20et%20diamant,david%20carron");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.search.history.capacity", "10");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.simapp_id", "{981E8054-A856-11DD-8B7F-001A922287CA}");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.version", "1.0.0.8");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Google");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.rescue.forumactif.fr");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=");
(Invalidprefs.js) EFFACÉ: user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.sweetim.*\" param=\"q=\" /><EXTERNAL_œ÷
.

* Internet Explorer Version 8.0.6001.18702 *

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.google.fr/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

============== Suspect (Cracks, Serials ... ) ==============

.
C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\THQ\Revolution Software Ltd\Les Chevaliers de Baphomet - Les Gardiens du Temple de Salomon\Crack\Broken.Sword.The.Angel.Of.Death.CRACK.ONLY-RELOADED\bs4pc.exe
C:\Documents and Settings\tof\Local Settings\Application Data\ApplicationHistory\CODE DEBLOCAGE SAMSUNG crack.exe.194988de.ini
.
===================================
.
26773 Octet(s) - C:\Ad-Report-CLEAN.log
.
3 Fichier(s) - C:\DOCUME~1\tof\LOCALS~1\Temp
3 Fichier(s) - C:\WINDOWS\Temp
.
20 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
205 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 21:23:18 | 09/08/2009
.
============== E.O.F ==============
.

Salut ptitealice81


Mettre MalwareByte's Anti-Malware à jour

---

- Redémarre en mode sans échec :

Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur

---

- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php


@++

ayé enfin fini

voici le rapport

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2551
Windows 5.1.2600 Service Pack 3 (Safe Mode)

09/08/2009 23:21:10
mbam-log-2009-08-09 (23-21-10).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 240995
Temps écoulé: 1 hour(s), 40 minute(s), 43 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 15

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\tof\Bureau\Raccourcis Bureau non utilisés\Everest Casino.exe (Rogue.AdorableCasino) -> Quarantined and deleted successfully.
C:\Documents and Settings\tof\Bureau\Raccourcis Bureau non utilisés\Live-Player_setup.exe (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F6A6F16B-F8F0-47B6-BF0A-046BC967F30A}\RP707\A0142505.exe (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F6A6F16B-F8F0-47B6-BF0A-046BC967F30A}\RP708\A0142534.exe (Adware.Adorable casino) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F6A6F16B-F8F0-47B6-BF0A-046BC967F30A}\RP708\A0142580.exe (Adware.Adorable casino) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F6A6F16B-F8F0-47B6-BF0A-046BC967F30A}\RP708\A0142727.exe (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F6A6F16B-F8F0-47B6-BF0A-046BC967F30A}\RP713\A0145412.exe (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F6A6F16B-F8F0-47B6-BF0A-046BC967F30A}\RP714\A0145732.exe (Adware.Adorable casino) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F6A6F16B-F8F0-47B6-BF0A-046BC967F30A}\RP714\A0145778.exe (Adware.Adorable casino) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F6A6F16B-F8F0-47B6-BF0A-046BC967F30A}\RP718\A0149393.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F6A6F16B-F8F0-47B6-BF0A-046BC967F30A}\RP718\A0149400.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F6A6F16B-F8F0-47B6-BF0A-046BC967F30A}\RP718\A0149421.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F6A6F16B-F8F0-47B6-BF0A-046BC967F30A}\RP720\A0149688.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F6A6F16B-F8F0-47B6-BF0A-046BC967F30A}\RP720\A0149689.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\vomal.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Salut ptitealice81


Désactive la restauration système sur tous les lecteurs :

- Clique droit sur le Poste de travail sur le bureau, dans propriété tu cliques sur l'onglet Restauration système

- Coche la case désactiver la restauration et applique

Redémarre l’ordinateur et réactive la restauration système.

Tutoriel XP : http://www.libellules.ch/desactiver_restauration.php

Tutoriel Vista : http://www.commentcamarche.net/faq/sujet-13214-desactiver-reactiver-la-restau(...)


-----


Fais un scan en ligne ici :
http://webscanner.kaspersky.fr/ (A faire avec Internet Explorer)

Désactive ton Antivirus avant le scan en ligne
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm

Sur la page du scan en bas à droite clique sur Démarrer Online-scanner et dans la nouvelle fenêtre qui s'affiche clique sur J'accepte

Accepte les Contrôle ActivX

Choisis Poste de travail pour le scan. Celui-ci terminé clique sur Enregistrer rapport sous (Choisis fichier texte)

Poste le contenue du rapport

Aide pour l'utilisation du scan en ligne :
http://forum.pcastuces.com/kaspersky_online_scanner___tutoriel-f31s10.htm

P.S. : Si tu as un problème pour l'installation du Contrôle ActivX lis ceci :
http://www.inoculer.com/activex.php3

NOTE : Si tu reçoit le message "La licence de Kaspersky On-line Scanner est périmée"
Via Ajout/Suppression de programmes supprime Kaspersky Online Scanner et refaire l’installation.


@++

re bonsoir
merci mais je n'y arrive pas.
j'avais réussi à faire la mise à jour et tout, mais impossible d'analyser, alors j'ai réessayé et là ça ne veut plus, j'ai un message comme quoi la licence est périmée, du coup j'ai essayé de supprimer dans ajouts et suppression de programmes, je ne l'ai pas trouvé, idem avec rechercher.



voilà ce que ça m'affiche

Salut ptitealice81


Important Désactive ton Antivirus avant le scan en ligne :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm


Faire un scan avec Nod32 en ligne (il faut utiliser Internet Explorer) ici :
http://www.eset-nod32.fr/scanner.html

Dans le bas de la page clique sur Scanner en ligne >




Dans la nouvelle page, coche la case devant OUI, j'accepte les termes du contrat de licence et clique sur Start pour débuter.




Dans la nouvelle page(qui est assez longue a charger) tu auras une alerte pour la barre d'information, clique sur Fermé.

Maintenant faire un clique droit dans la barre d'information en jaune dans le haut de la page, et clique sur Installer le contrôle ActiveX.




Une boite d'information va s'ouvrir, clique sur Installer




Dans la nouvelle page clique en bas sur Démarrer, le téléchargement de la base des signatures de virus va débuter.
Après le scan du PC va débuter, patience le temps du scan, ne pas faire de navigation durant le scan, on a désactivé l'Antivirus.


Une fois le scan fini, cliqué sur Terminé et fermé la page.

Ouvrir l'explorateur Windows et retrouver le rapport qui est dans ce répertoire :

C:\Program Files\ESET\ESET Online Scanner\log.txt

Copie/colle le contenue de ce rapport log.txt


@++

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.5889
# api_version=3.0.2
# EOSSerial=896dd8e532f37945b5589d1ca734e0ea
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-08-09 11:38:46
# local_time=2009-08-10 01:38:46 (+0100, Paris, Madrid)
# country="France"
# lang=1036
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=769 37 100 100 58647031250
# scanned=96228
# found=11
# cleaned=11
# scan_time=2679
C:\Documents and Settings\tof\Bureau\Raccourcis Bureau non utilisés\Everest Poker.exe une variante de Win32/Adware.Casino application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Documents and Settings\tof\Bureau\Raccourcis Bureau non utilisés\installer-12810-33-Microsoft-PowerPoint-Viewer-2007-1-0-French.exe une variante de Win32/Downloader.Ircfast application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Documents and Settings\tof\Bureau\Raccourcis Bureau non utilisés\installer-4783-33-Collage-Maker-1-3-French.exe une variante de Win32/Downloader.Ircfast application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Documents and Settings\tof\Bureau\Raccourcis Bureau non utilisés\installer-5888-33-Mario-Forever-3-0-French.exe une variante de Win32/Downloader.Ircfast application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Documents and Settings\tof\Bureau\Raccourcis Bureau non utilisés\jeux\Everest Poker.exe une variante de Win32/Adware.Casino application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Downloads\Software\PangYa_Eu_S3.exe NewHeur_PE virus probablement inconnu (supprimé - mis en quarantaine) 00000000000000000000000000000000 C
C:\Program Files\Ad-remover\QUARANTINE\PROGRA~1\EVERES~1\cstart-tmp.exe.vir une variante de Win32/Adware.Casino application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Program Files\Ad-remover\QUARANTINE\PROGRA~1\EVERES~1\cstart.exe.vir une variante de Win32/Adware.Casino application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Program Files\Ad-remover\QUARANTINE\PROGRA~1\EVERES~1\Everest Poker.exe.vir une variante de Win32/Adware.Casino application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C
C:\Program Files\scrabbleproB\scrabblepro.exe NewHeur_PE virus probablement inconnu (supprimé - mis en quarantaine) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Altnet\Download Manager\admdata.dll.vir Win32/Adware.Altnet application (nettoyé par suppression - mis en quarantaine) 00000000000000000000000000000000 C

Salut ptitealice81


Je te conseille très vivement de désinstaller Avast! pour Antivir, voir ce lien :

~Avast! VS Antivir~

Téléchargement Antivir de Avira en français ici :

http://dlce.antivir.com/package/wks_avira/win32/fr/pecl/avira_antivir_persona(...)

Aide : http://www.libellules.ch/tuto_antivir.php

Suivre le tutoriel, faire un scan complet en mode sans échec et sauvegarde le rapport.
Redémarre en mode normal et poste le rapport.

Si tu rencontres un problème pour la désinstallation d'Avast, utilise son utilitaire de désinstallation :
http://www.avast.com/fre/avast-uninstall-utility.html


@++

j'ai installé avast hier, car antivir ne finissait plus ses scans depuis 2 jours

Salut ptitealice81


Essai de le réinstaller, si cela ne marche pas, je t'en propose un autre.


@++

bonjour

voici le rapport d'antivir en mode sans echec

Avira AntiVir Personal
Date de création du fichier de rapport : lundi 10 août 2009 02:19

La recherche porte sur 1620627 souches de virus.

Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (Service Pack 3) [5.1.2600]
Mode Boot : Mode sans échec
Identifiant : tof
Nom de l'ordinateur : TOTOF-53DF5DC79

Informations de version :
BUILD.DAT : 9.0.0.66 17958 Bytes 17/06/2009 14:44:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 17/06/2009 12:43:57
AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11
LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/06/2009 00:14:21
ANTIVIR2.VDF : 7.1.5.60 2235904 Bytes 03/08/2009 00:14:25
ANTIVIR3.VDF : 7.1.5.86 467456 Bytes 09/08/2009 00:14:26
Version du moteur : 8.2.0.248
AEVDF.DLL : 8.1.1.1 106868 Bytes 30/04/2009 10:52:04
AESCRIPT.DLL : 8.1.2.23 455033 Bytes 10/08/2009 00:14:32
AESCN.DLL : 8.1.2.4 127348 Bytes 10/08/2009 00:14:31
AERDL.DLL : 8.1.2.4 430452 Bytes 10/08/2009 00:14:31
AEPACK.DLL : 8.1.3.18 401783 Bytes 27/05/2009 15:07:20
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 10/08/2009 00:14:30
AEHEUR.DLL : 8.1.0.154 1917302 Bytes 10/08/2009 00:14:30
AEHELP.DLL : 8.1.5.3 233846 Bytes 10/08/2009 00:14:28
AEGEN.DLL : 8.1.1.55 356723 Bytes 10/08/2009 00:14:27
AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 13:32:40
AECORE.DLL : 8.1.7.6 184694 Bytes 10/08/2009 00:14:26
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30
AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 10:39:26
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57
NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 17/06/2009 12:44:26
RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:05

Configuration pour la recherche actuelle :
Nom de la tâche...............................: Contrôle intégral du système
Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Secteurs d'amorçage...........................: C:,
Recherche dans les programmes actifs..........: marche
Recherche en cours sur l'enregistrement.......: marche
Recherche de Rootkits.........................: marche
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Tous les fichiers
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen

Début de la recherche : lundi 10 août 2009 02:19

La recherche d'objets cachés commence.
Impossible d'initialiser le pilote.

La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'11' processus ont été contrôlés avec '11' modules

La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !

La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '77' fichiers).


La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\'
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
C:\WINDOWS\system32\drivers\sptd.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !


Fin de la recherche : lundi 10 août 2009 04:59
Temps nécessaire: 2:40:00 Heure(s)

La recherche a été effectuée intégralement

9250 Les répertoires ont été contrôlés
466148 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
2 Impossible de contrôler des fichiers
466146 Fichiers non infectés
7682 Les archives ont été contrôlées
2 Avertissements
1 Consignes

Salut ptitealice81


Cela est bon, as-tu d'autre souci?


@++

Bah mes soucis ne sont pas réglés
merci

Salut ptitealice81


Supprime ce dossier C:\rsit

Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

log

Logfile of random's system information tool 1.06 (written by random/random)
Run by tof at 2009-08-11 01:01:16
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 63 GB (48%) free of 131 GB
Total RAM: 1023 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:01:45, on 11/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe
C:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AXMA\Fax-internet\faxtray.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\FREEDO~1\FDM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\tof\Bureau\pour virus\RSIT.exe
C:\Documents and Settings\tof\Bureau\tof.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Mario Forever Toolbar - {463DF6D5-BEC1-4d67-B217-59DB692DFC53} - C:\Program Files\Mario Forever Toolbar\v2.0.0.3\Mario_Forever_Toolbar.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Fnac] "C:\Program Files\Fnac\Fnac.exe" /check
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [YahooWidgets] C:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe
O4 - Global Startup: Gestionnaire de lancement d'application fax.lnk = C:\Program Files\AXMA\Fax-internet\faxtray.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1c9db1cd0a766ae) (gupdate1c9db1cd0a766ae) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - file:///C://PROGRA~1//EUROBA~1//pub.bmp

--
End of file - 12914 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\SOFTWARE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-18 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-05-22 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06 61808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-04-24 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-18 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-19 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-01 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2009-03-02 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-24 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-24 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]
{463DF6D5-BEC1-4d67-B217-59DB692DFC53} - Mario Forever Toolbar - C:\Program Files\Mario Forever Toolbar\v2.0.0.3\Mario_Forever_Toolbar.dll [2007-11-03 491520]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-09-26 352256]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-18 259696]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-10-16 16855552]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-07-13 8466432]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-07-13 81920]
"Lexmark 2200 Series"=C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe [2004-02-13 57344]
"FaxCenterServer"=C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2004-02-04 294912]
"snpstd"=C:\WINDOWS\vsnpstd.exe [2004-06-10 286720]
"KMCONFIG"=C:\Program Files\Mouse Driver\StartAutorun.exe [2007-03-06 212992]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-24 136600]
"fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-02-06 454000]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-05-22 198160]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"Fnac"=C:\Program Files\Fnac\Fnac.exe [2009-02-26 933984]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2009-03-22 251264]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-08-08 1830128]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2008-09-29 1279216]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-27 68856]
"YahooWidgets"=C:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe [2009-03-19 4742184]
"VistaStartMenu"=C:\Program Files\Transform XP to Vista\Vista Start Menu\VistaStartMenu.exe [2009-03-19 2171392]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-03-02 3399727]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-18 21633320]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2008-09-26 3660848]

C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
Gestionnaire de lancement d'application fax.lnk - C:\Program Files\AXMA\Fax-internet\faxtray.exe
Post-it® Software Notes Lite.lnk - C:\Program Files\3M\PSNLite\PsnLite.exe

C:\Documents and Settings\tof\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
Yahoo! Widgets.lnk - C:\Program Files\Transform XP to Vista\Yahoo! Widgets\Widgets\YahooWidgets.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-08-08 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoLogOff"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-08-11 01:01:16 ----DC---- C:\rsit
2009-08-10 05:04:56 ----A---- C:\WINDOWS\ntbtlog.txt
2009-08-10 02:12:40 ----D---- C:\Program Files\Avira
2009-08-10 02:12:40 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2009-08-10 00:52:25 ----D---- C:\Program Files\ESET
2009-08-09 20:51:40 ----D---- C:\Program Files\Ad-remover
2009-08-09 20:27:38 ----AC---- C:\ComboFix.txt
2009-08-09 20:21:10 ----SHDC---- C:\RECYCLER
2009-08-09 20:10:41 ----A---- C:\WINDOWS\zip.exe
2009-08-09 20:10:41 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-08-09 20:10:41 ----A---- C:\WINDOWS\SWSC.exe
2009-08-09 20:10:41 ----A---- C:\WINDOWS\SWREG.exe
2009-08-09 20:10:41 ----A---- C:\WINDOWS\sed.exe
2009-08-09 20:10:41 ----A---- C:\WINDOWS\PEV.exe
2009-08-09 20:10:41 ----A---- C:\WINDOWS\NIRCMD.exe
2009-08-09 20:10:41 ----A---- C:\WINDOWS\grep.exe
2009-08-09 20:10:32 ----DC---- C:\Qoobox
2009-08-09 18:36:08 ----D---- C:\Program Files\Winamp Toolbar
2009-08-09 18:35:27 ----D---- C:\Program Files\Winamp
2009-08-09 18:35:27 ----D---- C:\Documents and Settings\tof\Application Data\Winamp
2009-08-09 16:06:44 ----D---- C:\Program Files\Mozilla Firefox
2009-08-09 14:14:01 ----D---- C:\WINDOWS\ie8updates
2009-08-09 14:09:40 ----HDC---- C:\WINDOWS\ie8
2009-08-08 01:18:56 ----D---- C:\Program Files\Fnac
2009-08-07 21:21:34 ----D---- C:\Documents and Settings\tof\Application Data\3M
2009-08-07 00:00:36 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-08-06 19:57:05 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2009-08-06 19:55:08 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony Ericsson
2009-08-06 19:55:07 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Teleca
2009-08-06 19:54:14 ----D---- C:\Documents and Settings\tof\Application Data\InstallShield
2009-08-06 19:54:01 ----D---- C:\Program Files\Play65
2009-08-06 19:52:19 ----D---- C:\Program Files\MSN Messenger
2009-08-06 19:52:17 ----D---- C:\Program Files\Windows Live Toolbar
2009-08-06 19:52:17 ----D---- C:\Program Files\Windows Live SkyDrive
2009-08-06 19:52:17 ----D---- C:\Program Files\msn
2009-08-06 19:51:20 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-08-06 19:50:57 ----D---- C:\Program Files\MSN Apps
2009-08-06 19:50:55 ----D---- C:\Program Files\Messenger Plus! Live
2009-07-29 03:01:10 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2009-07-28 02:12:50 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-07-16 03:30:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-16 03:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-16 03:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$

======List of files/folders modified in the last 1 months======

2009-08-11 01:01:36 ----D---- C:\WINDOWS\Prefetch
2009-08-11 00:59:38 ----D---- C:\Documents and Settings\tof\Application Data\Free Download Manager
2009-08-10 20:59:15 ----D---- C:\Documents and Settings\tof\Application Data\Skype
2009-08-10 20:41:58 ----D---- C:\WINDOWS\system32\drivers
2009-08-10 20:41:58 ----D---- C:\WINDOWS\system32
2009-08-10 19:44:51 ----D---- C:\Program Files\ShotOnline
2009-08-10 17:28:00 ----D---- C:\WINDOWS\Temp
2009-08-10 09:28:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-10 05:04:56 ----D---- C:\WINDOWS
2009-08-10 05:04:03 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-10 02:12:50 ----HD---- C:\WINDOWS\inf
2009-08-10 02:12:40 ----RD---- C:\Program Files
2009-08-10 02:11:38 ----SHDC---- C:\Config.Msi
2009-08-10 02:11:38 ----SHD---- C:\WINDOWS\Installer
2009-08-10 02:11:36 ----D---- C:\WINDOWS\WinSxS
2009-08-10 01:25:29 ----D---- C:\Program Files\scrabbleproB
2009-08-10 00:52:27 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-08-10 00:46:50 ----D---- C:\Documents and Settings\tof\Application Data\Vista Start Menu
2009-08-10 00:04:52 ----D---- C:\Documents and Settings\tof\Application Data\skypePM
2009-08-09 23:56:38 ----SHD---- C:\System Volume Information
2009-08-09 23:56:38 ----D---- C:\WINDOWS\system32\Restore
2009-08-09 21:36:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-09 20:26:51 ----SD---- C:\WINDOWS\Tasks
2009-08-09 20:26:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-09 20:21:40 ----C---- C:\WINDOWS\system.ini
2009-08-09 20:18:18 ----D---- C:\WINDOWS\system32\config
2009-08-09 20:18:06 ----D---- C:\WINDOWS\erdnt
2009-08-09 20:15:50 ----D---- C:\WINDOWS\AppPatch
2009-08-09 20:15:34 ----D---- C:\Program Files\Fichiers communs
2009-08-09 18:21:08 ----DC---- C:\Downloads
2009-08-09 18:07:15 ----RASHC---- C:\boot.ini
2009-08-09 17:55:18 ----D---- C:\WINDOWS\pss
2009-08-09 17:52:05 ----D---- C:\Program Files\The Adventure Company
2009-08-09 17:51:14 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-08-09 16:34:04 ----HD---- C:\WINDOWS\msdownld.tmp
2009-08-09 16:33:46 ----D---- C:\Program Files\SUPERAntiSpyware
2009-08-09 16:33:27 ----D---- C:\WINDOWS\WBEM
2009-08-09 16:32:47 ----D---- C:\Program Files\Internet Explorer
2009-08-09 15:33:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-08-09 14:19:15 ----D---- C:\WINDOWS\Debug
2009-08-09 14:16:32 ----D---- C:\WINDOWS\system32\fr-fr
2009-08-09 14:16:31 ----D---- C:\WINDOWS\Help
2009-08-09 14:14:13 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-09 14:11:39 ----D---- C:\WINDOWS\Media
2009-08-09 03:38:29 ----D---- C:\Documents and Settings\tof\Application Data\dvdcss
2009-08-07 13:13:05 ----D---- C:\Program Files\QuickTime
2009-08-07 00:07:23 ----RSD---- C:\WINDOWS\Fonts
2009-08-07 00:07:23 ----D---- C:\WINDOWS\Cursors
2009-08-07 00:07:23 ----D---- C:\Program Files\Outlook Express
2009-08-07 00:07:23 ----D---- C:\Program Files\Movie Maker
2009-08-07 00:07:21 ----D---- C:\WINDOWS\system32\usmt
2009-08-07 00:03:48 ----A---- C:\WINDOWS\BricoPackUninst.txt
2009-08-07 00:03:48 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2009-08-06 23:59:19 ----D---- C:\WINDOWS\BricoPacks
2009-08-06 20:12:15 ----D---- C:\Documents and Settings\tof\Application Data\Samsung
2009-08-06 20:11:15 ----DC---- C:\Gamigo Games
2009-08-06 20:09:19 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-06 19:57:29 ----D---- C:\WINDOWS\system32\wbem
2009-08-06 19:57:29 ----D---- C:\WINDOWS\Registration
2009-08-06 19:57:09 ----DC---- C:\Ares Tube
2009-08-06 19:57:04 ----D---- C:\Program Files\WordBiz
2009-08-06 19:55:24 ----D---- C:\Program Files\Fichiers communs\Teleca Shared
2009-08-06 19:51:44 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-08-06 19:51:11 ----D---- C:\Program Files\Windows Live
2009-08-06 15:06:47 ----SD---- C:\Documents and Settings\tof\Application Data\Microsoft
2009-08-05 20:43:25 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-05 20:43:25 ----D---- C:\Program Files\Samsung
2009-08-05 20:42:39 ----D---- C:\Program Files\Sony
2009-08-05 20:40:23 ----D---- C:\WINDOWS\Downloaded Installations
2009-08-05 20:31:52 ----D---- C:\Documents and Settings\tof\Application Data\SUPERAntiSpyware.com
2009-08-05 20:31:47 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-08-05 20:30:29 ----D---- C:\Program Files\Yahoo!
2009-08-04 17:54:34 ----A---- C:\WINDOWS\lexstat.ini
2009-08-01 20:38:46 ----D---- C:\Program Files\Microsoft Silverlight
2009-07-28 17:03:20 ----D---- C:\Documents and Settings\tof\Application Data\BitTorrent
2009-07-28 02:15:57 ----D---- C:\Program Files\DivX
2009-07-26 16:24:50 ----D---- C:\WINDOWS\Minidump
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-18 18:03:49 ----A---- C:\WINDOWS\system32\shdocvw.dll
2009-07-16 03:36:02 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-05-11 278728]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-05-11 25416]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-02-26 43520]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-10-16 4615168]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-07-13 6807744]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 snpstd;VideoCAM Messenger; C:\WINDOWS\system32\DRIVERS\snpstd.sys [2004-06-25 331008]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 hitmanpro2;Hitman Pro 2 Driver; \??\C:\Program Files\Hitman Pro\hitmanpro2.sys []
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 SE2Fbus;Sony Ericsson Device 047 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Fbus.sys [2006-11-10 61600]
S3 SE2Fmdfl;Sony Ericsson Device 047 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Fmdfl.sys [2006-11-10 9360]
S3 SE2Fmdm;Sony Ericsson Device 047 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Fmdm.sys [2006-11-10 97184]
S3 SE2Fmgmt;Sony Ericsson Device 047 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Fmgmt.sys [2006-11-10 88688]
S3 se2Fnd5;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (NDIS); C:\WINDOWS\system32\DRIVERS\se2Fnd5.sys [2006-11-10 18704]
S3 SE2Fobex;Sony Ericsson Device 047 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Fobex.sys [2006-11-10 86560]
S3 se2Funic;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (WDM); C:\WINDOWS\system32\DRIVERS\se2Funic.sys [2006-11-10 90800]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-05-11 185089]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-24 152984]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2004-01-14 311296]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-07-13 155716]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1c9db1cd0a766ae;Service Google Update (gupdate1c9db1cd0a766ae); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-22 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-10-10 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-01 182768]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-02-15 2794234]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------










info

info.txt logfile of random's system information tool 1.06 2009-08-11 01:01:50

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->MsiExec /X{7032E73F-68A0-48F9-8100-E70E79169BAE}
-->MsiExec.exe /X{69495273-FCDC-4A86-BCB7-49B504D3FB0E}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22EB2FA7-1BA0-4FFB-972F-353EC6ABA9D5}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x40c /cont -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x40c -removeonly
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
ABBYY FineReader 5.0 Sprint Plus-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Stock Photos 1.0-->MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
Ad-remover-->C:\Program Files\Ad-remover\Uninstall ADR.exe
AGEIA PhysX v6.12.02-->MsiExec.exe /X{7032E73F-68A0-48F9-8100-E70E79169BAE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ares Tube 3.0-->"c:\Ares Tube\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bink and Smacker-->C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DD PlayCam-->C:\WINDOWS\unvise32.exe C:\Program Files\DD PlayCam\1.0\Thempty.log
Désinstallation du Fnac Video Manager-->C:\Program Files\Fnac\uninst-Fnac.exe
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Decoder Pak for Windows XP-->MsiExec.exe /X{92C5DB3D-9D6F-4324-BB11-57825F4C2635}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Free Download Manager 3.0-->C:\Program Files\Free Download Manager\uninst.exe
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\2.0.172.39\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\tof\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IncrediMail-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Keyboard & Mouse Driver-->C:\Program Files\InstallShield Installation Information\{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}\setup.exe -runfromtemp -l0x0409
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lexmark 2200 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBVUN5C.EXE -dLexmark 2200 Series
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Mario Forever 3.0-->"C:\WINDOWS\Mario_Forever_Toolbar_Uninstaller_7968.exe" -hu _?=C:\Program Files\Mario Forever Toolbar
Mario Forever Toolbar-->"C:\WINDOWS\Mario_Forever_Toolbar_Uninstaller_7968.exe" _?=C:\Program Files\Mario Forever Toolbar
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mouse Driver-->C:\Program Files\InstallShield Installation Information\{55BFC356-5A7B-482F-A213-9ACFDDFF6037}\setup.exe -runfromtemp -l0x0409
Mozilla Firefox (3.5.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3 Player Utilities 4.13-->MsiExec.exe /I{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
ONES (F)-->C:\WINDOWS\InZU31.exe /U:C:\Program Files\ONES (F)\Uninstall.inz /L:f /K:ONES(F)
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
PangYa_Eu (Goa)-->C:\Program Files\Goa\PangYa_Eu\uninstall.exe
Photorécit 3 pour Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
Play65-->C:\Program Files\Play65\Play65.exe /uninstall
Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Registry Mechanic 7.0-->"C:\Program Files\Registry Mechanic\unins000.exe"
Safari-->MsiExec.exe /I{582D2A53-F426-4C5E-A2E6-43C1AB36B907}
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Master-->C:\Program Files\InstallShield Installation Information\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}\Setup.exe -runfromtemp -l0x040c -removeonly
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone

Salut ptitealice81


Télécharge ST_Fix (de Batch_Man) sur le bureau :

http://batchdhelus.open-web.fr/programme/ST_Fix.bat


Important : Ferme tous les navigateurs

Double clique sur ST_Fix Beta.bat pour lancer le logiciel
- Dans la nouvelle fenêtre choisi l’option 3 et tape Enter
- Après sera demandé la nouvelle page de démarrage, tape google.fr et Enter pour débuter la désinfection.

Copie/colle le contenue du rapport


@++

j'ai pas d'option ça me met juste suppression et apres ça

########################################################################
#
# ST_Fix v.2.04 par Batch_Man
# Mise à jour le 06/08/2009
# Début a 3:31 le 11/08/2009
# Système d'exploitation: Microsoft Windows XP
# Service Pack: Service Pack 3
# Mode de boot: Normal
# Lancé de C:\Documents and Settings\tof\Bureau\ST_Fix.bat
#
################################ Suppression ###############################
#
################################## Terminé ################################

Salut ptitealice81


C'est quoi le souci que tu as?


@++

ben en fait j'ai une fenete bleu genre dos avec marqué suppréssion en cours, ensuite j'ai ce rapport ci dessus qui s'affiche, mais rien de plus
pas d'option pour changer la page de démarage ni rien

Salut ptitealice81


Le problème est avec IE où Firefox?


@++

en fait là je parlais du soucis avec le logiciel ST fix

Salut ptitealice81


As-tu encore le souci du départ?


@++