Pub sur mon pc

Bonjour,

Tu as une infection Lop/Swizzor.

• Télécharge Lop S&D sur ton Bureau.
• Double-clique dessus pour lancer l'installation.
• Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
• Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .
• Patiente jusqu'à la fin du scan.
• Poste le rapport généré (C:\lopR.txt).

• Relance Lop S&D.
• Choisis cette fois-ci l'option 2 (Suppression).
• Ne ferme pas la fenêtre lors de la suppression !
• Poste le rapport généré (C:\lopR.txt).

(Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

merci pour la nouvelle version



-----------------------[ Lop S&D 4.2.0-3 XP/Vista ]---------------------

[ USER : Marco ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 26/06/2009 | 21:14:09,28 ] [ PC : SAMSUNG ]
[ MAJ : 30-04-2008 | 18:35 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\manager slow.dat
Echec ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\manager slow.exe
Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\Book Tray.exe
Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\DaleSeekDraw.exe
Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\hdhnghha.exe
Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\iaoptana.exe
Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1\LIES THIS CHIN PEAK.exe
Supprimé! - C:\windows\Tasks\AC8B4EC09364F9A4.job
Supprimé! - C:\DOCUME~1\Marco\LOCALS~1\Temp\bis286.exe
Supprimé! - C:\DOCUME~1\Marco\LOCALS~1\Temp\bis288.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
Supprimé! - C:\DOCUME~1\Marco\APPLIC~1\planpa~1
Supprimé! - C:\Program Files\planpa~1
Supprimé! - C:\Program Files\Circle Developement

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[30/04/2008|19:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[26/04/2009|22:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
[26/01/2009|21:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
[30/04/2008|18:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[03/06/2008|11:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[03/06/2008|11:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Talkback

[18/03/2009|01:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[22/04/2009|00:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[09/12/2008|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/05/2008|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/05/2008|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[31/01/2009|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[28/04/2009|23:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[07/05/2008|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[10/06/2009|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[30/04/2008|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/06/2008|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
[01/05/2008|01:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[26/04/2009|22:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[24/04/2009|23:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
[31/01/2009|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[08/02/2009|22:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LxThumbs
[26/01/2009|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[10/05/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memeo
[01/05/2008|02:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[06/12/2008|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[23/06/2009|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
[24/05/2009|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/06/2009|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[01/05/2008|01:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[09/06/2009|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\S.N.Safe&Software
[09/04/2009|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Solero
[01/09/2008|17:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Temp
[25/05/2008|17:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Test Drive Unlimited
[25/06/2008|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Uniblue
[17/07/2008|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[01/05/2008|00:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[30/04/2008|19:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[26/04/2009|22:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[30/04/2008|18:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[26/04/2009|22:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel
[08/02/2009|22:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[30/04/2008|18:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[10/06/2009|15:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

[10/05/2008|11:08] C:\DOCUME~1\Marco\APPLIC~1\Adobe
[01/05/2008|01:50] C:\DOCUME~1\Marco\APPLIC~1\Apple Computer
[31/01/2009|20:13] C:\DOCUME~1\Marco\APPLIC~1\ATI
[21/06/2009|23:24] C:\DOCUME~1\Marco\APPLIC~1\Audio Recorder Titanium
[29/08/2008|02:08] C:\DOCUME~1\Marco\APPLIC~1\Azureus
[09/07/2008|22:34] C:\DOCUME~1\Marco\APPLIC~1\CyberLink
[07/05/2008|20:19] C:\DOCUME~1\Marco\APPLIC~1\DataCast
[30/04/2008|19:48] C:\DOCUME~1\Marco\APPLIC~1\desktop.ini
[27/01/2009|08:27] C:\DOCUME~1\Marco\APPLIC~1\Desktopicon
[30/08/2008|13:49] C:\DOCUME~1\Marco\APPLIC~1\DivX
[29/01/2009|16:36] C:\DOCUME~1\Marco\APPLIC~1\dvdcss
[23/03/2009|17:43] C:\DOCUME~1\Marco\APPLIC~1\FaxCtr
[22/05/2008|15:19] C:\DOCUME~1\Marco\APPLIC~1\FileZilla
[23/06/2009|20:29] C:\DOCUME~1\Marco\APPLIC~1\GetRight
[10/06/2009|15:06] C:\DOCUME~1\Marco\APPLIC~1\GlarySoft
[21/04/2009|16:58] C:\DOCUME~1\Marco\APPLIC~1\Help
[30/04/2008|18:17] C:\DOCUME~1\Marco\APPLIC~1\Identities
[26/04/2009|22:25] C:\DOCUME~1\Marco\APPLIC~1\Intel
[22/04/2009|13:09] C:\DOCUME~1\Marco\APPLIC~1\iolo
[03/02/2009|20:42] C:\DOCUME~1\Marco\APPLIC~1\ItDb.enc
[05/07/2008|14:53] C:\DOCUME~1\Marco\APPLIC~1\Lexmark Productivity Studio
[15/01/2009|20:50] C:\DOCUME~1\Marco\APPLIC~1\LimeWire
[10/06/2009|15:11] C:\DOCUME~1\Marco\APPLIC~1\Macromedia
[26/01/2009|21:52] C:\DOCUME~1\Marco\APPLIC~1\Malwarebytes
[01/05/2008|01:48] C:\DOCUME~1\Marco\APPLIC~1\Media Player Classic
[23/06/2009|20:22] C:\DOCUME~1\Marco\APPLIC~1\Microsoft
[10/06/2009|20:30] C:\DOCUME~1\Marco\APPLIC~1\Moyea
[26/08/2008|16:15] C:\DOCUME~1\Marco\APPLIC~1\Mozilla
[26/04/2009|23:30] C:\DOCUME~1\Marco\APPLIC~1\RayV
[05/04/2009|17:07] C:\DOCUME~1\Marco\APPLIC~1\Real
[24/09/2008|18:47] C:\DOCUME~1\Marco\APPLIC~1\Samsung
[12/05/2008|22:58] C:\DOCUME~1\Marco\APPLIC~1\SecuROM
[08/04/2009|20:27] C:\DOCUME~1\Marco\APPLIC~1\SharePod
[07/05/2008|19:53] C:\DOCUME~1\Marco\APPLIC~1\Sun
[23/03/2009|19:45] C:\DOCUME~1\Marco\APPLIC~1\Syntrillium
[30/04/2008|22:51] C:\DOCUME~1\Marco\APPLIC~1\Talkback
[22/07/2008|22:51] C:\DOCUME~1\Marco\APPLIC~1\U3
[25/06/2008|11:12] C:\DOCUME~1\Marco\APPLIC~1\Uniblue
[26/06/2009|21:14] C:\DOCUME~1\Marco\APPLIC~1\uTorrent
[08/05/2008|15:02] C:\DOCUME~1\Marco\APPLIC~1\vlc
[29/04/2009|23:46] C:\DOCUME~1\Marco\APPLIC~1\Winamp
[01/05/2008|01:48] C:\DOCUME~1\Marco\APPLIC~1\WinRAR

[26/04/2009|22:25] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
[30/04/2008|18:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[30/04/2008|19:48] C:\DOCUME~1\SAFE'N~1\APPLIC~1\desktop.ini
[26/04/2009|22:25] C:\DOCUME~1\SAFE'N~1\APPLIC~1\Intel
[09/06/2009|23:55] C:\DOCUME~1\SAFE'N~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\windows\tasks ]---------------

[26/06/2009 09:51][--a------] C:\windows\tasks\GlaryInitialize.job
[23/06/2009 22:49][--a------] C:\windows\tasks\AppleSoftwareUpdate.job
[26/06/2009 09:51][--ah-----] C:\windows\tasks\SA.DAT
[19/08/2004 22:01][-r-h-----] C:\windows\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[03/06/2008|21:21] C:\Program Files\Abbyy FineReader 6.0 Sprint
[09/12/2008|20:08] C:\Program Files\Adobe
[23/10/2008|22:18] C:\Program Files\Ahead
[28/04/2009|23:41] C:\Program Files\Apoint
[13/08/2008|11:40] C:\Program Files\Apple Software Update
[31/01/2009|04:04] C:\Program Files\ATI Technologies
[28/04/2009|23:38] C:\Program Files\Avira
[23/06/2009|01:09] C:\Program Files\AviSynth 2.5
[02/06/2161|15:41] C:\Program Files\Bill2's Process Manager
[20/01/2009|23:59] C:\Program Files\Bonjour
[11/07/2008|12:56] C:\Program Files\Broadcom
[12/02/2009|10:05] C:\Program Files\CCleaner
[30/01/2009|22:10] C:\Program Files\CONEXANT
[26/04/2009|22:33] C:\Program Files\DIFX
[23/06/2009|11:40] C:\Program Files\Fichiers communs
[06/04/2009|14:04] C:\Program Files\Image-Line
[09/06/2009|03:27] C:\Program Files\InstallShield Installation Information
[26/04/2009|22:24] C:\Program Files\Intel
[25/06/2009|13:29] C:\Program Files\Internet Explorer
[02/06/2161|23:00] C:\Program Files\iPod
[10/06/2009|15:37] C:\Program Files\Java
[03/06/2008|21:23] C:\Program Files\Lexmark 3500-4500 Series
[03/06/2008|21:22] C:\Program Files\Lexmark Fax Solutions
[26/01/2009|21:52] C:\Program Files\Malwarebytes' Anti-Malware
[15/07/2008|15:39] C:\Program Files\MarkAny
[23/06/2009|20:38] C:\Program Files\Messenger
[23/06/2009|23:11] C:\Program Files\Messenger Plus! Live
[23/06/2009|20:35] C:\Program Files\Microsoft
[30/04/2008|18:02] C:\Program Files\microsoft frontpage
[24/05/2009|14:57] C:\Program Files\Microsoft Office
[15/01/2009|00:47] C:\Program Files\Microsoft Office Outlook Connector
[05/05/2008|21:46] C:\Program Files\Microsoft Visual Studio
[05/05/2008|21:55] C:\Program Files\Microsoft Works
[27/08/2008|18:24] C:\Program Files\Movie Maker
[26/06/2009|21:08] C:\Program Files\Mozilla Firefox
[05/05/2008|21:54] C:\Program Files\MSBuild
[23/06/2009|20:50] C:\Program Files\MSECACHE
[30/04/2008|17:55] C:\Program Files\MSN
[30/04/2008|17:56] C:\Program Files\MSN Gaming Zone
[01/05/2008|23:01] C:\Program Files\MSXML 6.0
[27/08/2008|15:45] C:\Program Files\NetMeeting
[27/08/2008|18:24] C:\Program Files\Outlook Express
[23/03/2009|21:38] C:\Program Files\Outsim
[01/04/2009|18:25] C:\Program Files\PerfectBux
[30/04/2008|17:59] C:\Program Files\Services en ligne
[30/04/2008|22:10] C:\Program Files\SigmaTel
[27/08/2008|17:57] C:\Program Files\Thème
[01/05/2008|01:05] C:\Program Files\Trend Micro
[30/04/2008|18:17] C:\Program Files\Uninstall Information
[03/05/2008|19:12] C:\Program Files\UxTheme Multipatcher Fr
[23/06/2009|20:50] C:\Program Files\Windows Installer Clean Up
[15/01/2009|00:43] C:\Program Files\Windows Live
[16/07/2008|01:10] C:\Program Files\Windows Media Connect 2
[10/06/2009|15:37] C:\Program Files\Windows Media Player
[27/08/2008|15:45] C:\Program Files\Windows NT
[30/04/2008|18:00] C:\Program Files\WindowsUpdate
[30/04/2008|18:02] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[09/12/2008|20:08] C:\Program Files\Fichiers communs\Adobe
[02/06/2161|23:00] C:\Program Files\Fichiers communs\Apple
[05/05/2008|20:34] C:\Program Files\Fichiers communs\Designer
[14/04/2009|20:45] C:\Program Files\Fichiers communs\DirectX
[09/12/2008|16:09] C:\Program Files\Fichiers communs\DVDVideoSoft
[01/05/2008|01:32] C:\Program Files\Fichiers communs\InstallShield
[06/05/2008|14:48] C:\Program Files\Fichiers communs\Java
[19/02/2009|16:13] C:\Program Files\Fichiers communs\Microsoft Shared
[30/04/2008|17:58] C:\Program Files\Fichiers communs\MSSoap
[11/06/2009|22:01] C:\Program Files\Fichiers communs\ODBC
[30/04/2008|17:58] C:\Program Files\Fichiers communs\Services
[30/04/2008|19:48] C:\Program Files\Fichiers communs\SpeechEngines
[15/01/2009|00:47] C:\Program Files\Fichiers communs\System
[15/01/2009|00:36] C:\Program Files\Fichiers communs\Windows Live
[10/06/2009|15:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 42

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-26 21:15:56
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\Marco\Local Settings\Temporary Internet Files\Content.IE5\TNGUDM43\crackerjackSplurb[1].swf


/!\ [Fich:500][Doss:5] C:\DOCUME~1\Marco\LOCALS~1\Temp
/!\ [Fich:161][Doss:0] C:\DOCUME~1\Marco\Cookies
/!\ [Fich:3766][Doss:6] C:\DOCUME~1\Marco\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 21:16:44,05 ]----------------------

log.txt


Logfile of random's system information tool 1.06 (written by random/random)
Run by Marco at 2009-06-28 09:30:27
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 4 GB (19%) free of 21 GB
Total RAM: 2047 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:30:42, on 28/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
C:\windows\system32\lxdicoms.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\windows\system32\svchost.exe
C:\windows\system32\ZuneBusEnum.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
E:\Program Files\Hercules\Hercules Blog Webcam\CamService.exe
C:\windows\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
E:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Marco\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Marco.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe,C:\Documents and Settings\Marco\xwpwc.exe \s,
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - E:\Program Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\SamSung!\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HerculesCamService] E:\Program Files\Hercules\Hercules Blog Webcam\CamService.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MSConfig] C:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-746137067-1993962763-1343024091-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - Startup: iTunes.exe.lnk = E:\Program Files\iTunes\iTunes.exe
O8 - Extra context menu item: Download with GetRight - E:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\SamSung!\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - E:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\SamSung!\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\SamSung!\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\SamSung!\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\SamSung!\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\windows\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\windows\system32\lxdicoms.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 7249 bytes

======Scheduled tasks folder======

C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GlaryInitialize.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31FF080D-12A3-439A-A2EF-4BA95A3148E8}]
IE to GetRight Helper - E:\Program Files\GetRight\xx2gr.dll [2007-07-18 246848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - F:\SamSung!\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-19 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-19 455168]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-02-21 819200]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-02-21 970752]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"HerculesCamService"=E:\Program Files\Hercules\Hercules Blog Webcam\CamService.exe [2006-10-13 122880]
"KernelFaultCheck"=C:\windows\system32\dumprep 0 -k []
"MSConfig"=C:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 172544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\windows\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-19 208952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
E:\Program Files\iTunes\iTunesHelper.exe [2009-05-30 292136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProcessManager]
C:\Program Files\Bill2's Process Manager\ProcessManager.exe [2009-05-30 1830912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
F:\SamSung!\MICROS~1\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Marco^Menu Démarrer^Programmes^Démarrage^iTuneS.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Marco^Menu Démarrer^Programmes^Démarrage^OneNote 2007 - Capture d'écran et lancement.lnk]
F:\SamSung!\MICROS~1\Office12\ONENOTEM.EXE [2007-12-07 101440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3
"WMPNetworkSvc"=3
"StarWindServiceAE"=2
"odserv"=3
"Microsoft Office Groove Audit Service"=3
"IDriverT"=3
"Bonjour Service"=2
"ATI Smart"=2
"Ati HotKey Poller"=2

C:\Documents and Settings\Marco\Menu Démarrer\Programmes\Démarrage
iTunes.exe.lnk - E:\Program Files\iTunes\iTunes.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\windows\system32\Ati2evxx.dll [2008-12-01 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"=C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 192512]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=F:\SamSung!\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\SamSung!\Microsoft Office\Office12\OUTLOOK.EXE"="F:\SamSung!\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"F:\SamSung!\Microsoft Office\Office12\GROOVE.EXE"="F:\SamSung!\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"F:\SamSung!\Microsoft Office\Office12\ONENOTE.EXE"="F:\SamSung!\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"F:\SamSung!\Game\PES 2008\PES 2008\PES2008.exe"="F:\SamSung!\Game\PES 2008\PES 2008\PES2008.exe:*:Enabledro Evolution Soccer 2008"
"F:\SamSung!\Game\Act of war\ACTOFWAR.EXE"="F:\SamSung!\Game\Act of war\ACTOFWAR.EXE:*:Enabled:ACTOFWAR"
"E:\Program Files\VideoLAN\VLC\vlc.exe"="E:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"="C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe:*:Enabled:Lexmark Device Monitor"
"C:\Program Files\Lexmark 3500-4500 Series\App4R.exe"="C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:*:Enabled:Lexmark Imaging Studio"
"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe"="C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader"
"C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe"="C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:*:Enabled:Fax software"
"C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"="C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe:*:Enabledevice Monitor"
"C:\WINDOWS\system32\lxdicfg.exe"="C:\WINDOWS\system32\lxdicfg.exe:*:Enabledrinter Communication System"
"C:\WINDOWS\system32\lxdicoms.exe"="C:\WINDOWS\system32\lxdicoms.exe:*:Enabled:Lexmark Communications System"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdipswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdipswx.exe:*:Enabledrinter Status Window Interface"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxditime.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxditime.exe:*:Enabled:Lexmark Connect Time Executable"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdijswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdijswx.exe:*:Enabled:Job Status Window Interface"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdiwbgw.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdiwbgw.exe:*:Enabled:Lexmark Web Gateway"
"C:\WINDOWS\system32\lxdiih.exe"="C:\WINDOWS\system32\lxdiih.exe:*:Enabledrinter Communication System"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\Program Files\uTorrent\uTorrent.exe"="E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"E:\Program Files\TVAnts\Tvants.exe"="E:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"E:\Program Files\RayV\RayV\RayV.dll"="E:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV"
"C:\Program Files\Lexmark 3500-4500 Series\Wireless\lxdiwpss.exe"="C:\Program Files\Lexmark 3500-4500 Series\Wireless\lxdiwpss.exe:*isabled: "
"E:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe"="E:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe:*isabled:iolo AntiVirus®"
"E:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe"="E:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe:*isabled:iolo AntiVirus®"
"E:\Program Files\iolo\System Mechanic Professional\AntiVirus\iAVEmailScanner.exe"="E:\Program Files\iolo\System Mechanic Professional\AntiVirus\iAVEmailScanner.exe:*isabled:iolo AntiVirus® Email Protection"
"E:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScanner.exe"="E:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScanner.exe:*isabled:iolo AntiVirus® Email Protection"
"E:\Program Files\iolo\System Mechanic Professional\Personal Firewall\ioloFW.exe"="E:\Program Files\iolo\System Mechanic Professional\Personal Firewall\ioloFW.exe:*isabled:iolo Firewall®"
"E:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe"="E:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe:*isabled:iolo Firewall®"
"C:\Documents and Settings\Marco\Local Settings\temp\ms1240355414.exe"="C:\Documents and Settings\Marco\Local Settings\temp\ms1240355414.exe:*isabled:ms1240355414"
"E:\Program Files\RayV\RayV\RayV.exe"="E:\Program Files\RayV\RayV\RayV.exe:*isabled:RayV"
"C:\Program Files\RayV\RayV\RayV.dll"="C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV"
"C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV"
"C:\Documents and Settings\Marco\xwpwc.exe"="C:\Documents and Settings\Marco\xwpwc.exe:*:Enabled:ENABLE"
"E:\Program Files\iTunes\iTunes.exe"="E:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"E:\Program Files\Hercules\Hercules Blog Webcam\Station2.exe"="E:\Program Files\Hercules\Hercules Blog Webcam\Station2.exe:*:Enabled:Hercules Webcam Station Evolution"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Lexmark 3500-4500 Series\app4r.exe"="C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:*:Enabled:Lexmark Imaging Studio"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37de8f3a-1935-11dd-8a62-00166fbf4087}]
shell\AutoRun\command - K:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{830bd25d-2b9f-11de-8639-00166fbf4087}]
shell\AutoRun\command - K:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb43a1e5-16d0-11dd-8a54-bdaccb291a89}]
shell\AutoRun\command - G:\LaunchU3.exe


======List of files/folders created in the last 1 months======

2161-06-03 14:10:01 ----D---- C:\windows\Minidump
2161-06-02 23:00:53 ----D---- C:\Program Files\iPod
2161-06-02 15:41:03 ----D---- C:\Program Files\Bill2's Process Manager
2009-06-26 10:41:03 ----A---- C:\lopR.txt
2009-06-23 20:50:40 ----D---- C:\Program Files\Windows Installer Clean Up
2009-06-23 20:50:21 ----D---- C:\Program Files\MSECACHE
2009-06-23 20:25:45 ----D---- C:\site
2009-06-23 20:25:45 ----D---- C:\fichier
2009-06-23 20:25:44 ----D---- C:\compta
2009-06-23 20:25:44 ----D---- C:\clip lyrics
2009-06-23 20:25:43 ----D---- C:\subtitle de films
2009-06-23 20:25:43 ----D---- C:\shopping
2009-06-23 20:25:43 ----D---- C:\cours
2009-06-23 20:25:40 ----D---- C:\table
2009-06-23 15:57:35 ----D---- C:\Documents and Settings\All Users\Application Data\Microgaming
2009-06-23 01:11:45 ----HDC---- C:\windows\$NtUninstallKB952011$
2009-06-23 01:09:30 ----A---- C:\windows\system32\pthreadGC2.dll
2009-06-23 01:09:03 ----D---- C:\Program Files\AviSynth 2.5
2009-06-21 23:24:06 ----D---- C:\Documents and Settings\Marco\Application Data\Audio Recorder Titanium
2009-06-21 23:21:55 ----A---- C:\windows\system32\NCTWMAFile2.dll
2009-06-21 23:21:55 ----A---- C:\windows\system32\NCTTextToAudio2.dll
2009-06-21 23:21:54 ----A---- C:\windows\system32\NCTAudioVisualizationEx2.dll
2009-06-21 23:21:54 ----A---- C:\windows\system32\NCTAudioVisualization2.dll
2009-06-21 23:21:54 ----A---- C:\windows\system32\NCTAudioTransform2.dll
2009-06-21 23:21:54 ----A---- C:\windows\system32\NCTAudioRecord2.dll
2009-06-21 23:21:54 ----A---- C:\windows\system32\NCTAudioPlayer2.dll
2009-06-21 23:21:54 ----A---- C:\windows\system32\NCTAudioInformation2.dll
2009-06-21 23:21:53 ----A---- C:\windows\system32\NCTAudioFile2.dll
2009-06-21 23:21:53 ----A---- C:\windows\system32\NCTAudioEditor2.dll
2009-06-21 23:21:53 ----A---- C:\windows\system32\NCTAudioDisplay2.dll
2009-06-21 23:21:52 ----A---- C:\windows\system32\NCTAudioDesign2.dll
2009-06-21 23:21:52 ----A---- C:\windows\system32\NCTAudioCDGrabber2.dll
2009-06-17 22:14:23 ----D---- C:\Downloads
2009-06-17 22:10:24 ----D---- C:\Documents and Settings\Marco\Application Data\GetRight
2009-06-17 00:29:18 ----HDC---- C:\windows\$NtUninstallWudf01007$
2009-06-16 13:26:51 ----D---- C:\windows\ie8updates
2009-06-16 13:20:04 ----A---- C:\windows\system32\ieencode.dll
2009-06-11 22:09:55 ----HDC---- C:\windows\$NtUninstallKB961501$
2009-06-11 22:09:45 ----HDC---- C:\windows\$NtUninstallKB969898$
2009-06-11 22:04:09 ----HDC---- C:\windows\$NtUninstallKB970238$
2009-06-11 22:03:10 ----A---- C:\windows\imsins.BAK
2009-06-11 22:03:03 ----HDC---- C:\windows\$NtUninstallKB968537$
2009-06-11 22:01:54 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-06-10 20:30:13 ----D---- C:\Documents and Settings\Marco\Application Data\Moyea
2009-06-10 16:36:29 ----D---- C:\logs
2009-06-10 13:56:20 ----A---- C:\windows\ntbtlog.txt
2009-06-09 22:02:39 ----D---- C:\Documents and Settings\All Users\Application Data\S.N.Safe&Software
2009-06-09 03:28:03 ----D---- C:\windows\ovtcam
2009-06-09 03:28:03 ----A---- C:\windows\OMNIUNS.EXE
2009-06-09 03:27:37 ----D---- C:\windows\system32\HWC Blog

======List of files/folders modified in the last 1 months======

2161-06-02 23:00:51 ----D---- C:\Program Files\Fichiers communs\Apple
2161-06-02 22:55:11 ----DC---- C:\windows\system32\DRVSTORE
2009-06-28 09:30:31 ----D---- C:\Documents and Settings\Marco\Application Data\uTorrent
2009-06-28 09:30:24 ----D---- C:\windows\Prefetch
2009-06-28 09:24:35 ----D---- C:\Program Files\Mozilla Firefox
2009-06-27 10:11:21 ----D---- C:\windows\Temp
2009-06-27 10:11:15 ----D---- C:\windows\system32\CatRoot2
2009-06-27 01:24:23 ----A---- C:\windows\SchedLgU.Txt
2009-06-26 21:16:44 ----D---- C:\Lop SD
2009-06-26 21:14:15 ----RD---- C:\Program Files
2009-06-26 21:14:13 ----SD---- C:\windows\Tasks
2009-06-25 13:33:05 ----A---- C:\windows\win.ini
2009-06-25 13:33:05 ----A---- C:\windows\system.ini
2009-06-25 13:29:08 ----RSHDC---- C:\windows\system32\dllcache
2009-06-25 13:29:08 ----D---- C:\windows\system32\fr-fr
2009-06-25 13:29:08 ----D---- C:\WINDOWS
2009-06-25 13:29:07 ----D---- C:\windows\system32
2009-06-25 13:29:06 ----HD---- C:\windows\inf
2009-06-25 13:29:06 ----D---- C:\windows\Media
2009-06-25 13:29:06 ----D---- C:\windows\Help
2009-06-25 13:29:06 ----D---- C:\Program Files\Internet Explorer
2009-06-25 00:29:05 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-06-24 05:56:50 ----D---- C:\windows\system32\config
2009-06-23 23:11:03 ----D---- C:\Program Files\Messenger Plus! Live
2009-06-23 21:28:11 ----D---- C:\windows\pss
2009-06-23 20:52:29 ----SHD---- C:\windows\Installer
2009-06-23 20:38:09 ----D---- C:\Program Files\Messenger
2009-06-23 20:35:03 ----D---- C:\Program Files\Microsoft
2009-06-23 20:22:50 ----SD---- C:\Documents and Settings\Marco\Application Data\Microsoft
2009-06-23 15:57:59 ----SD---- C:\windows\Downloaded Program Files
2009-06-23 11:40:55 ----D---- C:\Program Files\Fichiers communs
2009-06-21 22:02:30 ----D---- C:\windows\system32\CatRoot
2009-06-17 00:29:47 ----D---- C:\windows\system32\drivers
2009-06-16 13:27:08 ----HD---- C:\windows\$hf_mig$
2009-06-14 22:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-06-11 22:04:29 ----D---- C:\windows\Debug
2009-06-10 20:29:00 ----D---- C:\windows\WinSxS
2009-06-10 15:37:46 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2009-06-10 15:37:46 ----D---- C:\Program Files\Windows Media Player
2009-06-10 15:37:46 ----D---- C:\Program Files\Java
2009-06-10 15:37:41 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-06-10 15:20:42 ----D---- C:\windows\system32\Restore
2009-06-10 15:11:38 ----D---- C:\Documents and Settings\Marco\Application Data\Macromedia
2009-06-10 15:06:28 ----D---- C:\Documents and Settings\Marco\Application Data\GlarySoft
2009-06-09 23:55:32 ----D---- C:\Documents and Settings
2009-06-09 03:28:03 ----D---- C:\windows\twain_32
2009-06-09 03:27:27 ----HD---- C:\Program Files\InstallShield Installation Information
2009-06-01 18:51:12 ----A---- C:\windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2009-04-28 96104]
R1 intelppm;Pilote de processeur Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 PQNTDrv;PQNTDrv; C:\windows\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2009-06-10 28520]
R1 StarOpen;StarOpen; C:\windows\system32\drivers\StarOpen.sys [2009-01-31 5632]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\windows\system32\DRIVERS\AegisP.sys [2009-04-26 21425]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2009-04-28 55640]
R2 mdmxsdk;mdmxsdk; C:\windows\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\windows\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\windows\system32\DRIVERS\nwlnknb.sys [2004-08-19 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\windows\system32\DRIVERS\nwlnkspx.sys [2004-08-19 55936]
R2 s24trans;Transport RLAN; C:\windows\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
R2 zumbus;Zune Bus Enumerator Driver; C:\windows\system32\DRIVERS\zumbus.sys [2008-11-10 40832]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP; C:\windows\system32\DRIVERS\Apfiltr.sys [2005-09-28 113847]
R3 APL531;Hercules Blog Webcam; C:\windows\System32\Drivers\BLvid.sys [2006-09-29 274816]
R3 ati2mtag;ati2mtag; C:\windows\system32\DRIVERS\ati2mtag.sys [2008-12-02 3452928]
R3 camfilt;camfilt; C:\windows\System32\Drivers\camfilt.sys [2006-10-03 22656]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\windows\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 dtscsi;dtscsi; C:\windows\System32\Drivers\dtscsi.sys [2008-05-11 223128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\windows\system32\DRIVERS\HSF_DPV.SYS [2005-03-17 1033600]
R3 HSFHWICH;HSFHWICH; C:\windows\system32\DRIVERS\HSFHWICH.sys [2005-03-17 208000]
R3 mouhid;Pilote HID de souris; C:\windows\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 STAC97;SigmaTel C-Major Audio; C:\windows\system32\drivers\STAC97.sys [2005-03-10 273168]
R3 usbaudio;Pilote USB audio (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\windows\system32\DRIVERS\w29n51.sys [2007-02-08 2209408]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\windows\System32\Drivers\wdf01000.sys [2008-03-27 503008]
R3 winachsf;winachsf; C:\windows\system32\DRIVERS\HSF_CNXT.sys [2005-03-17 705280]
S3 ajuaf5xh;ajuaf5xh; C:\windows\system32\drivers\ajuaf5xh.sys []
S3 Arp1394;Protocole client ARP 1394; C:\windows\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 ATIXPGAA;ATIXPGAA; \??\C:\Dell\Drivers\R88754\ATIXPGAA.SYS []
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\windows\system32\DRIVERS\bcm4sbxp.sys [2003-09-26 44032]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\windows\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\windows\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\windows\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Pilote du Moniteur réseau; C:\windows\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\windows\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 sffdisk;Pilote de classe de stockage SFF; C:\windows\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\windows\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;Détrameur décalage BDA; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UIUSys;Conexant Setup API; C:\windows\system32\drivers\UIUSys.sys []
S3 usbscan;Pilote de scanneur USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WinUSB;WinUSB; C:\windows\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\windows\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\windows\System32\drivers\ws2ifsl.sys [2004-08-19 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-10 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 BthServ;Bluetooth Support Service; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 lxdi_device;lxdi_device; C:\windows\system32\lxdicoms.exe [2007-06-11 517040]
R2 lxdiCATSCustConnectService;lxdiCATSCustConnectService; C:\windows\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe [2007-06-11 99248]
R2 NwSapAgent;Agent SAP; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 ZuneBusEnum;Zune Bus Enumerator; C:\windows\system32\ZuneBusEnum.exe [2008-12-12 60032]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-05-30 541992]
S2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-02-21 983040]
S2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-02-21 294912]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ZuneNetworkSvc;Zune Network Sharing Service; E:\Program Files\zune\ZuneNss.exe [2008-12-12 5117568]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\windows\system32\ZuneWlanCfgSvc.exe [2008-12-12 243840]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\windows\system32\Ati2evxx.exe [2008-12-01 598016]
S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-12-01 593920]
S4 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; F:\SamSung!\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S4 StarWindServiceAE;StarWind AE Service; E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------






lxdi.log


2009/04/21-12:20:37.412 ComClient LcsClosePrinter() exception=1
2009/06/10-14:23:56.187 ComClient LcsClosePrinter() exception=1

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\Documents and Settings\Marco\Local Settings\temp\ms1240355414.exe not found.
File/Folder C:\Documents and Settings\Marco\xwpwc.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\Marco\Local Settings\temp\ms1240355414.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\Marco\xwpwc.exe deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 2493920 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33438 bytes
->FireFox cache emptied: 13413105 bytes

User: Marco
->Temp folder emptied: 60269271 bytes
->Temporary Internet Files folder emptied: 58360954 bytes
->Java cache emptied: 8565721 bytes
->FireFox cache emptied: 88211404 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 197224897 bytes

User: Safe'n'Sec ®
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114937 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 164404 bytes

RecycleBin emptied: 4980578725 bytes

Total Files Cleaned = 1064,81 mb


OTM by OldTimer - Version 3.0.0.2 log created on 06282009_180504

Files moved on Reboot...

Registry entries deleted on Reboot...

Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2347
Windows 5.1.2600 Service Pack 3

28/06/2009 23:37:39
mbam-log-2009-06-28 (23-37-39).txt

Type de recherche: Examen rapide
Eléments examinés: 98986
Temps écoulé: 13 minute(s), 1 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\QuickyPlaeyrSoft (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

info.txt logfile of random's system information tool 1.06 2009-05-13 13:06:25

======Uninstall list======

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD4F051C-1A2B-4A91-B187-B093C597418C}\setup.exe" -l0x40c anything
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
7-Zip 4.57-->"E:\Program Files\7-Zip\Uninstall.exe"
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Act of War - Direct Action-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F9B915DF-B79C-4747-9BA3-9705A57DC717}\setup.exe" -l0x40c
Adobe Flash Player 10 Plugin-->C:\windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->E:\Program Files\WinRAR\uninstall.exe
ASIO4ALL-->E:\Program Files\ASIO4ALL v2\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\windows\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Broadcom 440x 10/100 Integrated Controller-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{52504CE6-E909-4113-B232-4AFEC6543A61} /l1036
CCleaner (remove only)-->"E:\Program Files\CCleaner\uninst.exe"
Chessmaster Grandmaster Edition-->C:\Program Files\InstallShield Installation Information\{27614800-84A9-484E-9CCB-43ED2F1205F5}\setup.exe -runfromtemp -l0x040c
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
C-Major Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x40c -remove -removeonly
Combined Community Codec Pack 2008-09-21 16:18-->"E:\Program Files\Combined Community Codec Pack\unins001.exe"
Conexant D110 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\windows\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB932716-v2)-->"C:\windows\$NtUninstallKB932716-v2$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe"
Driver Genius Professional Edition-->"E:\Program Files\Driver Genius\DriverGenius\unins000.exe"
EmoDio-->MsiExec.exe /X{C20CE592-B0F8-4D20-BF31-0151CA6331A6}
FL Studio 8-->E:\Program Files\FruityLoops Studio 8.0 XXL Edition\Dossier\uninstall.exe
Free YouTube to Mp3 Converter version 3.1-->"E:\Program Files\youtube\Free YouTube to Mp3 Converter\unins000.exe"
GUILTY GEAR XX #RELOAD-->MsiExec.exe /I{C6866249-495A-4ED7-AD69-99336B5E86E4}
Haali Media Splitter-->"E:\Program Files\Matroska Pack\haali\uninstall.exe"
Hercules Blog Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B6490BA-FAEA-486C-BAB5-561251D5F2B1}\setup.exe" -l0x40c -removeonly
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\windows\$NtUninstallKB929399$\spuninst\spuninst.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Kaspersky Online Scanner-->C:\windows\system32\KASPER~1\KASPER~1\kavuninstall.exe
K-Lite Codec Pack 3.9.0 Full-->"E:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lexmark 3500-4500 Series-->C:\Program Files\Lexmark 3500-4500 Series\Install\x86\Uninst.exe
Logiciel Intel(R) PROSet/Wireless-->C:\windows\Installer\iProInst.exe
Magic ISO Maker v5.5 (build 0276)-->E:\PROGRA~1\MagicISO\UNWISE.EXE E:\PROGRA~1\MagicISO\INSTALL.LOG
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
Messenger Plus! Live & Sponsor (CiD)-->"E:\Program Files\Messenger Plus! Live\Uninstall.exe"
mHlpDell-->MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\windows\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\windows\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\windows\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\windows\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\windows\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft WinUsb 1.0-->"C:\windows\$NtUninstallwinusb0100$\spuninst\spuninst.exe"
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\windows\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\windows\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\windows\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\windows\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\windows\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\windows\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\windows\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\windows\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\windows\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\windows\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\windows\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\windows\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\windows\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\windows\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\windows\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\windows\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\windows\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\windows\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\windows\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\windows\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\windows\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\windows\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\windows\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\windows\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\windows\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\windows\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\windows\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\windows\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\windows\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\windows\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe"
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538}
mSSO-->MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mWMI-->MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
NBA LIVE 06-->F:\SamSung!\Game\NBA Live 06\EAUninstall.exe
Need for Speed Underground 2-->F:\SamSung!\Game\nfsu2\EAUninstall.exe
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Crystal Clear 1.0-->C:\windows\BricoPacks\Crystal Clear\Remove.exe
PhotoFiltre Studio-->"E:\Program Files\PhotoFiltre Studio\Uninst.exe"
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
Pro Evolution Soccer 2008-->C:\Program Files\InstallShield Installation Information\{2FDFD600-7338-4738-90D5-FC4ACA08DC36}\setup.exe -runfromtemp -l0x040c
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Real Alternative 1.9.0-->"E:\Program Files\Real Alternative\unins000.exe"
Registry Mechanic 7.0-->"E:\Program Files\Registry Mechanic\unins000.exe"
SAMSUNG Mobile Modem Driver Set-->C:\windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Solutions de télécopie Lexmark-->C:\Program Files\\Lexmark Fax Solutions\Install\x86\Uninst.exe /R:faxunst
SuperCopier2-->"E:\Program Files\SuperCopier2\SC2Uninst.exe"
The Font Thing-->C:\windows\uninst.exe -f"e:\program files\photofiltre studio\fontvisu\DeIsL1.isu" -c"e:\program files\photofiltre studio\fontvisu\_ISREG32.DLL"
The Simpsons Hit & Run(TM)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79AAB3A-B8B4-4AC7-94AB-1C4C076C6A89}\setup.exe" -l0x9
Tony Hawks Pro Skater 4-->MsiExec.exe /X{E0F07676-2C60-4465-A727-20DE3BFCABAC}
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
Uninstall 1.0.0.1-->"C:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
Unlocker 1.8.7-->E:\Program Files\Unlocker\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Outlook 2007 Junk Email Filter (kb968503)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}
VideoLAN VLC media player 0.8.6f-->E:\Program Files\VideoLAN\VLC\uninstall.exe
Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
Winamp-->"E:\Program Files\Winamp\UninstWA.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\windows\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\windows\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\windows\$NtServicePackUninstall$\spuninst\spuninst.exe"
XviD MPEG-4 Video Codec-->"E:\Program Files\XviD\unins000.exe"
zAlternator-->E:\Program Files\zAlternator\Uninstall.exe
Zune Language Pack (ES)-->MsiExec.exe /X{EE4ACABF-531E-419A-9225-B8E0FA4955AF}
Zune Language Pack (FR)-->MsiExec.exe /X{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}
Zune-->E:\Program Files\zune\ZuneSetup.exe /x
Zune-->MsiExec.exe /X{FF70513F-E3A7-402F-84FB-B7810A064BE2}

=====HijackThis Backups=====

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-01-28]
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Reg [...] lashax.cab [2009-01-28]

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: SAMSUNG
Event Code: 7036
Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.

Record Number: 52773
Source Name: Service Control Manager
Time Written: 20090423092340.000000+120
Event Type: Informations
User:

Computer Name: SAMSUNG
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.

Record Number: 52772
Source Name: Service Control Manager
Time Written: 20090423092340.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: SAMSUNG
Event Code: 26
Message: Application popup : Windows - L'écriture décalée a échoué : Windows n'a pas pu sauvegarder toutes les données pour le fichier F:\SamSung!\Microsoft Office\Office12. Les données ont été perdues. Cette erreur peut être due à une panne de votre matériel ou de votre connexion réseau. Essayez de sauvegarder ce fichier à un autre emplacement.

Record Number: 52771
Source Name: Application Popup
Time Written: 20090423092339.000000+120
Event Type: Informations
User:

Computer Name: SAMSUNG
Event Code: 50
Message: {L'écriture décalée a échoué}
Windows n'a pas pu sauvegarder toutes les données pour le fichier hs. Les données ont été perdues.
Cette erreur peut être due à une panne de votre matériel ou de votre connexion réseau. Essayez de sauvegarder ce fichier à un autre emplacement.

Record Number: 52770
Source Name: Ntfs
Time Written: 20090423092339.000000+120
Event Type: Avertissement
User:

Computer Name: SAMSUNG
Event Code: 50
Message: {L'écriture décalée a échoué}
Windows n'a pas pu sauvegarder toutes les données pour le fichier hs. Les données ont été perdues.
Cette erreur peut être due à une panne de votre matériel ou de votre connexion réseau. Essayez de sauvegarder ce fichier à un autre emplacement.

Record Number: 52769
Source Name: Ntfs
Time Written: 20090423092339.000000+120
Event Type: Avertissement
User:

=====Application event log=====

Computer Name: SAMSUNG
Event Code: 102
Message: MsnMsgr (3608) \\.\C:\Documents and Settings\Marco\Local Settings\Application Data\Microsoft\Messenger\ti_samsung@hotmail.fr\SharingMetadata\Working\database_FC10_2747_1027_86A\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 8081
Source Name: ESENT
Time Written: 20081219113623.000000+060
Event Type: Informations
User:

Computer Name: SAMSUNG
Event Code: 100
Message: MsnMsgr (3608) Le moteur de base de données 5.01.2600.5512 est démarré.

Record Number: 8080
Source Name: ESENT
Time Written: 20081219113623.000000+060
Event Type: Informations
User:

Computer Name: SAMSUNG
Event Code: 101
Message: MsnMsgr (3608) Le moteur de base de données est arrêté.

Record Number: 8079
Source Name: ESENT
Time Written: 20081219113308.000000+060
Event Type: Informations
User:

Computer Name: SAMSUNG
Event Code: 103
Message: MsnMsgr (3608) \\.\C:\Documents and Settings\Marco\Local Settings\Application Data\Microsoft\Messenger\ti_samsung@hotmail.fr\SharingMetadata\Working\database_FC10_2747_1027_86A\dfsr.db: Le moteur de base de données a arrêté une instance (0).

Record Number: 8078
Source Name: ESENT
Time Written: 20081219113308.000000+060
Event Type: Informations
User:

Computer Name: SAMSUNG
Event Code: 302
Message: MsnMsgr (3608) \\.\C:\Documents and Settings\Marco\Local Settings\Application Data\Microsoft\Messenger\ti_samsung@hotmail.fr\SharingMetadata\Working\database_FC10_2747_1027_86A\dfsr.db: Le moteur de base de données a exécuté la procédure de récupération avec succès.

Record Number: 8077
Source Name: ESENT
Time Written: 20081219111436.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\windows\Microsoft.NET\Framework\v2.0.50727;C:\Program Files\Samsung\Samsung PC Studio 3;E:\Program Files\QuickTime\QTSystem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\WiFi\bin;E:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0d06
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

non c'est bon, c'est super gentil d'avoir fait tout ça pour moi, merci encore!!

[ Rapport ToolsCleaner version 2.3.7 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\_OTM: trouvé !
C:\Toolbar SD: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Marco\Bureau\Fichier\HijackThis.lnk: trouvé !
C:\Documents and Settings\Marco\Bureau\Fichier\LopSD.exe: trouvé !
C:\Documents and Settings\Marco\Bureau\Fichier\OTM.exe: trouvé !
C:\Documents and Settings\Marco\Bureau\Fichier\ComboFix.exe: trouvé !
C:\Documents and Settings\Marco\Bureau\Fichier\ToolBarSD.exe: trouvé !
C:\Documents and Settings\Marco\Bureau\Fichier\Rsit.exe: trouvé !
C:\Documents and Settings\Marco\Menu Démarrer\Programmes\Lop S&D: trouvé !
C:\Lop SD\Lop S&D.lnk: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Marco\Bureau\Fichier\HijackThis.lnk: supprimé !
C:\Documents and Settings\Marco\Bureau\Fichier\LopSD.exe: supprimé !
C:\Documents and Settings\Marco\Bureau\Fichier\OTM.exe: supprimé !
C:\Documents and Settings\Marco\Bureau\Fichier\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Marco\Bureau\Fichier\ToolBarSD.exe: supprimé !
C:\Lop SD\Lop S&D.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Documents and Settings\Marco\Bureau\Fichier\Rsit.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Lop SD: supprimé !
C:\Qoobox: supprimé !
C:\_OTM: supprimé !
C:\Toolbar SD: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\Marco\Menu Démarrer\Programmes\Lop S&D: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !




je crois que c'est bon là haha