[RESOLU] Mdmm.exe => merci DESTRIO5

Salut,

Désinstalle Avast.

Installe Antivir et mets-le à jour.

Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.

Dans Antivir, choisis Outils puis Configuration.

Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.

Fais un scan complet et poste le rapport.

Tutoriel : Scanner le(s) disque(s) dur(s)

Tout d'abord merci de m'aider. Voici le rapport :



Avira AntiVir Personal
Date de création du fichier de rapport : 2009-03-05 18:26

La recherche porte sur 1284893 souches de virus.

Détenteur de la licence :Avira AntiVir PersonalEdition Classic
Numéro de série : 0000149996-ADJIE-0001
Plateforme : Windows XP
Version de Windows  Service Pack 2) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : packard bell
Nom de l'ordinateur :CALIMERO

Informations de version :
BUILD.DAT : 8.2.0.52 16931 Bytes 2008-12-02 14:55:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 2008-11-18 08:21:00
AVSCAN.DLL : 8.1.4.1 49921 Bytes 2008-07-21 13:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 2008-07-04 07:30:27
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 2008-10-27 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2009-02-11 17:14:32
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 2009-03-03 17:14:37
ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 2009-03-05 17:14:38
Version du moteur: 8.2.0.100
AEVDF.DLL : 8.1.1.0 106868 Bytes 2009-03-05 17:14:55
AESCRIPT.DLL : 8.1.1.56 352634 Bytes 2009-03-05 17:14:53
AESCN.DLL : 8.1.1.7 127347 Bytes 2009-03-05 17:14:52
AERDL.DLL : 8.1.1.3 438645 Bytes 2008-11-04 13:58:38
AEPACK.DLL : 8.1.3.10 397686 Bytes 2009-03-05 17:14:51
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2009-03-05 17:14:49
AEHEUR.DLL : 8.1.0.100 1618295 Bytes 2009-03-05 17:14:48
AEHELP.DLL : 8.1.2.2 119158 Bytes 2009-03-05 17:14:42
AEGEN.DLL : 8.1.1.24 336244 Bytes 2009-03-05 17:14:41
AEEMU.DLL : 8.1.0.9 393588 Bytes 2008-10-14 10:05:56
AECORE.DLL : 8.1.6.6 176501 Bytes 2009-03-05 17:14:39
AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-14 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:27:58
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-07-31 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:07
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-07-04 07:23:16
RCTEXT.DLL : 8.0.52.1 86273 Bytes 2008-07-17 10:08:43

Configuration pour la recherche actuelle :
Nom de la tâche..................: Lecteurs locaux
Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\alldrives.avp
Documentation....................: bas
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Secteurs d'amorçage..............: C:, D:, E:,
Recherche dans les programmes actifs: marche
Recherche en cours sur l'enregistrement: marche
Recherche de Rootkits............: arrêt
Fichier mode de recherche........: Sélection de fichiers intelligente
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: moyen

Début de la recherche : 2009-03-05 18:26

La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Dot1XCfg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'rapimgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ngssc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wcescomm.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iFrmewrk.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ZCfgSvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Icon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'mqtgsvc.exe' - '1' module(s) sont contrôlés
Module infecté -> 'C:\WINDOWS\System\mqtgsvc.exe'
Processus de recherche 'SOUNDMAN.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'USBTip.exe' - '1' module(s) sont contrôlés
Processus de recherche 'STDSB.exe' - '1' module(s) sont contrôlés
Processus de recherche 'igfxtray.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LVComSer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wmpnetwk.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'slserv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'tcpsvcs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RegSrvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ndassvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MDM.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'LVComSer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'EvtEng.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Crypserv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés
Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LVPrcSrv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'brss01a.exe' - '1' module(s) sont contrôlés
Processus de recherche 'brsvc01a.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'S24EvMon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
Le processus 'mqtgsvc.exe' est arrêté
C:\WINDOWS\System\mqtgsvc.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a240bb2.qua' !

'58' processus ont été contrôlés avec '57' modules

La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !

La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence.

Le registre a été contrôlé ( '96' fichiers).


La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\' <HDD>
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Ad-Aware QF 20081031 222950.aawqff
[0] Type d'archive: HIDDEN
--> FIL\\\?\C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Ad-Aware QF 20081031 222950.aawqff
[RESULTAT] Contient le cheval de Troie TR/Bagle.Gen.B
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49dd0d62.qua' !
C:\Documents and Settings\packard bell\Application Data\comrepl.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1d0ee6.qua' !
C:\Documents and Settings\packard bell\Application Data\esentutl.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a150ef2.qua' !
C:\Documents and Settings\packard bell\Application Data\ieudinit.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a250ee4.qua' !
C:\Documents and Settings\packard bell\Application Data\mstsc.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a240ef3.qua' !
C:\Documents and Settings\packard bell\Application Data\spoolsv.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1f0ef0.qua' !
C:\Documents and Settings\packard bell\Application Data\Microsoft\cmstp.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a230ef8.qua' !
C:\Documents and Settings\packard bell\Application Data\Microsoft\sessmgr.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] TR/Agent.77824:[HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN]:<SessMgr>=sz:sessmgr.exe
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a230ef1.qua' !
C:\Documents and Settings\packard bell\Local Settings\Application Data\cisvc.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a230f6e.qua' !
C:\Documents and Settings\packard bell\Local Settings\Application Data\ieudinit.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a250f6b.qua' !
C:\Documents and Settings\packard bell\Local Settings\Application Data\mstinit.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a240f79.qua' !
C:\Documents and Settings\packard bell\Local Settings\Application Data\spoolsv.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1f0f77.qua' !
C:\Documents and Settings\packard bell\Local Settings\Application Data\Microsoft\cisvc.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a230fa0.qua' !
C:\Documents and Settings\packard bell\Local Settings\Application Data\Microsoft\cmstp.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a230fa4.qua' !
C:\Documents and Settings\packard bell\Local Settings\Application Data\Microsoft\sessmgr.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a230f9d.qua' !
C:\Documents and Settings\packard bell\Local Settings\Application Data\Microsoft\spoolsv.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1f0fa8.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\hmrg07\mssn.exe
[RESULTAT] Contient le cheval de Troie TR/Mail.Blen.GK
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a2310d8.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\hmrg09\mssn.exe
[RESULTAT] Contient le cheval de Troie TR/Mail.Blen.GN
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b849981.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\hmrg10\mssn.exe
[RESULTAT] Contient le cheval de Troie TR/Mail.Blen.GQ
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a2310da.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\hmunmlcn60\svhost.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.iob
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1810dc.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\hmunmlcn61\svhost.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.iob
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bbf9985.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\hmunmlcn66\svchost.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.iob
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1310dd.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\hmunmlcn69\svchost.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.iob
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bb49986.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\hmunmlcn70\svchost.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.iob
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1310df.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\hmunmlcn74\svchost.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.iob
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1310de.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk35\mdmm.exe
[RESULTAT] Contient le cheval de Troie TR/Downloader.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1d10cc.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk36\mdmm.exe
[RESULTAT] Contient le cheval de Troie TR/Downloader.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1d10cd.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk37\mdmm.exe
[RESULTAT] Contient le cheval de Troie TR/Downloader.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bba9996.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk38\mdmm.exe
[RESULTAT] Contient le cheval de Troie TR/Downloader.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1d10cf.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\msvrf07\winlogon.exe
[RESULTAT] Contient le cheval de Troie TR/Mail.Blen.GU
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1e10d3.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\yinprs02\ctfmon.exe
[RESULTAT] Contient le cheval de Troie TR/Zapchast.SL
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1610df.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\yinprs03\ctfmon.exe
[RESULTAT] Contient le cheval de Troie TR/Zapchast.SQ
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bb199b8.qua' !
C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\yunml08\winlogon.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.iob
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1e10d4.qua' !
C:\Program Files\Navilog1\catchme.exe
--> Object
[1] Type d'archive: RSRC
--> Object
[RESULTAT] Contient le cheval de Troie TR/Injector.E
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a241a06.qua' !
C:\WINDOWS\dllhst3g.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1c1c18.qua' !
C:\WINDOWS\logman.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a171c1e.qua' !
C:\WINDOWS\system\esentutl.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a151e7b.qua' !
C:\WINDOWS\system\mstsc.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a241e7c.qua' !
C:\WINDOWS\system32\cmesys.exe
[RESULTAT] Contient le cheval de Troie TR/ATRAPS.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a151e86.qua' !
C:\WINDOWS\system32\winupgro.exe
[RESULTAT] Contient le cheval de Troie TR/Small.3588.A
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1e1ee4.qua' !
C:\WINDOWS\system32\drivers\atapi.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\WINDOWS\system32\drivers\mqtgsvc.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a241f20.qua' !
C:\WINDOWS\system32\drivers\rsvp.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a261f25.qua' !
C:\WINDOWS\system32\drivers\spoolsv.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.77824
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1f1f23.qua' !
C:\WINDOWS\system32\drivers\sptd.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\WINDOWS\system32\drivers\sptd6733.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
Recherche débutant dans 'D:\'
Impossible d'ouvrir le chemin à contrôler D:\ !
Erreur système [21]: Le périphérique n'est pas prêt.
Recherche débutant dans 'E:\'
Impossible d'ouvrir le chemin à contrôler E:\ !
Erreur système [21]: Le périphérique n'est pas prêt.


Fin de la recherche : 2009-03-05 19:50
Temps nécessaire: 1:24:24 Heure(s)

La recherche a été effectuée intégralement

10302 Les répertoires ont été contrôlés
605093 Des fichiers ont été contrôlés
45 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
44 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
4 Impossible de contrôler des fichiers
605044 Fichiers non infectés
10774 Les archives ont été contrôlées
4 Avertissements
44 Consignes

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Logfile of random's system information tool 1.05 (written by random/random)
Run by packard bell at 2009-03-05 20:12:21
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 17 GB (24%) free of 72 GB
Total RAM: 991 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12, on 2009-03-05
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NDAS\System\ndassvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\drivers\STDSB.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\drivers\Icon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SimpleComm\ngssc.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\packard bell\Bureau\RSIT.exe
C:\Documents and Settings\packard bell\Bureau\packard bell.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = Download Directory
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe
F3 - REG:win.ini: load=C:\WINDOWS\System\mqtgsvc.exe
O2 - BHO: (no name) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA AntiVirus Trial\Webfilter\AVKWebIE.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA AntiVirus Trial\Webfilter\AVKWebIE.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\system32\drivers\STDSB.exe
O4 - HKLM\..\Run: [pdfFactory Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /runonce
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SimpleComm] "C:\Program Files\SimpleComm\ngssc.exe" /min
O4 - HKCU\..\Policies\Explorer\Run: [Esent Utl] C:\WINDOWS\System32\drivers\esentutl.exe /waitservice
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Cisvc] C:\WINDOWS\System32\drivers\cisvc.exe /waitservice (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Cisvc] C:\WINDOWS\System32\drivers\cisvc.exe /waitservice (User 'Default user')
O8 - Extra context menu item: &Search - ?p=ZN
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: (no name) - {12345678-1234-1234-1234-1234567890AB} - (no file)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-59e0dee40af6b6c8.spaces.live.com/PhotoUpload...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://config.zebulon.fr/plugins/hardwaredetection.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728AxD-ckvrPc0A/e...
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://camera1.mairie-brest.fr/activex/AMC.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinde...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: NDAS Service (ndassvc) - XIMETA, Inc. - C:\Program Files\NDAS\System\ndassvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 15280 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\HDReg.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{556B0FF1-72E7-4AD5-BE4A-21E1051FDB7B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
G DATA WebFilter - C:\Program Files\G DATA AntiVirus Trial\Webfilter\AVKWebIE.dll [2007-10-22 652872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-14 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-11 1443112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E}]
SnapFlash Class - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll [2006-03-16 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0124123D-61B4-456f-AF86-78C53A0790C5} - G DATA WebFilter - C:\Program Files\G DATA AntiVirus Trial\Webfilter\AVKWebIE.dll [2007-10-22 652872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2003-10-02 155648]
"STDSB"=C:\WINDOWS\system32\drivers\STDSB.exe [2003-12-17 28672]
"pdfFactory Dispatcher v2"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe [2004-12-20 458752]
"USBToolTip"=C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [2004-04-23 192512]
"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"USB2Check"=C:\WINDOWS\system32\PCLECoInst.dll [2004-04-06 61440]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-03-27 53248]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-03-27 110592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-03-27 634880]
"Icon"=C:\WINDOWS\system32\drivers\Icon.exe [2004-04-16 217088]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2008-03-04 999424]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2008-03-04 1101824]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"SimpleComm"=C:\Program Files\SimpleComm\ngssc.exe [2004-05-08 1216512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Esent Utl"=C:\WINDOWS\System32\drivers\esentutl.exe /waitservice []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-10-02 319488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
C:\WINDOWS\system32\WRLogonNTF.dll [2006-01-25 492544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-05 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll [2009-01-15 10963968]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:*:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe:*:Enabled:FileZilla"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Philips\WADM\WADM.exe"="C:\Program Files\Philips\WADM\WADM.exe:*:Enabled:WADM Application"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Jeux\[ PC Games ] - Age of Empires II(FULL)\empires2.EXE"="C:\Jeux\[ PC Games ] - Age of Empires II(FULL)\empires2.EXE:*:Enabled:Age of Empires II"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Philips\Media Manager\Philips Media Manager.exe"="C:\Program Files\Philips\Media Manager\Philips Media Manager.exe:*:Enabled hilips Media Management for your Media Devices"
"C:\Program Files\EA Games\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA Games\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\SimpleComm\ngssc.exe"="C:\Program Files\SimpleComm\ngssc.exe:*:Enabled:ngssc"
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk33\mdmm.exe"="C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk33\mdmm.exe:* isabled:mdmm"
"C:\Msn\Mood\mcoviewer1.2.exe"="C:\Msn\Mood\mcoviewer1.2.exe:*:Enabled:mcoviewer1.2"
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk34\mdmm.exe"="C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk34\mdmm.exe:* isabled:mdmm"
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk35\mdmm.exe"="C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk35\mdmm.exe:*:Enabled:mdmm"
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk36\mdmm.exe"="C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk36\mdmm.exe:* isabled:mdmm"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk37\mdmm.exe"="C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk37\mdmm.exe:* isabled:mdmm"
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk38\mdmm.exe"="C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk38\mdmm.exe:* isabled:mdmm"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-03-12 23:16:47 ----D---- C:\Documents and Settings\packard bell\Application Data\Daoisoft
2009-03-12 16:05:22 ----D---- C:\WINDOWS\ie8updates
2009-03-12 15:57:26 ----HDC---- C:\WINDOWS\ie8
2009-03-12 15:38:23 ----D---- C:\Documents and Settings\packard bell\Application Data\MiniDm
2009-03-12 15:38:10 ----D---- C:\Documents and Settings\packard bell\Application Data\IEPro
2009-03-05 18:13:02 ----D---- C:\Program Files\Avira
2009-03-05 14:09:53 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-27 22:50:22 ----D---- C:\Documents and Settings\packard bell\Application Data\Avant Profiles
2009-02-26 14:40:27 ----D---- C:\Program Files\iPod
2009-02-26 14:40:22 ----D---- C:\Program Files\iTunes
2009-02-26 14:40:22 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-26 14:39:59 ----D---- C:\Program Files\Bonjour
2009-02-26 14:39:04 ----D---- C:\Program Files\QuickTime
2009-02-26 14:38:34 ----D---- C:\Program Files\Apple Software Update
2009-02-26 14:37:47 ----D---- C:\Program Files\Fichiers communs\Apple
2009-02-26 14:37:47 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-02-26 13:46:23 ----D---- C:\Program Files\Primetime Podcast Receiver
2009-02-24 09:36:23 ----D---- C:\Program Files\trend micro
2009-02-24 09:36:22 ----D---- C:\rsit
2009-02-18 11:16:53 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2009-02-18 11:16:33 ----D---- C:\Program Files\NCH Software
2009-02-18 11:16:31 ----D---- C:\Program Files\NCH Swift Sound
2009-02-18 11:16:30 ----D---- C:\Documents and Settings\packard bell\Application Data\NCH Swift Sound
2009-02-11 23:44:00 ----D---- C:\Program Files\FlashGet Network
2009-02-06 18:52:40 ----A---- C:\WINDOWS\system32\sirenacm.dll

======List of files/folders modified in the last 1 months======

2009-03-13 00:21:07 ----D---- C:\WINDOWS\Debug
2009-03-12 23:44:32 ----D---- C:\Program Files\DPR
2009-03-12 23:42:54 ----D---- C:\Images CD
2009-03-12 23:39:07 ----D---- C:\Program Files\Wise Registry Cleaner 3
2009-03-12 23:37:38 ----D---- C:\Program Files\AxBx
2009-03-12 23:30:36 ----D---- C:\WINDOWS\Help
2009-03-12 23:16:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-12 23:13:23 ----D---- C:\WINDOWS\WinSxS
2009-03-12 22:33:12 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-12 21:03:08 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-12 16:08:29 ----D---- C:\WINDOWS\system32\fr-fr
2009-03-12 16:08:27 ----D---- C:\WINDOWS\Media
2009-03-12 16:08:26 ----D---- C:\Program Files\Internet Explorer
2009-03-12 16:04:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-05 20:07:33 ----D---- C:\WINDOWS\TEMP
2009-03-05 19:49:23 ----HD---- C:\WINDOWS\system32\drivers
2009-03-05 19:48:27 ----D---- C:\WINDOWS\system32
2009-03-05 19:46:33 ----D---- C:\WINDOWS\system
2009-03-05 19:36:31 ----D---- C:\WINDOWS
2009-03-05 19:27:49 ----D---- C:\Program Files\Navilog1
2009-03-05 18:40:28 ----SD---- C:\Documents and Settings\packard bell\Application Data\Microsoft
2009-03-05 18:26:03 ----D---- C:\WINDOWS\PREFETCH
2009-03-05 18:17:15 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-05 18:13:02 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-03-05 18:13:02 ----AD---- C:\Program Files
2009-03-05 18:07:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-05 14:20:11 ----AH---- C:\BOOT.INI
2009-03-05 14:11:03 ----SHD---- C:\RECYCLER
2009-03-05 11:54:34 ----D---- C:\Program Files\Minilyrics
2009-03-01 20:58:02 ----D---- C:\Program Files\eMule
2009-02-26 14:41:37 ----SHD---- C:\WINDOWS\Installer
2009-02-26 14:41:37 ----D---- C:\Config.Msi
2009-02-26 14:41:19 ----HD---- C:\WINDOWS\inf
2009-02-26 14:41:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-26 14:38:59 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-02-26 14:37:47 ----D---- C:\Program Files\Fichiers communs
2009-02-26 14:13:34 ----D---- C:\Program Files\Juice
2009-02-26 13:42:13 ----SD---- C:\WINDOWS\Tasks
2009-02-24 09:59:18 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-22 14:56:18 ----D---- C:\Program Files\DOSBox-0.72
2009-02-21 10:10:14 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-02-18 17:46:35 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-18 17:46:01 ----D---- C:\WINDOWS\twain_32
2009-02-18 11:21:44 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-17 23:26:44 ----A---- C:\mpeg.txt
2009-02-13 10:26:05 ----RSD---- C:\WINDOWS\assembly
2009-02-13 10:26:05 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-11 23:18:32 ----D---- C:\Program Files\Anim-FX
2009-02-08 19:00:56 ----D---- C:\Program Files\Messenger Plus! Live
2009-02-07 18:23:37 ----D---- C:\Program Files\Amara - Flash Photo Animation Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Asapi;Asapi; C:\WINDOWS\system32\drivers\Asapi.sys [2002-08-06 11264]
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2005-10-01 2944]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2003-06-23 22848]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
R1 ndasfat;NDAS FAT File System Service; C:\WINDOWS\system32\DRIVERS\ndasfat.sys [2008-06-28 268008]
R1 ndasrofs;NDAS ROFS File System Service; C:\WINDOWS\system32\DRIVERS\ndasrofs.sys [2008-06-28 511592]
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2000-02-03 24608]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-10-07 80576]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-12-06 5632]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-20 21361]
R2 ASPI32;ASPI32; C:\WINDOWS\System32\drivers\aspi32.sys [2004-07-19 16512]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 MTC0003_STDSB;Scroll Bar Driver; C:\WINDOWS\system32\drivers\STDSB.sys [2003-12-15 11279]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-03-04 12288]
R2 SVKP;SVKP; \??\C:\WINDOWS\system32\SVKP.sys []
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-04-01 719052]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 fcdabus;fcdabus; C:\WINDOWS\system32\DRIVERS\fcdabus.sys [2003-08-07 10899]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-01-15 41984]
R3 fvdscsi;fvdscsi; C:\WINDOWS\system32\DRIVERS\fvdscsi.sys [2004-09-08 72478]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-10-08 93979]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-03-29 90464]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2003-02-06 210128]
R3 ndasbus;NDAS Bus Driver; C:\WINDOWS\system32\DRIVERS\ndasbus.sys [2008-06-28 135400]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2003-02-05 506912]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2003-01-17 39348]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2008-01-07 2216064]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-05-13 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-05-13 44384]
S1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S1 sK9Ou0s;sK9Ou0s; \??\C:\Documents and Settings\packard bell\Application Data\drivers\srosa2.sys []
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
S2 asc3550p;asc3550p; C:\WINDOWS\system32\drivers\asc3550p.sys []
S2 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
S2 STDSB;STDSB; C:\WINDOWS\System32\DRIVERS\STDSB.sys [2003-12-15 11279]
S2 VirtualCam;VirtualCamera; C:\WINDOWS\system32\DRIVERS\VirtualCam.sys [2004-11-25 192512]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 AX88172;ASIX AX88172 USB2 to Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\ax88172.sys [2003-05-26 11264]
S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-05 71552]
S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-05 71552]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
S3 CA504AV;TRUST 500 SPYC@M,WDM Video Capture; C:\WINDOWS\System32\Drivers\CA504AV.SYS []
S3 catchme;catchme; \??\C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 DCamUSBEMPIA;Dazzle DVC90 Video Device; C:\WINDOWS\system32\DRIVERS\emDevice.sys [2004-04-06 100957]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-30 223128]
S3 emAudio;Dazzle DVC90 Audio Device; C:\WINDOWS\system32\drivers\emAudio.sys [2004-05-05 19584]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2007-07-19 22296]
S3 FiltUSBEMPIA;USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\emFilter.sys [2004-04-06 5245]
S3 GDMnIcpt;GDMnIcpt; \??\C:\WINDOWS\system32\drivers\MiniIcpt.sys []
S3 HookCentre;HookCentre; \??\C:\WINDOWS\system32\drivers\HookCentre.sys []
S3 iMSPQMn;iMSPQMn; \??\C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\iMSPQMn.sys []
S3 k600bus;Sony Ericsson 600i driver (WDM); C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 77072]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-07-19 2109592]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-19 2142488]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2007-07-19 1920920]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-07-19 41752]
S3 LVUVC;QuickCam Pro for Notebooks(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-07-19 3599000]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2003-02-06 1290760]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2009-02-18 27136]
S3 ndasscsi;NDAS SCSI Miniport Driver; C:\WINDOWS\system32\DRIVERS\ndasscsi.sys [2008-06-28 362600]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-05 40320]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys []
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2003-02-05 162136]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2004-06-03 20352]
S3 PTV332;DualTV USB; C:\WINDOWS\SYSTEM32\DRIVERS\PTV332.SYS [2005-11-02 228992]
S3 RecAgent;recagent; \??\C:\WINDOWS\system32\DRIVERS\RecAgent.sys []
S3 ScanUSBEMPIA;USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\emScan.sys [2004-04-06 4493]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2002-04-09 39552]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2003-02-17 85552]
S3 SQTECH905C;DaulCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2004-12-08 32123]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 Sunplus;TRUST 500 SPYC@M Still Image Capture, Sunplus Version 1.00; C:\WINDOWS\System32\Drivers\Bulk504.sys []
S3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2003-03-27 268784]
S3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-05 12416]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 w22n51;Pilote Intel(R) PRO/Wireless 2200 Adapter pour Windows XP; C:\WINDOWS\system32\DRIVERS\w22n51.sys [2004-06-24 3147776]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2003-09-01 104064]
S3 Wdm1;USB Bridge Cable Driver; C:\WINDOWS\System32\Drivers\usbbc.sys [2001-01-08 15576]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-05-13 21440]
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2004-05-13 14720]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-05-13 5600]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2000-06-29 52224]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2008-03-04 823296]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-19 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-19 137752]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 ndassvc;NDAS Service; C:\Program Files\NDAS\System\ndassvc.exe [2008-06-28 275944]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2008-03-04 483328]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2008-03-04 1187840]
R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-24 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-01-24 611664]
S2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-05 268800]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-19 141848]
S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-01-08 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2006-05-09 72704]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-10-14 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-05-14 86016]
S4 AVKProxy;G DATA AntiVirus Proxy; C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe [2009-01-24 718408]
S4 AVKWCtl;Gardien d'AntiVirus; C:\Program Files\G DATA AntiVirus Trial\AVK\AVKWCtl.exe [2009-01-24 1091144]

-----------------EOF-----------------



info.txt logfile of random's system information tool 1.05 2009-03-05 20:12:32

======Uninstall list======

-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{09B44E78-A988-4BC0-962F-63ECD3333708} /l1036
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\SETUP.EXE" -uninstall
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 2.0-->MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}
Adobe Reader 6.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-000000000001}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Ahead InCD EasyWrite Reader-->C:\WINDOWS\unmrw.exe /UNINSTALL
Amara - Flash Intro and Banner Builder-->"C:\Program Files\Amara - Flash Intro and Banner Builder\uninstall.exe"
Amara - Flash News Ticker Builder-->C:\Program Files\Amara - Flash News Ticker Builder\uninstall.exe
Amara - Flash Photo Animation Software-->C:\Program Files\Amara - Flash Photo Animation Software\uninstall.exe
Amara - Flash Slideshow Builder-->C:\Program Files\Amara - Flash Slideshow Builder\uninstall.exe
Anim-FX-->C:\Program Files\Anim-FX\uninstall.exe
APLI Master-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{817CFA0D-7B98-45CD-AFCE-D87C60F5B8AE}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
AVIcodec (remove only)-->"C:\Program Files\AVIcodec\uninst.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
AXIS Media Control Embedded-->rundll32 "C:\Program Files\Axis Communications\AXIS Media Control Embedded\AxisMediaControlEmb.dll",UninstallMe
Bibliothèques GTK+ 2.10.11 rev b (supprimer uniquement)-->C:\Program Files\Fichiers communs\GTK\2.0\uninst.exe
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}\Setup.exe" -l0x40c Brunin03.dllBrunin03.dll
CartoExploreur 3 3.02-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{1A0FF86F-2BF6-48B7-B7CE-1937F1727B2D}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Client Windows Rights Management-->MsiExec.exe /X{6FDC80E2-C818-4EDA-93DB-453490DE2907}
C-Map PCMCIA and USB drivers-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{98C61F22-8B4F-416E-A4BF-54FCC10509E0}
CoreAAC Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreAAC-uninstall.exe"
CoreVorbis Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreVorbis-uninstall.exe"
CUE Splitter-->MsiExec.exe /I{12B60D3B-90B4-4175-BB90-FCE19ACD9B02}
dBpoweramp [Calculate Audio CRC] Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.dat
dBpoweramp DirectShow Decoder-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp DirectShow Decoder.dat
dBpoweramp FLAC Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat
dBpoweramp m4a Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp m4a Codec.dat
dBpoweramp Monkeys Audio Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat
dBpoweramp Mp2 and BwfMp2 codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Mp2 and BwfMp2 codec.dat
dBpoweramp mp3 (Fraunhofer IIS) Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp mp3 (Fraunhofer IIS) Codec.dat
dBpoweramp Musepack Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Musepack Codec.dat
dBpoweramp Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
dBpoweramp Ogg Vorbis Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
dBpoweramp OptimFROG Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp OptimFROG Codec.dat
dBpoweramp Real Audio (Helix) Encoder-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Real Audio (Helix) Encoder.dat
dBpoweramp WavPack Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp WavPack Codec.dat
dBpoweramp Windows Media Audio 10 Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
Dictionnaire du patrimoine rennais-->C:\Program Files\DPR\DPR_uninst.exe
Direct Show Ogg Vorbis Filter (remove only)-->"C:\WINDOWS\system32\OggDSuninst.exe"
Directory Lister v0.9-->"C:\Program Files\Directory Lister\unins000.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
Dream Flashsee v1.3-->"c:\Program Files\Directory Lister\unins000.exe"
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
EasyCleaner-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9
eMule-->"C:\Program Files\eMule\Uninstall.exe"
encodeur Real Video Producer-->C:\Program Files\Ripp-it_AM\PRODUCER_Uninstal.exe
Exact Audio Copy 0.95b4-->C:\Program Files\Exact Audio Copy\uninst.exe
Extension Système de Microsoft Money-->MsiExec.exe /X{8C64E13E-54BA-11D6-91B1-00500462BE80}
FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe"
Flash Catcher-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C6B728E-31B1-48B3-99B5-6B6BB85BC896}\setup.exe"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Free CD Ripper V 1.6-->"C:\Program Files\Free Audio Pack\Free CD Ripper\unins000.exe"
Free Video to Mp3 Converter version 2.7-->"C:\Program Files\DVDVIDEOSOFT\Free Video to Mp3 Converter\unins000.exe"
GEAR 32bit Driver Installer-->MsiExec.exe /X{E89B484C-B913-49A0-959B-89E836001658}
GetPDF Encryptor Decryptor 2.00-->"C:\Program Files\GetPDF Encryptor Decryptor\unins000.exe"
GetPDF Splitter Merger 2.01-->"C:\Program Files\GetPDF Splitter Merger\unins000.exe"
GSpot Codec Information Appliance-->C:\Program Files\GSpot\Uninstall.exe
Haali Media Splitter-->"C:\Program Files\Matroska Pack\haali\uninstall.exe"
Heredis 8-->C:\WINDOWS\unvise32.exe C:\Program Files\Heredis 8\uninstal.log
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
IBEAD Multi Player-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71E4EF4D-B65D-430A-86DF-4D13AB6C581B}\Setup.exe" -l0x9
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Language pack for Ad-Aware SE-->C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\Langs\INSTALL.LOG
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lesaccros2.com - Service Photo-->"C:\Program Files\Lesaccros2-Service Photo\Lesaccros2.com - Service Photo\uninstall.exe"
Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
Logitech Gaming Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{648F9C94-EC44-487B-9DA4-44ED72A082CC}\setup.exe" -l0x40c
Logitech QuickCam-->MsiExec.exe /X{364EC092-93CF-4DDC-9D7A-7278452028E0}
Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Magic Flare 1.0-->C:\WINDOWS\iun506.exe C:\Program Files\Magic Flare\irunin.ini
Matroska Pack-->C:\Program Files\Matroska Pack\uninstall.exe
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mediaRECOVER-->C:\PROGRA~1\MEDIAR~1\UNWISE.EXE C:\PROGRA~1\MEDIAR~1\INSTALL.LOG
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Money-->MsiExec.exe /X{1D643CDB-4DD6-11D7-A4E0-000874180BB3}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Minilyrics(remove only)-->"C:\Program Files\Minilyrics\uninst-ml.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB961813)-->"C:\WINDOWS\ie8updates\KB961813-IE8\spuninst\spuninst.exe"
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
MKVtoolnix 2.0.2-1-->C:\Program Files\MKVtoolnix\uninst.exe
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Monkey's Audio-->"C:\Program Files\Monkey's Audio\unins000.exe"
Mp3tag v2.35-->C:\Program Files\Mp3tag\Mp3tagUninstall.EXE
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
MyDsc2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83D96ED0-98AA-4515-8DDC-816F3EFDD104}\Setup.exe" -l0x40c
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Navilog1 3.3.4-->"C:\Program Files\Navilog1\unins000.exe"
NDAS Software 3.30.1602-r11613-->MsiExec.exe /I{CE84C180-E0A7-4B64-A661-4C397E11F03E}
Need For Speed - Porsche 2000 (Enhanced)-->C:\PROGRA~1\ELECTR~1\NEEDFO~1\Enhanced\UNWISE.EXE /R /U C:\PROGRA~1\ELECTR~1\NEEDFO~1\Enhanced\INSTALL.LOG
Need For Speed Hot Pursuit 2-->C:\Program Files\EA Games\Need For Speed Hot Pursuit 2\EAUninstall.exe
Need for Speed Underground 2-->C:\Program Files\EA GAMES\Need for Speed Underground 2\EAUninstall.exe
On2 VP7 Personal Edition-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD0DDC9E-2ED4-44DD-B461-0EFC126813A0}\Setup.exe" -l0x9
OpenTTD 0.5.3-->C:\Program Files\OpenTTD\uninstall.exe
Outil de téléchargement Windows Live SkyDrive-->MsiExec.exe /I{2FD177C0-A752-11DC-8314-0800200C9A66}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Packard Bell InfoCentre-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B04AC0A3-7A0F-4E38-9DE7-FD1E4CE47D8C}\setup.exe"
Paint Shop Pro 7 Try And Buy-->MsiExec.exe /I{D6DE02C7-1F47-11D4-9515-00105AE4B89A}
PaperPort-->MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064}
PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
pdfFactory-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppinst2.exe /uninstall
Philips Media Manager 3.3.12.0004-->C:\Program Files\Philips\Media Manager\uninstall.exe
Pochette Express 2-->C:\Program Files\Pochette Express 2\uninstall.exe
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime Alternative 1.78-->"C:\Program Files\QuickTime Alternative\unins000.exe"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
QVGDM Seconde Edition-->MsiExec.exe /I{735D1B9F-A9A4-4FF2-A830-96C150883B97}
Real Alternative 1.36-->"C:\Program Files\Real Alternative\unins000.exe"
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Réseau France Bayo 0003-Q0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{B4C69248-E01C-4C6D-9C0B-A02505625F96}
Réseau France Bayo-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{740266CC-C5AA-4346-B3D9-21CE14EF08A0}
Réseau France BdAlti-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{B13FE5B5-A0DF-4700-9AB4-8C94C38BCFF3}
Réseau France BdNyme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{3250D35A-F0C7-44E4-A12C-2D810F468090}
Ri4m v4.0.2c-->C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Ri4m v4.2c-->C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Ri4m v5.0.1d-->C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Ripp-It Codec Pack v 4.2.6-->C:\Program Files\Ripp-It Codec Pack\uninst.exe
RM to MP3 Converter 1.42-->"C:\Program Files\RM to MP3 Converter\unins000.exe"
SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Softwar

Télécharge FindyKill (par Chiquitine29) sur ton Bureau.

Lance l'installation avec les paramètres par défaut.

Double-clique sur le raccourci FindyKill sur ton Bureau.

Choisis F pour Français.

Au menu principal, choisis l'option 1 (Recherche).

Poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

ok, merci tu es sympa  


############################## [ FindyKill V4.718 ]

# User : packard bell (Administrateurs) # CALIMERO
# Update on 01/03/09
# Start at: 20:28:06 | 2009-03-05

# Intel(R) Pentium(R) M processor 1.60GHz
# Microsoft Windows XP dition familiale (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 8.0.6001.18372
# Windows Firewall Status : Enabled
# AV : Avira AntiVir PersonalEdition Classic 8.0.1.30 [ Enabled | Updated ]

# C:\ # Disque fixe local # 70.51 Go (16.81 Go free) [HDD] # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NDAS\System\ndassvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\drivers\STDSB.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\drivers\Icon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Fichiers / Dossiers infectieux C:\ ]

Found ! - "C:\Muestras"
Found ! - C:\InfoSat.txt

################## [ C:\WINDOWS ]


################## [ C:\WINDOWS\system32 ]

Found ! - C:\WINDOWS\system32\a.bat

################## [ C:\WINDOWS\system32\drivers ]


################## [ C:\.. Application Data ... ]

Found ! - "C:\Documents and Settings\packard bell\Application Data\m"
Found ! - "C:\Documents and Settings\packard bell\Application Data\drivers"

################## [ Registre / Clés infectieuses ]

Found ! - HKEY_USERS\S-1-5-21-968804372-2676126122-695425893-1008\Software\EWZ
Found ! - HKEY_USERS\S-1-5-21-968804372-2676126122-695425893-1008\Software\MuleAppData
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_CURRENT_USER\Software\EWZ


################## [ Recherche dans supports amovibles]

# Presence des fichiers :


################## [ Registre / Mountpoint2 ]

# -> Not found !

################## [ ! Fin du rapport # FindyKill V4.718 ! ]

Tu as des traces de l'infection Bagle.

Double-clique sur le raccourci FindyKill sur ton Bureau.

Au menu principal, choisis l'option 2 (Suppression).

/!\ Il y aura un redémarrage, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

Ensuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

############################## [ FindyKill V4.718 ]

# User : packard bell (Administrateurs) # CALIMERO
# Update on 01/03/09
# Start at: 20:43:49 | 2009-03-05

# Intel(R) Pentium(R) M processor 1.60GHz
# Microsoft Windows XP dition familiale (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 8.0.6001.18372
# Windows Firewall Status : Enabled
# AV : Avira AntiVir PersonalEdition Classic 8.0.1.30 [ Enabled | Updated ]

# C:\ # Disque fixe local # 70.51 Go (16.81 Go free) [HDD] # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM

############################## [ Active Processes ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NDAS\System\ndassvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\drivers\STDSB.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\drivers\Icon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Infected Files / Folders C:\ ]

Deleted ! - "C:\Muestras"
Deleted ! - C:\InfoSat.txt

################## [ C:\WINDOWS ]


################## [ C:\WINDOWS\system32 ]

Deleted ! - C:\WINDOWS\system32\a.bat

################## [ C:\WINDOWS\system32\drivers ]


################## [ C:\.. Application Data ... ]

Deleted ! - "C:\Documents and Settings\packard bell\Application Data\m"
Deleted ! - "C:\Documents and Settings\packard bell\Application Data\drivers"

################## [ Registry / Infected keys ]

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_CURRENT_USER\Software\EWZ
Deleted ! - HKEY_USERS\S-1-5-21-968804372-2676126122-695425893-1008\Software\MuleAppData

################## [ Cleaning Removable drives ]

# Deleting files :


################## [ Registry / Mountpoint2 ]

# -> Not found !

################## [ Searching Other Infections ]


################## [ PEH Corrupted ]

C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
C:\Program Files\G DATA AntiVirus Trial\AVK\AVKWCtl.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
C:\WINDOWS\SoftwareDistribution\Download\f62d894ba3692ff3f1b909b8eb2244c8\update\update.exe

################## [ ! End of Report # FindyKill V4.718 ! ]

Désinstalle FindyKill.

Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.

Double-clique sur OTMoveIt3.exe afin de le lancer.

Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:files
C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
C:\Program Files\G DATA AntiVirus Trial\AVK\AVKWCtl.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
C:\WINDOWS\SoftwareDistribution\Download\f62d894ba3692ff3f1b909b8eb2244c8\update\update.exe

:commands
[purity]
[emptytemp]
[reboot]

Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\AVKWCtl.exe moved successfully.
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe moved successfully.
C:\WINDOWS\$hf_mig$\KB890859\update\update.exe moved successfully.
C:\WINDOWS\$hf_mig$\KB941202\update\update.exe moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\f62d894ba3692ff3f1b909b8eb2244c8\update\update.exe moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\WCESLog.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF20A9.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF5557.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF556B.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF5603.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF5617.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF83CC.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF8D97.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_3c8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03062009_095822

Files moved on Reboot...
C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\WCESLog.log moved successfully.
File C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF20A9.tmp not found!
File C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF5557.tmp not found!
File C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF556B.tmp not found!
File C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF5603.tmp not found!
File C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF5617.tmp not found!
C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF83CC.tmp moved successfully.
File C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF8D97.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_3c8.dat not found!

Toujours MERCI  

Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).

Double-clique sur le raccourci d'Ad-Remover situé sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)

Au menu principal, choisis l'option A.

Poste le rapport qui apparaît à la fin (C:\Ad-report(date).log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.

------- LOGFILE OF AD-REMOVER 1.1.1.5 | ONLY XP/VISTA -------

Updated by C_XX on 25/02/2009 at 20:30

Start at: 14:13:49 | 2009-03-06 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
Computer Name: CALIMERO
Current User: packard bell - Administrator
Drive(s):
- C:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 59

+-----------------| Boonty/Boonty Games Elements Found:

Service: Boonty Games
.
HKLM\Software\Boonty
HKLM\System\ControlSet002\Enum\Root\LEGACY_BOONTY_GAMES
HKLM\System\ControlSet002\Services\Boonty Games
HKLM\System\CurrentControlSet\Services\Boonty Games
HKLM\System\ControlSet003\Services\Boonty Games
.
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Documents and Settings\All Users\Application Data\BOONTY

+-----------------| Eorezo Elements Found:

.

+-----------------| Infected Poker Softwares Elements Found:

.
C:\WINDOWS\gvcasinos.ini

+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:

.
HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}
HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}
.

+-----------------| It's TV Elements Found:

.

+-----------------| Sweetim Elements Found:

HKCU\Software\SWEETIE
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Macrogaming
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\Program Files\Macrogaming

+-----------------| Other Adwares Found:

.
HKLM\Software\Trymedia Systems
.

+-----------------| Added Scan:

---- Mozilla FireFox Version 3.0.7 ----

ProfilePath: v5fng1l3.default
.
.
.
.
.
.

---- Internet Explorer Version 8.0.6001.18372 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.google.fr/

+-[HKEY_USERS\S-1-5-21-968804372-2676126122-695425893-1008\..\Internet Explorer\Main]

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.google.fr/

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

[~4226 Bytes] - C:\Ad-Report-Scan-20.9-.3-06.log

- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 14:20:54 | 2009-03-06
.
+-----------------| E.O.F - 85 Lines
.

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

Double-clique sur le raccourci d'Ad-Remover pour le lancer.
(Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)

Au menu principal, choisis l'option B.

Coche A à l'écran de sélection :

Puis choisis S, le programme va travailler.

Poste le rapport qui apparaît à la fin (C:\Ad-report.log).

/!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide /!\

------- LOGFILE OF AD-REMOVER 1.1.1.5 | ONLY XP/VISTA -------

Updated by C_XX on 25/02/2009 at 20:30

*** LIMITED TO ***

Boonty/BoontyGames
Eorezo
Infected Poker Softwares
FunWebProduct/MyWay/MyWebSearch
It's TV
Sweetim
Other Adwares

******************

Start at: 16:38:23 | 2009-03-06 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
Computer Name: CALIMERO
Current User: packard bell - Administrator
Drive(s):
- C:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 56

(!) ---- IE start pages/Tabs reset

+--------------------| Boonty/Boonty Games Elements Deleted :

Service: "Boonty Games"
.
HKLM\Software\Boonty
HKLM\System\ControlSet002\Enum\Root\LEGACY_BOONTY_GAMES
HKLM\System\ControlSet002\Services\Boonty Games
.
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Documents and Settings\All Users\Application Data\BOONTY

+-----------------| Eorezo Elements Deleted :

.

+-----------------| Infected Poker Softwares Elements Deleted :

.
C:\WINDOWS\gvcasinos.ini

+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Deleted :

.
HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}
HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}
.

+-----------------| It's TV Elements Deleted :

.

+-----------------| Sweetim Elements Deleted :

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCU\Software\SWEETIE
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\Program Files\Macrogaming

+-----------------| Other Adwares Deleted:

.
HKLM\Software\Trymedia Systems
.

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


+-----------------| Added Scan :

---- Mozilla FireFox Version 3.0.7 ----

ProfilePath: v5fng1l3.default
.
.
.
.
.
.

---- Internet Explorer Version 8.0.6001.18372 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...

+-[HKEY_USERS\S-1-5-21-968804372-2676126122-695425893-1008\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://fr.msn.com/

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

[~4880 Bytes] - C:\Ad-Report-Clean-20.9-.3-06.log
[~4447 Bytes] - C:\Ad-Report-Scan-20.9-.3-06.log

- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE

End at: 16:45:29 | 2009-03-06
.
+-----------------| E.O.F - 100 Lines
.

1/

Désinstalle les programmes suivants :
- Ad-Remover
- J2SE Runtime Environment 5.0 Update 10
- J2SE Runtime Environment 5.0 Update 11
- J2SE Runtime Environment 5.0 Update 5
- J2SE Runtime Environment 5.0 Update 6
- J2SE Runtime Environment 5.0 Update 9
- Java 2 Runtime Environment, SE v1.4.2_05
- Java 6 Update 11
- Java 6 Update 3
- Java 6 Update 5
- Java 6 Update 7

Mets à jour Java.

Mets à jour Adobe Reader.


2/

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.

Double-clique sur le fichier téléchargé pour lancer le processus d'installation.

Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.

Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.

Sélectionne Exécuter un examen rapide.

Clique sur Rechercher.

L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

Ferme tes navigateurs.

Si des malwares ont été détectés, clique sur Afficher les résultats.

Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1824
Windows 5.1.2600 Service Pack 2

2009-03-06 18:21:33
mbam-log-2009-03-06 (18-21-33).txt

Type de recherche: Examen rapide
Eléments examinés: 76092
Temps écoulé: 7 minute(s), 46 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} (Adware.Need2Find) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asc3550p (Rootkit.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully.

Relance MBAM, va dans Quarantaine et supprime tout.

Refais un scan RSIT et poste le rapport log.

Logfile of random's system information tool 1.05 (written by random/random)
Run by packard bell at 2009-03-06 18:39:23
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 18 GB (25%) free of 72 GB
Total RAM: 991 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:39, on 2009-03-06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NDAS\System\ndassvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\drivers\STDSB.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\drivers\Icon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SimpleComm\ngssc.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\packard bell\Bureau\RSIT.exe
C:\Documents and Settings\packard bell\Bureau\packard bell.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = Download Directory
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe
F3 - REG:win.ini: load=C:\WINDOWS\System\mqtgsvc.exe
O2 - BHO: (no name) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA AntiVirus Trial\Webfilter\AVKWebIE.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA AntiVirus Trial\Webfilter\AVKWebIE.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\system32\drivers\STDSB.exe
O4 - HKLM\..\Run: [pdfFactory Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /runonce
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SimpleComm] "C:\Program Files\SimpleComm\ngssc.exe" /min
O4 - HKCU\..\Policies\Explorer\Run: [Esent Utl] C:\WINDOWS\System32\drivers\esentutl.exe /waitservice
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Cisvc] C:\WINDOWS\System32\drivers\cisvc.exe /waitservice (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Cisvc] C:\WINDOWS\System32\drivers\cisvc.exe /waitservice (User 'Default user')
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: (no name) - {12345678-1234-1234-1234-1234567890AB} - (no file)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-59e0dee40af6b6c8.spaces.live.com/PhotoUpload...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://config.zebulon.fr/plugins/hardwaredetection.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jin...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728AxD-ckvrPc0A/e...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrob...
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://camera1.mairie-brest.fr/activex/AMC.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinde...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: NDAS Service (ndassvc) - XIMETA, Inc. - C:\Program Files\NDAS\System\ndassvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 15153 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\HDReg.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{556B0FF1-72E7-4AD5-BE4A-21E1051FDB7B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
G DATA WebFilter - C:\Program Files\G DATA AntiVirus Trial\Webfilter\AVKWebIE.dll [2007-10-22 652872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-11 1443112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E}]
SnapFlash Class - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll [2006-03-16 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-06 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-06 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0124123D-61B4-456f-AF86-78C53A0790C5} - G DATA WebFilter - C:\Program Files\G DATA AntiVirus Trial\Webfilter\AVKWebIE.dll [2007-10-22 652872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2003-10-02 155648]
"STDSB"=C:\WINDOWS\system32\drivers\STDSB.exe [2003-12-17 28672]
"pdfFactory Dispatcher v2"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe [2004-12-20 458752]
"USBToolTip"=C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [2004-04-23 192512]
"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"USB2Check"=C:\WINDOWS\system32\PCLECoInst.dll [2004-04-06 61440]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-03-27 53248]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-03-27 110592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-03-27 634880]
"Icon"=C:\WINDOWS\system32\drivers\Icon.exe [2004-04-16 217088]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2008-03-04 999424]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2008-03-04 1101824]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-06 148888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"SimpleComm"=C:\Program Files\SimpleComm\ngssc.exe [2004-05-08 1216512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Esent Utl"=C:\WINDOWS\System32\drivers\esentutl.exe /waitservice []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-10-02 319488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
C:\WINDOWS\system32\WRLogonNTF.dll [2006-01-25 492544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-05 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll [2009-01-15 10963968]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:*:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe:*:Enabled:FileZilla"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Philips\WADM\WADM.exe"="C:\Program Files\Philips\WADM\WADM.exe:*:Enabled:WADM Application"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Jeux\[ PC Games ] - Age of Empires II(FULL)\empires2.EXE"="C:\Jeux\[ PC Games ] - Age of Empires II(FULL)\empires2.EXE:*:Enabled:Age of Empires II"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Philips\Media Manager\Philips Media Manager.exe"="C:\Program Files\Philips\Media Manager\Philips Media Manager.exe:*:Enabled hilips Media Management for your Media Devices"
"C:\Program Files\EA Games\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA Games\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\SimpleComm\ngssc.exe"="C:\Program Files\SimpleComm\ngssc.exe:*:Enabled:ngssc"
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk33\mdmm.exe"="C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk33\mdmm.exe:* isabled:mdmm"
"C:\Msn\Mood\mcoviewer1.2.exe"="C:\Msn\Mood\mcoviewer1.2.exe:*:Enabled:mcoviewer1.2"
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk34\mdmm.exe"="C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk34\mdmm.exe:* isabled:mdmm"
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk35\mdmm.exe"="C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk35\mdmm.exe:*:Enabled:mdmm"
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk36\mdmm.exe"="C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk36\mdmm.exe:* isabled:mdmm"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk37\mdmm.exe"="C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk37\mdmm.exe:* isabled:mdmm"
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk38\mdmm.exe"="C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk38\mdmm.exe:* isabled:mdmm"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-03-12 23:16:47 ----D---- C:\Documents and Settings\packard bell\Application Data\Daoisoft
2009-03-12 16:05:22 ----D---- C:\WINDOWS\ie8updates
2009-03-12 15:57:26 ----HDC---- C:\WINDOWS\ie8
2009-03-12 15:38:23 ----D---- C:\Documents and Settings\packard bell\Application Data\MiniDm
2009-03-12 15:38:10 ----D---- C:\Documents and Settings\packard bell\Application Data\IEPro
2009-03-06 18:11:27 ----D---- C:\Documents and Settings\packard bell\Application Data\Malwarebytes
2009-03-06 18:11:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-03-06 18:11:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-06 17:55:16 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-03-06 17:55:15 ----D---- C:\Program Files\NOS
2009-03-06 17:51:20 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-06 17:51:20 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-06 17:51:20 ----A---- C:\WINDOWS\system32\java.exe
2009-03-06 14:13:03 ----D---- C:\Program Files\Ad-remover
2009-03-06 11:59:17 ----D---- C:\Documents and Settings\packard bell\Application Data\Mozilla
2009-03-06 11:58:43 ----D---- C:\Program Files\Mozilla Firefox
2009-03-06 09:58:22 ----D---- C:\_OTMoveIt
2009-03-05 20:43:48 ----A---- C:\FindyKill.txt
2009-03-05 20:27:23 ----D---- C:\Program Files\FindyKill
2009-03-05 18:13:02 ----D---- C:\Program Files\Avira
2009-03-05 14:09:53 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-27 22:50:22 ----D---- C:\Documents and Settings\packard bell\Application Data\Avant Profiles
2009-02-26 14:40:27 ----D---- C:\Program Files\iPod
2009-02-26 14:40:22 ----D---- C:\Program Files\iTunes
2009-02-26 14:40:22 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-26 14:39:59 ----D---- C:\Program Files\Bonjour
2009-02-26 14:39:04 ----D---- C:\Program Files\QuickTime
2009-02-26 14:38:34 ----D---- C:\Program Files\Apple Software Update
2009-02-26 14:37:47 ----D---- C:\Program Files\Fichiers communs\Apple
2009-02-26 14:37:47 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-02-26 13:46:23 ----D---- C:\Program Files\Primetime Podcast Receiver
2009-02-24 09:36:23 ----D---- C:\Program Files\trend micro
2009-02-24 09:36:22 ----D---- C:\rsit
2009-02-18 11:16:53 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2009-02-18 11:16:33 ----D---- C:\Program Files\NCH Software
2009-02-18 11:16:31 ----D---- C:\Program Files\NCH Swift Sound
2009-02-18 11:16:30 ----D---- C:\Documents and Settings\packard bell\Application Data\NCH Swift Sound
2009-02-11 23:44:00 ----D---- C:\Program Files\FlashGet Network

======List of files/folders modified in the last 1 months======

2009-03-13 00:21:07 ----D---- C:\WINDOWS\Debug
2009-03-12 23:44:32 ----D---- C:\Program Files\DPR
2009-03-12 23:42:54 ----D---- C:\Images CD
2009-03-12 23:39:07 ----D---- C:\Program Files\Wise Registry Cleaner 3
2009-03-12 23:37:38 ----D---- C:\Program Files\AxBx
2009-03-12 23:30:36 ----D---- C:\WINDOWS\Help
2009-03-12 23:13:23 ----D---- C:\WINDOWS\WinSxS
2009-03-12 21:03:08 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-12 16:08:29 ----D---- C:\WINDOWS\system32\fr-fr
2009-03-12 16:08:27 ----D---- C:\WINDOWS\Media
2009-03-12 16:08:26 ----D---- C:\Program Files\Internet Explorer
2009-03-12 16:04:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-06 18:39:32 ----D---- C:\WINDOWS\PREFETCH
2009-03-06 18:29:07 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-06 18:27:21 ----D---- C:\WINDOWS\TEMP
2009-03-06 18:24:36 ----HD---- C:\WINDOWS\system32\drivers
2009-03-06 18:24:36 ----D---- C:\WINDOWS
2009-03-06 18:23:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-06 18:21:33 ----RSD---- C:\WINDOWS\Fonts
2009-03-06 18:11:20 ----AD---- C:\Program Files
2009-03-06 18:05:37 ----SHD---- C:\WINDOWS\Installer
2009-03-06 18:05:36 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-03-06 18:05:36 ----D---- C:\Config.Msi
2009-03-06 18:05:35 ----D---- C:\Program Files\Adobe
2009-03-06 18:05:30 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-06 17:59:31 ----D---- C:\WINDOWS\system32
2009-03-06 17:55:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-06 17:50:49 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-06 17:47:35 ----D---- C:\Program Files\Java
2009-03-06 17:47:35 ----D---- C:\Program Files\Fichiers communs
2009-03-06 13:35:05 ----D---- C:\Documents and Settings\packard bell\Application Data\AdobeUM
2009-03-06 11:10:29 ----D---- C:\Program Files\eMule
2009-03-06 10:05:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-05 19:46:33 ----D---- C:\WINDOWS\system
2009-03-05 19:27:49 ----D---- C:\Program Files\Navilog1
2009-03-05 18:40:28 ----SD---- C:\Documents and Settings\packard bell\Application Data\Microsoft
2009-03-05 18:13:02 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-03-05 14:20:11 ----AH---- C:\BOOT.INI
2009-03-05 14:11:03 ----SHD---- C:\RECYCLER
2009-03-05 11:54:34 ----D---- C:\Program Files\Minilyrics
2009-02-26 14:41:19 ----HD---- C:\WINDOWS\inf
2009-02-26 14:41:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-26 14:38:59 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-02-26 14:13:34 ----D---- C:\Program Files\Juice
2009-02-26 13:42:13 ----SD---- C:\WINDOWS\Tasks
2009-02-24 09:59:18 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-22 14:56:18 ----D---- C:\Program Files\DOSBox-0.72
2009-02-21 10:10:14 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-02-18 17:46:35 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-18 17:46:01 ----D---- C:\WINDOWS\twain_32
2009-02-18 11:21:44 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-17 23:26:44 ----A---- C:\mpeg.txt
2009-02-13 10:26:05 ----RSD---- C:\WINDOWS\assembly
2009-02-13 10:26:05 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-11 23:18:32 ----D---- C:\Program Files\Anim-FX
2009-02-08 19:00:56 ----D---- C:\Program Files\Messenger Plus! Live
2009-02-07 18:23:37 ----D---- C:\Program Files\Amara - Flash Photo Animation Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Asapi;Asapi; C:\WINDOWS\system32\drivers\Asapi.sys [2002-08-06 11264]
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2005-10-01 2944]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2003-06-23 22848]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
R1 ndasfat;NDAS FAT File System Service; C:\WINDOWS\system32\DRIVERS\ndasfat.sys [2008-06-28 268008]
R1 ndasrofs;NDAS ROFS File System Service; C:\WINDOWS\system32\DRIVERS\ndasrofs.sys [2008-06-28 511592]
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2000-02-03 24608]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-10-07 80576]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-12-06 5632]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-20 21361]
R2 ASPI32;ASPI32; C:\WINDOWS\System32\drivers\aspi32.sys [2004-07-19 16512]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 MTC0003_STDSB;Scroll Bar Driver; C:\WINDOWS\system32\drivers\STDSB.sys [2003-12-15 11279]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-03-04 12288]
R2 SVKP;SVKP; \??\C:\WINDOWS\system32\SVKP.sys []
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-04-01 719052]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 fcdabus;fcdabus; C:\WINDOWS\system32\DRIVERS\fcdabus.sys [2003-08-07 10899]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-01-15 41984]
R3 fvdscsi;fvdscsi; C:\WINDOWS\system32\DRIVERS\fvdscsi.sys [2004-09-08 72478]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-10-08 93979]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-03-29 90464]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2003-02-06 210128]
R3 ndasbus;NDAS Bus Driver; C:\WINDOWS\system32\DRIVERS\ndasbus.sys [2008-06-28 135400]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2003-02-05 506912]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2003-01-17 39348]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2008-01-07 2216064]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-05-13 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-05-13 44384]
S1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S2 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
S2 STDSB;STDSB; C:\WINDOWS\System32\DRIVERS\STDSB.sys [2003-12-15 11279]
S2 VirtualCam;VirtualCamera; C:\WINDOWS\system32\DRIVERS\VirtualCam.sys [2004-11-25 192512]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 AX88172;ASIX AX88172 USB2 to Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\ax88172.sys [2003-05-26 11264]
S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-05 71552]
S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-05 71552]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
S3 CA504AV;TRUST 500 SPYC@M,WDM Video Capture; C:\WINDOWS\System32\Drivers\CA504AV.SYS []
S3 catchme;catchme; \??\C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 DCamUSBEMPIA;Dazzle DVC90 Video Device; C:\WINDOWS\system32\DRIVERS\emDevice.sys [2004-04-06 100957]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-30 223128]
S3 emAudio;Dazzle DVC90 Audio Device; C:\WINDOWS\system32\drivers\emAudio.sys [2004-05-05 19584]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2007-07-19 22296]
S3 FiltUSBEMPIA;USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\emFilter.sys [2004-04-06 5245]
S3 GDMnIcpt;GDMnIcpt; \??\C:\WINDOWS\system32\drivers\MiniIcpt.sys []
S3 HookCentre;HookCentre; \??\C:\WINDOWS\system32\drivers\HookCentre.sys []
S3 iMSPQMn;iMSPQMn; \??\C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\iMSPQMn.sys []
S3 k600bus;Sony Ericsson 600i driver (WDM); C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 77072]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-07-19 2109592]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-19 2142488]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2007-07-19 1920920]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-07-19 41752]
S3 LVUVC;QuickCam Pro for Notebooks(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-07-19 3599000]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2003-02-06 1290760]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2009-02-18 27136]
S3 ndasscsi;NDAS SCSI Miniport Driver; C:\WINDOWS\system32\DRIVERS\ndasscsi.sys [2008-06-28 362600]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-05 40320]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys []
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2003-02-05 162136]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2004-06-03 20352]
S3 PTV332;DualTV USB; C:\WINDOWS\SYSTEM32\DRIVERS\PTV332.SYS [2005-11-02 228992]
S3 RecAgent;recagent; \??\C:\WINDOWS\system32\DRIVERS\RecAgent.sys []
S3 ScanUSBEMPIA;USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\emScan.sys [2004-04-06 4493]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2002-04-09 39552]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2003-02-17 85552]
S3 SQTECH905C;DaulCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2004-12-08 32123]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 Sunplus;TRUST 500 SPYC@M Still Image Capture, Sunplus Version 1.00; C:\WINDOWS\System32\Drivers\Bulk504.sys []
S3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2003-03-27 268784]
S3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-05 12416]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 w22n51;Pilote Intel(R) PRO/Wireless 2200 Adapter pour Windows XP; C:\WINDOWS\system32\DRIVERS\w22n51.sys [2004-06-24 3147776]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2003-09-01 104064]
S3 Wdm1;USB Bridge Cable Driver; C:\WINDOWS\System32\Drivers\usbbc.sys [2001-01-08 15576]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-05-13 21440]
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2004-05-13 14720]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-05-13 5600]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2000-06-29 52224]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2008-03-04 823296]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-06 152984]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-19 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-19 137752]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 ndassvc;NDAS Service; C:\Program Files\NDAS\System\ndassvc.exe [2008-06-28 275944]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2008-03-04 483328]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2008-03-04 1187840]
R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-24 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe []
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-05 268800]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-19 141848]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-01-08 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2006-05-09 72704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-05-14 86016]
S4 AVKProxy;G DATA AntiVirus Proxy; C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe []
S4 AVKWCtl;Gardien d'AntiVirus; C:\Program Files\G DATA AntiVirus Trial\AVK\AVKWCtl.exe []

-----------------EOF-----------------

1/

Cherche ce fichier : C:\Documents and Settings\packard bell\Bureau\packard bell.exe

Double-clique sur ce fichier.

Choisis Do a system scan only.

Coche les cases qui sont devant les lignes suivantes :

F2 - REG:system.ini: Shell=Explorer.exe

F3 - REG:win.ini: load=C:\WINDOWS\System\mqtgsvc.exe

O2 - BHO: (no name) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)

O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA AntiVirus Trial\Webfilter\AVKWebIE.dll

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA AntiVirus Trial\Webfilter\AVKWebIE.dll

O4 - HKCU\..\Policies\Explorer\Run: [Esent Utl] C:\WINDOWS\System32\drivers\esentutl.exe /waitservice

O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Cisvc] C:\WINDOWS\System32\drivers\cisvc.exe /waitservice (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Cisvc] C:\WINDOWS\System32\drivers\cisvc.exe /waitservice (User 'Default user')

O9 - Extra button: (no name) - {12345678-1234-1234-1234-1234567890AB} - (no file)

O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (file missing)

Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

Ferme HijackThis.


2/

Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.

Double-clique sur OTMoveIt3.exe pour le lancer.

Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:services
aawservice
MySqlInventime
AVKProxy
AVKWCtl

:files
C:\Program Files\G DATA AntiVirus Trial

:reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk33\mdmm.exe"=-
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk34\mdmm.exe"=-
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk35\mdmm.exe"=-
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk36\mdmm.exe"=-
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk37\mdmm.exe"=-
"C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk38\mdmm.exe"=-

:commands
[purity]
[emptytemp]
[reboot]

Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service aawservice stopped successfully.
Service aawservice deleted successfully.
Service MySqlInventime stopped successfully.
Service MySqlInventime deleted successfully.
Service AVKProxy stopped successfully.
Service AVKProxy deleted successfully.
Service AVKWCtl stopped successfully.
Service AVKWCtl deleted successfully.
========== FILES ==========
C:\Program Files\G DATA AntiVirus Trial\Webfilter moved successfully.
C:\Program Files\G DATA AntiVirus Trial\Common moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVKTray moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\UpdatePGM\TC moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\UpdatePGM\IS moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\UpdatePGM\AV moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\UpdatePGM moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\settings moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\Log moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\gear_dlls moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\BootCD\GDATA moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\BootCD\dbase\kav\bases moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\BootCD\dbase\kav\backup moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\BootCD\dbase\kav moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\BootCD\dbase moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\BootCD\boot\isolinux moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\BootCD\boot moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK\BootCD moved successfully.
C:\Program Files\G DATA AntiVirus Trial\AVK moved successfully.
C:\Program Files\G DATA AntiVirus Trial moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk33\mdmm.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk34\mdmm.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk35\mdmm.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk36\mdmm.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk37\mdmm.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\packard bell\Local Settings\Temp\~tmp\mdnk38\mdmm.exe deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\WCESLog.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF279E.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF2E48.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF8904.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF89E3.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF89F7.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF8A65.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF8AAB.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_6b0.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03062009_223248

Files moved on Reboot...
C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\WCESLog.log moved successfully.
File C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF279E.tmp not found!
File C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF2E48.tmp not found!
C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF8904.tmp moved successfully.
File C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF89E3.tmp not found!
File C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF89F7.tmp not found!
File C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF8A65.tmp not found!
File C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\~DF8AAB.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_6b0.dat not found!

Bien.

Refais un scan RSIT et poste un rapport log.

Logfile of random's system information tool 1.05 (written by random/random)
Run by packard bell at 2009-03-07 14:06:50
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 18 GB (25%) free of 72 GB
Total RAM: 991 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:07, on 2009-03-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\drivers\STDSB.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\drivers\Icon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SimpleComm\ngssc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NDAS\System\ndassvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\packard bell\Bureau\RSIT.exe
C:\Program Files\trend micro\packard bell.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = Download Directory
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\system32\drivers\STDSB.exe
O4 - HKLM\..\Run: [pdfFactory Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /runonce
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SimpleComm] "C:\Program Files\SimpleComm\ngssc.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-59e0dee40af6b6c8.spaces.live.com/PhotoUpload...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://config.zebulon.fr/plugins/hardwaredetection.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jin...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728AxD-ckvrPc0A/e...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrob...
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://camera1.mairie-brest.fr/activex/AMC.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinde...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NDAS Service (ndassvc) - XIMETA, Inc. - C:\Program Files\NDAS\System\ndassvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 13732 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\HDReg.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{556B0FF1-72E7-4AD5-BE4A-21E1051FDB7B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-11 1443112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E}]
SnapFlash Class - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll [2006-03-16 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2005-09-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-06 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-06 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2003-10-02 155648]
"STDSB"=C:\WINDOWS\system32\drivers\STDSB.exe [2003-12-17 28672]
"pdfFactory Dispatcher v2"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe [2004-12-20 458752]
"USBToolTip"=C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [2004-04-23 192512]
"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"USB2Check"=C:\WINDOWS\system32\PCLECoInst.dll [2004-04-06 61440]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-03-27 53248]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-03-27 110592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-03-27 634880]
"Icon"=C:\WINDOWS\system32\drivers\Icon.exe [2004-04-16 217088]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2008-03-04 999424]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2008-03-04 1101824]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-06 148888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"SimpleComm"=C:\Program Files\SimpleComm\ngssc.exe [2004-05-08 1216512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-10-02 319488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
C:\WINDOWS\system32\WRLogonNTF.dll [2006-01-25 492544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-05 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll [2009-01-15 10963968]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:*:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe:*:Enabled:FileZilla"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Philips\WADM\WADM.exe"="C:\Program Files\Philips\WADM\WADM.exe:*:Enabled:WADM Application"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Jeux\[ PC Games ] - Age of Empires II(FULL)\empires2.EXE"="C:\Jeux\[ PC Games ] - Age of Empires II(FULL)\empires2.EXE:*:Enabled:Age of Empires II"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Philips\Media Manager\Philips Media Manager.exe"="C:\Program Files\Philips\Media Manager\Philips Media Manager.exe:*:Enabled hilips Media Management for your Media Devices"
"C:\Program Files\EA Games\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA Games\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\SimpleComm\ngssc.exe"="C:\Program Files\SimpleComm\ngssc.exe:*:Enabled:ngssc"
"C:\Msn\Mood\mcoviewer1.2.exe"="C:\Msn\Mood\mcoviewer1.2.exe:*:Enabled:mcoviewer1.2"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-03-12 23:16:47 ----D---- C:\Documents and Settings\packard bell\Application Data\Daoisoft
2009-03-12 16:05:22 ----D---- C:\WINDOWS\ie8updates
2009-03-12 15:57:26 ----HDC---- C:\WINDOWS\ie8
2009-03-12 15:38:23 ----D---- C:\Documents and Settings\packard bell\Application Data\MiniDm
2009-03-12 15:38:10 ----D---- C:\Documents and Settings\packard bell\Application Data\IEPro
2009-03-06 18:11:27 ----D---- C:\Documents and Settings\packard bell\Application Data\Malwarebytes
2009-03-06 18:11:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-03-06 18:11:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-06 17:55:16 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-03-06 17:55:15 ----D---- C:\Program Files\NOS
2009-03-06 17:51:20 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-06 17:51:20 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-06 17:51:20 ----A---- C:\WINDOWS\system32\java.exe
2009-03-06 14:13:03 ----D---- C:\Program Files\Ad-remover
2009-03-06 11:59:17 ----D---- C:\Documents and Settings\packard bell\Application Data\Mozilla
2009-03-06 11:58:43 ----D---- C:\Program Files\Mozilla Firefox
2009-03-06 09:58:22 ----D---- C:\_OTMoveIt
2009-03-05 20:43:48 ----A---- C:\FindyKill.txt
2009-03-05 20:27:23 ----D---- C:\Program Files\FindyKill
2009-03-05 18:13:02 ----D---- C:\Program Files\Avira
2009-03-05 14:09:53 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-27 22:50:22 ----D---- C:\Documents and Settings\packard bell\Application Data\Avant Profiles
2009-02-26 14:40:27 ----D---- C:\Program Files\iPod
2009-02-26 14:40:22 ----D---- C:\Program Files\iTunes
2009-02-26 14:40:22 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-26 14:39:59 ----D---- C:\Program Files\Bonjour
2009-02-26 14:39:04 ----D---- C:\Program Files\QuickTime
2009-02-26 14:38:34 ----D---- C:\Program Files\Apple Software Update
2009-02-26 14:37:47 ----D---- C:\Program Files\Fichiers communs\Apple
2009-02-26 14:37:47 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-02-26 13:46:23 ----D---- C:\Program Files\Primetime Podcast Receiver
2009-02-24 09:36:23 ----D---- C:\Program Files\trend micro
2009-02-24 09:36:22 ----D---- C:\rsit
2009-02-18 11:16:53 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2009-02-18 11:16:33 ----D---- C:\Program Files\NCH Software
2009-02-18 11:16:31 ----D---- C:\Program Files\NCH Swift Sound
2009-02-18 11:16:30 ----D---- C:\Documents and Settings\packard bell\Application Data\NCH Swift Sound
2009-02-11 23:44:00 ----D---- C:\Program Files\FlashGet Network

======List of files/folders modified in the last 1 months======

2009-03-13 00:21:07 ----D---- C:\WINDOWS\Debug
2009-03-12 23:44:32 ----D---- C:\Program Files\DPR
2009-03-12 23:42:54 ----D---- C:\Images CD
2009-03-12 23:39:07 ----D---- C:\Program Files\Wise Registry Cleaner 3
2009-03-12 23:37:38 ----D---- C:\Program Files\AxBx
2009-03-12 23:30:36 ----D---- C:\WINDOWS\Help
2009-03-12 23:13:23 ----D---- C:\WINDOWS\WinSxS
2009-03-12 21:03:08 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-12 16:08:29 ----D---- C:\WINDOWS\system32\fr-fr
2009-03-12 16:08:27 ----D---- C:\WINDOWS\Media
2009-03-12 16:08:26 ----D---- C:\Program Files\Internet Explorer
2009-03-12 16:04:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-07 13:57:50 ----D---- C:\WINDOWS\TEMP
2009-03-07 08:57:07 ----D---- C:\WINDOWS\PREFETCH
2009-03-06 22:44:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-06 22:32:55 ----AD---- C:\Program Files
2009-03-06 18:29:07 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-06 18:25:12 ----D---- C:\Config.Msi
2009-03-06 18:24:36 ----HD---- C:\WINDOWS\system32\drivers
2009-03-06 18:24:36 ----D---- C:\WINDOWS
2009-03-06 18:21:33 ----RSD---- C:\WINDOWS\Fonts
2009-03-06 18:05:37 ----SHD---- C:\WINDOWS\Installer
2009-03-06 18:05:36 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-03-06 18:05:35 ----D---- C:\Program Files\Adobe
2009-03-06 18:05:30 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-06 17:59:31 ----D---- C:\WINDOWS\system32
2009-03-06 17:55:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-06 17:50:49 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-06 17:47:35 ----D---- C:\Program Files\Java
2009-03-06 17:47:35 ----D---- C:\Program Files\Fichiers communs
2009-03-06 13:35:05 ----D---- C:\Documents and Settings\packard bell\Application Data\AdobeUM
2009-03-06 11:10:29 ----D---- C:\Program Files\eMule
2009-03-06 10:05:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-05 19:46:33 ----D---- C:\WINDOWS\system
2009-03-05 19:27:49 ----D---- C:\Program Files\Navilog1
2009-03-05 18:40:28 ----SD---- C:\Documents and Settings\packard bell\Application Data\Microsoft
2009-03-05 18:13:02 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-03-05 14:20:11 ----AH---- C:\BOOT.INI
2009-03-05 14:11:03 ----SHD---- C:\RECYCLER
2009-03-05 11:54:34 ----D---- C:\Program Files\Minilyrics
2009-02-26 14:41:19 ----HD---- C:\WINDOWS\inf
2009-02-26 14:41:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-26 14:38:59 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-02-26 14:13:34 ----D---- C:\Program Files\Juice
2009-02-26 13:42:13 ----SD---- C:\WINDOWS\Tasks
2009-02-24 09:59:18 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-22 14:56:18 ----D---- C:\Program Files\DOSBox-0.72
2009-02-21 10:10:14 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-02-18 17:46:35 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-18 17:46:01 ----D---- C:\WINDOWS\twain_32
2009-02-18 11:21:44 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-17 23:26:44 ----A---- C:\mpeg.txt
2009-02-13 10:26:05 ----RSD---- C:\WINDOWS\assembly
2009-02-13 10:26:05 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-11 23:18:32 ----D---- C:\Program Files\Anim-FX
2009-02-08 19:00:56 ----D---- C:\Program Files\Messenger Plus! Live

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Asapi;Asapi; C:\WINDOWS\system32\drivers\Asapi.sys [2002-08-06 11264]
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2005-10-01 2944]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2003-06-23 22848]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
R1 ndasfat;NDAS FAT File System Service; C:\WINDOWS\system32\DRIVERS\ndasfat.sys [2008-06-28 268008]
R1 ndasrofs;NDAS ROFS File System Service; C:\WINDOWS\system32\DRIVERS\ndasrofs.sys [2008-06-28 511592]
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2000-02-03 24608]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-10-07 80576]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-12-06 5632]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-20 21361]
R2 ASPI32;ASPI32; C:\WINDOWS\System32\drivers\aspi32.sys [2004-07-19 16512]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 MTC0003_STDSB;Scroll Bar Driver; C:\WINDOWS\system32\drivers\STDSB.sys [2003-12-15 11279]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-03-04 12288]
R2 SVKP;SVKP; \??\C:\WINDOWS\system32\SVKP.sys []
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-04-01 719052]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 fcdabus;fcdabus; C:\WINDOWS\system32\DRIVERS\fcdabus.sys [2003-08-07 10899]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-01-15 41984]
R3 fvdscsi;fvdscsi; C:\WINDOWS\system32\DRIVERS\fvdscsi.sys [2004-09-08 72478]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-10-08 93979]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-03-29 90464]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2003-02-06 210128]
R3 ndasbus;NDAS Bus Driver; C:\WINDOWS\system32\DRIVERS\ndasbus.sys [2008-06-28 135400]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2003-02-05 506912]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2003-01-17 39348]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2008-01-07 2216064]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-05-13 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-05-13 44384]
S1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S2 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
S2 STDSB;STDSB; C:\WINDOWS\System32\DRIVERS\STDSB.sys [2003-12-15 11279]
S2 VirtualCam;VirtualCamera; C:\WINDOWS\system32\DRIVERS\VirtualCam.sys [2004-11-25 192512]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 AX88172;ASIX AX88172 USB2 to Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\ax88172.sys [2003-05-26 11264]
S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-05 71552]
S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-05 71552]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
S3 CA504AV;TRUST 500 SPYC@M,WDM Video Capture; C:\WINDOWS\System32\Drivers\CA504AV.SYS []
S3 catchme;catchme; \??\C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 DCamUSBEMPIA;Dazzle DVC90 Video Device; C:\WINDOWS\system32\DRIVERS\emDevice.sys [2004-04-06 100957]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-30 223128]
S3 emAudio;Dazzle DVC90 Audio Device; C:\WINDOWS\system32\drivers\emAudio.sys [2004-05-05 19584]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2007-07-19 22296]
S3 FiltUSBEMPIA;USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\emFilter.sys [2004-04-06 5245]
S3 GDMnIcpt;GDMnIcpt; \??\C:\WINDOWS\system32\drivers\MiniIcpt.sys []
S3 HookCentre;HookCentre; \??\C:\WINDOWS\system32\drivers\HookCentre.sys []
S3 iMSPQMn;iMSPQMn; \??\C:\DOCUME~1\PACKAR~1\LOCALS~1\Temp\iMSPQMn.sys []
S3 k600bus;Sony Ericsson 600i driver (WDM); C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 77072]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-07-19 2109592]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-19 2142488]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2007-07-19 1920920]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-07-19 41752]
S3 LVUVC;QuickCam Pro for Notebooks(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-07-19 3599000]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2003-02-06 1290760]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2009-02-18 27136]
S3 ndasscsi;NDAS SCSI Miniport Driver; C:\WINDOWS\system32\DRIVERS\ndasscsi.sys [2008-06-28 362600]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-05 40320]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys []
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2003-02-05 162136]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2004-06-03 20352]
S3 PTV332;DualTV USB; C:\WINDOWS\SYSTEM32\DRIVERS\PTV332.SYS [2005-11-02 228992]
S3 RecAgent;recagent; \??\C:\WINDOWS\system32\DRIVERS\RecAgent.sys []
S3 ScanUSBEMPIA;USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\emScan.sys [2004-04-06 4493]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2002-04-09 39552]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2003-02-17 85552]
S3 SQTECH905C;DaulCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2004-12-08 32123]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 Sunplus;TRUST 500 SPYC@M Still Image Capture, Sunplus Version 1.00; C:\WINDOWS\System32\Drivers\Bulk504.sys []
S3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2003-03-27 268784]
S3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-05 12416]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 w22n51;Pilote Intel(R) PRO/Wireless 2200 Adapter pour Windows XP; C:\WINDOWS\system32\DRIVERS\w22n51.sys [2004-06-24 3147776]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2003-09-01 104064]
S3 Wdm1;USB Bridge Cable Driver; C:\WINDOWS\System32\Drivers\usbbc.sys [2001-01-08 15576]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-05-13 21440]
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2004-05-13 14720]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-05-13 5600]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2000-06-29 52224]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2008-03-04 823296]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-06 152984]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-19 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-19 137752]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 ndassvc;NDAS Service; C:\Program Files\NDAS\System\ndassvc.exe [2008-06-28 275944]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2008-03-04 483328]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2008-03-04 1187840]
R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-24 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-05 268800]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-19 141848]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-01-08 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2006-05-09 72704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-05-14 86016]

-----------------EOF-----------------

Ton PC va comment ?

Bonjour,

Pour le moment, mon PC n'a plus le pb du mmdm.exe.

Mais régulièrement, il me trouve un cheval de Troie. Agent 77824, avec différents fichiers infectés.

Je vais un spybot ...

En tout cas un énorme merci pour ton aide.

---> A quel emplacement.

C:\System Volume Information\_restor ... y'a plein de chiffres ... A0038573.exe
 

Dans la restauration système, normal.


1/

Désinstalle HijackThis.

Télécharge ToolsCleaner2 sur ton Bureau.

Double-clique sur ToolsCleaner2.exe pour le lancer.

Clique sur Recherche et laisse le scan agir.

Clique sur Suppression pour finaliser.

Tu peux, si tu le souhaites, te servir des Options Facultatives.

Clique sur Quitter pour obtenir le rapport.

Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


2/

Télécharge et installe CCleaner Slim.

Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....

Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.

Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).


3/

Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.

Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème.


==Prévention==

Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.

Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).

Tu peux aussi modifier le fichier Hosts pour améliorer la sécurité de ton PC : Lien

Par rapport au P2P : Lien

Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


==Problème résolu ?==

Si tu estimes que ton problème est résolu :

---> Ajoute maintenant [Résolu] au titre. Pour cela :

Clique, dans ton premier message, sur le bouton Editer .

Rajoute la mention [Résolu] devant le titre.

Clique ensuite sur Valider votre message.


Sois plus vigilant(e) sur Internet  

[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\VundoFix.txt: trouvé !
C:\fixnavi.txt: trouvé !
C:\TB.txt: trouvé !
C:\FindyKill.txt: trouvé !
C:\Combofix: trouvé !
C:\Vundofix backups: trouvé !
C:\_OtMoveIt: trouvé !
C:\Toolbar SD: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Securite\Navilog1.lnk: trouvé !
C:\Documents and Settings\packard bell\Bureau\mdmm\HijackThis.exe: trouvé !
C:\Documents and Settings\packard bell\Bureau\mdmm\ToolBarSD.exe: trouvé !
C:\Documents and Settings\packard bell\Bureau\mdmm\hijackthis.log: trouvé !
C:\Documents and Settings\packard bell\Bureau\mdmm\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\packard bell\Bureau\mdmm\Rsit.exe: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Securite\Navilog1.lnk: supprimé !
C:\Documents and Settings\packard bell\Bureau\mdmm\HijackThis.exe: supprimé !
C:\Documents and Settings\packard bell\Bureau\mdmm\ToolBarSD.exe: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\VundoFix.txt: supprimé !
C:\fixnavi.txt: supprimé !
C:\TB.txt: supprimé !
C:\FindyKill.txt: supprimé !
C:\Documents and Settings\packard bell\Bureau\mdmm\hijackthis.log: supprimé !
C:\Documents and Settings\packard bell\Bureau\mdmm\OTMoveIt3.exe: supprimé !
C:\Documents and Settings\packard bell\Bureau\mdmm\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Combofix: supprimé !
C:\Vundofix backups: supprimé !
C:\_OtMoveIt: supprimé !
C:\Toolbar SD: supprimé !
C:\Rsit: supprimé !
C:\Program Files\Navilog1: supprimé !
C:\Program Files\FindyKill: supprimé !

Corbeille vidée!
Fichiers temporaires nettoyés !

Tu peux supprimer ToolsCleaner.

Refais un scan avec Antivir si tu souhaites.

  OK je vais le lancer cette nuit  
En tout cas merci beaucoup beaucoup.  

Bonjour Destroio5,
j'ai le même problème que pong-35, c'est-à-dire mdmm.exe bloqué par le pare feu windows. J'ai donc suivi tes procédures, qui m'ont permis d'éradiquer bien des problèmes je pense. Pourtant, ne maitrisant pas du tout ces logiciels, je me suis arrêté à cette étape, car je me suis rendu compte que tu lui faisais coller des lignes spécifiques à son cas. Je les ai maladroitement collé aussi   dans OTMoveIt3, l'ordi a redémarré sans trop de problèmes...j'espère que je n'ai rien endommagé. En fait, j'aurais aimé être suivi aussi, j'ai gardé tous les rapports et je peux te le montrer éventuellement ou alors tout reprendre à zero.
Merci d'avance.