Tom's Guide > Forum > Sécurité - Virus > [Résolu] Pc infecté avec b.exe et msa.exe

[Résolu] Pc infecté avec b.exe et msa.exe

Forum Sécurité - Virus : [Résolu] Pc infecté avec b.exe et msa.exe

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !

Créer un nouveau sujet Répondre

Bas de page Chercher dans ce sujet

Bonjour,
Je viens de me rendre compte pourquoi certainement mon PC est devenu exagérément lent depuis qques temps : il y a au moins b.exe et msa.exe qui me parasitent.
Est-ce que qqun pourrait m'aider à supprimer ces cochonneries ?
Merci d'avance.
Pascal

Message édité par bobba_feet le 10-11-2009 à 22:22:34

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Bonjour,

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
Sélectionne Exécuter un examen rapide.
Clique sur Rechercher. L'analyse démarre.
A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Répondre à Destrio5

Bonjour,

C'est fait. msa.exe semble avoir disparu, mais toujours b.exe je crois

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3133
Windows 5.1.2600 Service Pack 3

09/11/2009 18:04:29
mbam-log-2009-11-09 (18-04-29).txt

Type de recherche: Examen rapide
Eléments examinés: 138911
Temps écoulé: 38 minute(s), 26 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5

Processus mémoire infecté(s):
C:\WINDOWS\msa.exe (Trojan.Agent) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\mediagateway.installer (Adware.MediaAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9} (Adware.Winad) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{735c5a0c-f79f-47a1-8ca1-2a2e482662a8} (Adware.Winad) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e5f0d38-214b-4085-ad2a-d2290e6a2d2c} (Adware.MediaAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{15696ae2-6ea4-47f4-bea6-a3d32693efc7} (Adware.Winad) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\Media Gateway\MediaGateway.exe (Adware.Winad) -> Quarantined and deleted successfully.
C:\Documents and Settings\pascal\Local Settings\Temp\cmdo.exe (Malware.Tool) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\expIorer.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Répondre à bobba_feet

Relance MBAM, va dans Quarantaine et supprime tout.

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
Double-clique sur RSIT.exe afin de lancer le programme.

(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Répondre à Destrio5

Après passage de l'outil :
log.txt
>>>>>>>>>>>
Logfile of random's system information tool 1.06 (written by random/random)
Run by pascal at 2009-11-09 18:34:23
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 5 GB (15%) free of 36 GB
Total RAM: 767 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:34:39, on 09/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\PROGRA~1\PHILIP~1\VProperty.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\DOCUME~1\pascal\LOCALS~1\Temp\b.exe
C:\Documents and Settings\pascal\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\pascal.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [] C:\WINDOWS\Options\OEMReset.exe /Audit
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P and now I post my Hijack log] C:\WINDOWS\system32\warez.exe
O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [TurboNet] C:\DOCUME~1\pascal\LOCALS~1\Temp\b.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 9661708767
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/g [...] wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F87DE87-FD88-4C5F-9523-FD0BC006B619}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: bw+0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O24 - Desktop Component 1: FIP en direct - http://www.radiofrance.fr/chaines/fip/direct/popup.php

--
End of file - 23225 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{FFDE6A03-7A61-4531-81FD-01A9896D900C}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2006-02-07 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-27 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-07-29 1153024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-07-11 342600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""=C:\WINDOWS\Options\OEMReset.exe [2002-02-22 294912]
"EPSON Stylus C42 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [2002-02-19 74240]
"CloneCDElbyCDFL"=C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe [2002-11-02 45056]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ToUcamVProperty"=C:\PROGRA~1\PHILIP~1\VProperty.exe [2003-04-02 131072]
"ShStatEXE"=C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE [2003-09-29 81990]
"McAfeeUpdaterUI"=C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe [2004-06-09 135224]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-08-02 7110656]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-08-02 86016]
"I downloaded pirated Software from P2P and now I post my Hijack log"=C:\WINDOWS\system32\warez.exe []
"eCarteBleue-CLEO"=C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe [2006-02-07 200704]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-07-29 1024512]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-10-15 198160]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LDM"=\Program\ []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-04 68856]
"TurboNet"=C:\DOCUME~1\pascal\LOCALS~1\Temp\b.exe [2009-11-09 152064]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\KEM.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\pascal\Menu Démarrer\Programmes\Démarrage
Démarrage d'Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
Microsoft Recherche accélérée.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\Program Files\DVD Region-Free\DVDShell.dll [2004-03-07 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*isabled:Logitech Desktop Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*isabled:@xpsp2res.dll,-22019"
"C:\Program Files\EA Games\Need For Speed Underground\speed.exe"="C:\Program Files\EA Games\Need For Speed Underground\speed.exe:*:Enabled:speed"
"C:\Program Files\Wizou\FreeXplorer\FreeXplorer.exe"="C:\Program Files\Wizou\FreeXplorer\FreeXplorer.exe:*:Enabled:FreeXplorer"
"C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*isabled:Firefox"
"C:\Program Files\Wizou\FreeXplorer\Freeplayer\vlc\vlc.exe"="C:\Program Files\Wizou\FreeXplorer\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\HomePlayer\bin\HomePlayer.exe"="C:\Program Files\HomePlayer\bin\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\adslTV\adslTV.exe"="C:\Program Files\adslTV\adslTV.exe:*:Enabled:adslTV"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Real\RealOne Player\realplay.exe"="C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player"
"C:\Program Files\EasyBox\apache\apache.exe"="C:\Program Files\EasyBox\apache\apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\EasyBox\vlc\vlc.exe"="C:\Program Files\EasyBox\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Java\jre1.6.0_02\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_02\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Network Associates\Common Framework\FrameworkService.exe"="C:\Program Files\Network Associates\Common Framework\FrameworkService.exe:*:Enabled:Framework Service"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe:*:Enabled:FileZilla"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\SYSTEM32\mmc.exe"="C:\WINDOWS\SYSTEM32\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\XBMC\XBMC.exe"="C:\Program Files\XBMC\XBMC.exe:*:Enabled:XBMC Media Center"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7dee97c1-6cc9-11d6-af79-806d6172696f}]
shell\play\command - C:\Program Files\InterVideo\WinDVD\WinDVD.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{accef6a0-ed06-11dd-98cd-000476f3090b}]
shell\AutoRun\command - I:\hpcc.exe

======List of files/folders created in the last 1 months======

2009-11-09 18:34:25 ----D---- C:\Program Files\trend micro
2009-11-09 18:34:23 ----D---- C:\rsit
2009-11-09 17:52:18 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-11-09 17:21:13 ----D---- C:\Documents and Settings\pascal\Application Data\Malwarebytes
2009-11-09 17:20:58 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-09 17:20:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-09 16:43:58 ----N---- C:\WINDOWS\UNNeroVision.exe
2009-11-09 16:43:07 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2009-11-08 18:45:29 ----A---- C:\WINDOWS\VobEdit.INI
2009-10-30 14:17:31 ----A---- C:\WINDOWS\system32\i420vfw.dll
2009-10-30 14:17:31 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2009-10-30 14:17:01 ----RSH---- C:\WINDOWS\system32\nbDX.dll
2009-10-30 14:17:01 ----RSH---- C:\WINDOWS\system32\msfDX.dll
2009-10-30 14:16:56 ----RSH---- C:\WINDOWS\system32\flvDX.dll
2009-10-30 14:16:34 ----D---- C:\Program Files\eRightSoft
2009-10-15 21:45:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 21:40:48 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 21:40:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 21:39:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 21:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 21:39:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 21:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 21:37:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 21:37:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-15 21:37:02 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-15 21:22:27 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-10-15 21:20:07 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-10-15 21:17:48 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-10-15 21:17:48 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-10-15 21:17:35 ----D---- C:\Program Files\Fichiers communs\xing shared

======List of files/folders modified in the last 1 months======

2009-11-09 18:34:25 ----AD---- C:\Program Files
2009-11-09 18:33:01 ----SD---- C:\WINDOWS\Tasks
2009-11-09 18:17:10 ----D---- C:\WINDOWS\Temp
2009-11-09 18:10:49 ----D---- C:\Program Files\Mozilla Firefox
2009-11-09 18:08:13 ----AH---- C:\WINDOWS\system32\ffastlog.txt
2009-11-09 18:08:12 ----D---- C:\WINDOWS\SYSTEM32
2009-11-09 18:05:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-09 18:04:29 ----D---- C:\WINDOWS
2009-11-09 17:21:01 ----D---- C:\WINDOWS\system32\drivers
2009-11-09 16:50:53 ----D---- C:\WINDOWS\Prefetch
2009-11-09 16:43:16 ----D---- C:\Program Files\ahead
2009-11-09 16:42:36 ----D---- C:\Program Files\Yahoo!
2009-11-09 12:52:38 ----A---- C:\WINDOWS\IfoEdit.INI
2009-11-09 10:14:24 ----A---- C:\WINDOWS\hpbafd.ini
2009-11-08 19:20:02 ----D---- C:\Documents and Settings\pascal\Application Data\XBMC
2009-11-08 19:18:28 ----D---- C:\Documents and Settings\pascal\Application Data\vlc
2009-11-08 19:16:32 ----D---- C:\A TRAVAILLER
2009-11-08 18:57:24 ----A---- C:\WINDOWS\winzip32.ini
2009-11-08 18:57:24 ----A---- C:\WINDOWS\win.ini
2009-11-08 10:06:31 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-11-08 08:43:21 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-11-07 23:18:06 ----D---- C:\Documents and Settings\pascal\Application Data\Azureus
2009-11-07 22:44:59 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-07 16:19:59 ----D---- C:\Program Files\Winamp
2009-11-07 09:30:50 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-05 03:02:42 ----D---- C:\WINDOWS\INF
2009-11-05 03:02:33 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-11-05 03:00:54 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-30 14:17:27 ----D---- C:\WINDOWS\FONTS
2009-10-30 11:34:20 ----D---- C:\temp
2009-10-29 09:31:07 ----D---- C:\WINDOWS\HELP
2009-10-25 07:19:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-24 15:53:21 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-24 15:52:08 ----SHD---- C:\WINDOWS\Installer
2009-10-24 15:51:13 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-17 13:29:38 ----D---- C:\Program Files\Azureus
2009-10-15 21:46:21 ----A---- C:\WINDOWS\imsins.BAK
2009-10-15 21:46:09 ----D---- C:\Program Files\Internet Explorer
2009-10-15 21:45:25 ----D---- C:\WINDOWS\WinSxS
2009-10-15 21:22:25 ----D---- C:\Documents and Settings\pascal\Application Data\Real
2009-10-15 21:20:17 ----D---- C:\Program Files\Fichiers communs\Real
2009-10-15 21:17:35 ----D---- C:\Program Files\Fichiers communs
2009-10-15 21:15:52 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-10-15 21:15:52 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-10-15 21:15:51 ----A---- C:\WINDOWS\system32\pncrt.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 GhPciScan;GhostPciScanner; \??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2003-10-10 52128]
R1 SSHDRV76;SSHDRV76; \??\C:\WINDOWS\System32\drivers\SSHDRV76.sys []
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-08-14 17005]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-11-10 165376]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-01-27 9728]
R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-11-10 18048]
R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 ALCXWDM;Service for Avance AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2001-09-19 285533]
R3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2002-11-28 15360]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HCWBT8xx;Hauppauge WinTV 848/9 WDM Video Driver; C:\WINDOWS\system32\drivers\HCWBT8XX.sys [2004-10-08 458820]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2004-06-08 13105]
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2004-06-08 54817]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2004-06-08 71533]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NaiAvFilter1;NaiAvFilter1; C:\WINDOWS\system32\drivers\naiavf5x.sys [2003-09-29 83008]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2005-08-02 3198560]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2003-05-14 10144]
R3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2003-05-14 21216]
R3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2003-05-14 13920]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2003-05-14 44288]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 46848]
S1 tvtool;tvtool; \??\C:\Program Files\TVTool 8\tvtool.sys []
S3 a6e3yx2h;a6e3yx2h; C:\WINDOWS\system32\drivers\a6e3yx2h.sys []
S3 camvid20;Philips ToUcam Camera; Video; C:\WINDOWS\System32\DRIVERS\camdrv21.sys [2001-08-17 223232]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\System32\drivers\CDANT.SYS []
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys []
S3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2004-08-04 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2004-08-04 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2004-08-04 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2004-08-04 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2004-08-04 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2004-08-04 19455]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2004-08-04 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2004-08-04 19551]
S3 iAimTV2;iAimTV2; C:\WINDOWS\System32\DRIVERS\wATV03nt.sys []
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2004-08-04 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615]
S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 msgame;Activateur de port HID vers manette de jeu Sidewinder; C:\WINDOWS\System32\DRIVERS\msgame.sys [2001-08-17 35200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2001-11-29 172708]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2001-11-29 2383460]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2001-11-29 607732]
S3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-11-22 47360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2001-12-05 322948]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2001-11-29 175160]
S3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2001-11-29 33028]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 V90drv;v90drv; C:\WINDOWS\System32\DRIVERS\v90drv.sys [2001-11-29 1432836]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 W8335XP;NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335); C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys []
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2003-05-14 5728]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2009-04-02 464264]
R2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-02 234888]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 C-DillaSrv;C-DillaSrv; C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE [2003-04-01 46080]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2001-10-25 90112]
R2 GhostStartService;GhostStartService; C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE [2002-08-14 200704]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 McAfeeFramework;Service Framework McAfee; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe [2004-06-09 102463]
R2 McShield;Network Associates McShield; C:\Program Files\Network Associates\VirusScan\Mcshield.exe [2003-09-29 237657]
R2 McTaskManager;Network Associates Task Manager; C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe [2003-09-29 69706]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-08-02 127043]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-08-08 53520]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-28 183280]
S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2001-11-29 45056]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 ADSLAutoconnect;ADSLAutoconnect; C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe [2003-10-09 466944]

-----------------EOF-----------------
<<<<<<<<<<<<
<<<<<<<<<<<<
<<<<<<<<<<<<
info.txt
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>>><
info.txt logfile of random's system information tool 1.06 2009-11-09 18:34:48

======Uninstall list======

-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adaptec ASPI XP v4.71.1-->C:\PROGRA~1\ADAPTE~1.1\UNWISE.EXE C:\PROGRA~1\ADAPTE~1.1\INSTALL.LOG
Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~2\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\INSTALL.LOG
Adobe Acrobat PDFWriter 3.03-->C:\WINDOWS\unin040c.exe -fC:\Acrobat3\DeIsL1.isu
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 9.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
ADSL Autoconnect-->C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe -u
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
AIDA32 v3.50-->"C:\Program Files\AIDA32 - Personal System Information\unins000.exe"
Ant Movie Catalog-->"C:\Program Files\Ant Movie Catalog\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Architecture et construction 3D 2004-->"C:\Program Files\Anuman Interactive\Architecture et construction 3D 2004\unins000.exe"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{5662C158-CA24-4228-BF6C-596FADA08682} /l1036
Canon Camera Window DS for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{7B847C9D-6758-45E6-B598-3BD8F43EAE9E}
Canon Camera Window DVC for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A70D14C6-FF2C-4B8E-A643-7E74EC607614}
Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E73534D5-CC93-4C63-9072-5A9734255C74}
Canon EOS Kiss_N REBEL_XT 350D Pilote WIA -->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}
Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{954BF446-BBC9-42CC-87A6-EBF0D55CA19A}
Canon PhotoRecord-->MsiExec.exe /X{862983D7-FA08-493E-A9ED-6B7859E069D3}
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A0F34E4E-25F0-4B68-AE8F-EF0C15CB1FED}
Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{28291BD5-92D2-4685-82DC-CCA925C53CCA}
Canon Utilities Digital Photo Professional 1.6.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{789CF5F1-3326-4B7B-9D01-31047E0F5651}
Canon Utilities EOS Capture 1.3-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{16480125-0428-4097-9A2A-74464004D169}
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
Canon ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Celestia 1.3.1-->"C:\Program Files\Celestia\unins000.exe"
CloneCD-->"C:\Program Files\Elaborate Bytes\CloneCD\ccd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneCD"
Colin McRae Rally 04-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F8718F95-21A1-44B9-97EC-679C93020BAE}\setup.exe" -l0x40c
Colin McRae Rally 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}\setup.exe"
Compel Adaptec WinASPI-->"C:\Program Files\WinASPI\unins000.exe"
Copy Utility-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\EPSON\Copy Utility\Uninst.isu"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
CoupeFichier 1.0-->"C:\Program Files\CoupeFichier\uninstall.exe"
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DjVuLibre+DjView-->C:\Program Files\DjVuZone\DjVuLibre\uninst.exe
DVD Region-Free 3.62-->"C:\Program Files\DVD Region-Free\unins000.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
e-Carte Bleue VISA Cléo-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\ECBCLEO.INF, DefaultUninstall.ntx86
eMule-->"C:\Program Files\eMule\Uninstall.exe"
encodeur Real Video Producer-->C:\Program Files\Ripp-it_AM\PRODUCER_Uninstal.exe
Encyclopédie Hachette des Vins 2005-->"C:\Program Files\Hachette Multimédia\Encyclopédie Hachette des Vins 2005\unins000.exe"
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r
EPSON Photo Print-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\EPSON\Photo Print\Uninst.isu"
EPSON Smart Panel-->C:\Program Files\EPSON\Smart Panel\SPUninst.exe
EPSON TWAIN 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\setup.exe" UNINSTALL
FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe"
Garmin Communicator Plugin-->MsiExec.exe /X{84CC9583-C2D6-42E6-A373-6FDDDA6A8BA6}
Garmin MapSource-->MsiExec.exe /X{EA6EB7D0-C920-4434-B43D-0DDD0AF8F497}
Garmin POI Loader-->MsiExec.exe /X{DFA1E2C8-A9DE-4B99-8B3C-866664B5F67C}
Garmin USB Drivers-->MsiExec.exe /X{B1102A25-3AA3-446B-AA0F-A699B07A02FD}
Garmin WebUpdater-->MsiExec.exe /X{366FFC89-C800-4366-B903-B9C4314109A5}
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Hauppauge French Help Files and Resources-->C:\PROGRA~1\WinTV\UNHLPfra.EXE C:\PROGRA~1\WinTV\WTV2Kfra.LOG
Hauppauge WinTV Scheduler-->C:\PROGRA~1\WinTV\SCHEDU~1\UNWISE.EXE C:\PROGRA~1\WinTV\SCHEDU~1\INSTALL.LOG
Hauppauge WinTV Soft PVR-->C:\PROGRA~1\WinTV\UNSftPVR.EXE C:\PROGRA~1\WinTV\softpvr.LOG
Hauppauge WinTV Source Selector-->C:\PROGRA~1\WinTV\UNtvsel.EXE C:\PROGRA~1\WinTV\WINTVsel.LOG
Hauppauge WinTV2000-->C:\PROGRA~1\WinTV\UNTV32.EXE C:\PROGRA~1\WinTV\WINTV2K.LOG
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
hp L1730 INF and ICM software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{363102EE-B82F-44DD-BA51-8B1EA98249D9}\Setup.exe" -l0x40c
IFOEdit 0.971 Fr-->C:\Program Files\IfoEdit\UnInstall_IfoEdit.exe
IGN Rando-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll<UNINSTALL_CMD>
Indeo® Software-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu" -c"C:\Program Files\Ligos\Indeo\Indeo System Files\indounin.dll"
InterVideo WinDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL
iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java 2 Runtime Environment Standard Edition v1.3.1_03-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\JavaSoft\JRE\1.3.1_03\Uninst.isu"
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Java Runtime Environment 1.1-->C:\WINDOWS\uninst.exe -f"C:\Program Files\JavaSoft\JRE\1.1\lib\DeIsL1.isu"
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Le Nouveau Littré-->"F:\NLittre\nlittreunsub.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
L'Encyclopédie des Oiseaux-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\Alsyd\WinBirds\DeIsL1.isu" -c"C:\Program Files\Alsyd\WinBirds\_ISREG32.DLL"
LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.80 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x40c UNINSTALL
Logitech Gaming Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EC14D5-7AAA-4EAD-BB75-013817A96598}\setup.exe" -l0x40c
Logitech SetPoint-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c
Macromedia Shockwave Player-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee VirusScan Enterprise-->MsiExec.exe /I{43D1F052-544F-468E-9944-3791243FF672}
MeuhMeuhTV (désinstallation uniquement)-->C:\Program Files\MeuhMeuhTV\UninstMMTV.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 97 Professional-->C:\Program Files\Microsoft Office\Office\Install\Acme.exe /w Off97Pro.STF
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explor

Répondre à bobba_feet

Avec la suite de info.txt
<<<<<<<<<<<<<<<<<<<<<<<
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
MMTVConfig (désinstallation seulement)-->C:\Program Files\MMTVConfig\cfguninst.exe
MMTVRecorder (désinstallation seulement)-->C:\Program Files\MMTVRecorder\uninst.exe
Monkey's Audio-->"C:\Program Files\Monkey's Audio\unins000.exe"
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Messenger 6.1-->MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600207}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Need For Speed Underground-->C:\Program Files\EA GAMES\Need For Speed Underground\EAUninstall.exe
Neodivx 9.2 Crystal Fusion-->c:\Neodivx\unins000.exe
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Digital-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
NewsBin Pro V5-->C:\Program Files\NewsBin\uninst.exe
Norton Ghost-->MsiExec.exe /I{6975E810-C92F-45F0-0BFD-187B312F10E8}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Online Manuals for WinTV (French)-->C:\PROGRA~1\WinTV\UNTVmans.exe C:\PROGRA~1\WinTV\WinTVMan.LOG
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Paint Shop Pro 5.01 CD-->C:\PROGRA~1\PAINTS~1\UNWISE.EXE C:\PROGRA~1\PAINTS~1\INSTALL.LOG
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
pdfforge Toolbar v1.1.1-->MsiExec.exe /X{4EF8BE6A-899C-4196-94E7-297C5F7A203E}
Permis de construire Expert CAD-->"C:\Program Files\Anuman Interactive\Permis de construire Expert CAD\unins000.exe"
Philips ToUcam Pro Camera-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\PROGRA~1\PHILIP~1\Kill840.exe" 840 ToUcamVProperty VProperty
ProjectX 0.90.4.00-->C:\Program Files\ProjectX_0.90.4.00\Uninstall.exe
QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Ri4m v5.0.1d-->C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
RTPatch Update-->"C:\Program Files\Fichiers communs\PocketSoft\RTPatch\AutoRTP\unins000.exe"
ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\Setup.exe" ADDREMOVEDLG
Shockwave-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
SIMPLE 4.5S-->"C:\Program Files\SIMPLE45S\miniuins.exe"
Smart Link 56K Voice Modem-->C:\WINDOWS\Modio\SLAMRNTV\slclean.exe
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SubSync-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\SubSync\ST6UNST.LOG"
SUPER © Version 2009.bld.36 (June 10, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
TeLL me More-->C:\TeLLmeMore\UnInstal.exe C:\TeLLmeMore\
Time Adjuster v2.9 (STANDARD)-->C:\Program Files\TimeAdjuster\uninstall.exe
TreeSize Professional 3.21-->"C:\Program Files\JAM Software\TreeSize Professional\unins000.exe"
TYPSoft FTP Server-->"C:\TYPSoft FTP Server\unins000.exe"
Vim 6.3 (self-installing)-->C:\Program Files\vim\vim63\uninstall-gui.exe
VLC media player 1.0.1-->C:\Program Files\adslTV\uninstall.exe
VTPlus32 pour WinTV (French)-->C:\PROGRA~1\vtplus\UNVTplus.exe C:\PROGRA~1\vtplus\VTPlus.LOG
Vuze Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Vuze-->C:\Program Files\Azureus\uninstall.exe
WinAce Archiver-->C:\Program Files\WinAce\SXUNINST.EXE C:\Program Files\WinAce\SXUNINST.INI
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)-->rundll32.exe C:\PROGRA~1\DIFX\15B7F172FC21855D\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\grmnusb_09F3E629557EBE4D2BA1A9469BDAE635AC0807AE\grmnusb.inf
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinHTTrack Website Copier 3.33-->"C:\Program Files\WinHTTrack\unins000.exe"
WinZip-->C:\PROGRA~1\WinZip\winzip32.exe /uninstall
xp-AntiSpy 3.92-->C:\Program Files\xp-AntiSpy\uninst.exe
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======System event log======

Computer Name: P-ONE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Google Software Updater.

Record Number: 71556
Source Name: Service Control Manager
Time Written: 20090901144400.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: P-ONE
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : arrêté.

Record Number: 71555
Source Name: Service Control Manager
Time Written: 20090901123000.000000+120
Event Type: Informations
User:

Computer Name: P-ONE
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.

Record Number: 71554
Source Name: Service Control Manager
Time Written: 20090901122900.000000+120
Event Type: Informations
User:

Computer Name: P-ONE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Google Software Updater.

Record Number: 71553
Source Name: Service Control Manager
Time Written: 20090901122900.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: P-ONE
Event Code: 10021
Message: Le descripteur de sécurité d'exécution et d'activation défini pour l'application serveur COM avec le CLSID
{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}
n'est pas valide. Il contient des entrées de contrôle d'accès (ACE) avec des autorisations qui ne sont pas valides. Par conséquent, l'action demandée n'a pas été effectuée. Cette autorisation de sécurité peut être corrigée à l'aide de l'outil d'administration Services de composants.

Record Number: 71552
Source Name: DCOM
Time Written: 20090901073810.000000+120
Event Type: erreur
User:

=====Application event log=====

Computer Name: P-ONE
Event Code: 5000
Message: VirusScan Enterprise Le service McShield a démarré - Recherche de 357714 virus en cours.

Version de moteur : 5.2.00

Version de .DAT : 5195

Nom d'EXTRA.DAT : Aucun

Nombre de signatures de virus dans EXTRA.DAT : Aucun

Noms des virus détectés par EXTRA.DAT : Aucun

Record Number: 840
Source Name: McLogEvent
Time Written: 20071230101942.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: P-ONE
Event Code: 105
Message: The service was started.

Record Number: 839
Source Name: WMDM PMSP Service
Time Written: 20071230101936.000000+060
Event Type: Informations
User:

Computer Name: P-ONE
Event Code: 0
Message:
Record Number: 838
Source Name: GhostStartService
Time Written: 20071230101932.000000+060
Event Type: Informations
User:

Computer Name: P-ONE
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 837
Source Name: SecurityCenter
Time Written: 20071229101452.000000+060
Event Type: Informations
User:

Computer Name: P-ONE
Event Code: 5000
Message: VirusScan Enterprise Le service McShield a démarré - Recherche de 357714 virus en cours.

Version de moteur : 5.2.00

Version de .DAT : 5195

Nom d'EXTRA.DAT : Aucun

Nombre de signatures de virus dans EXTRA.DAT : Aucun

Noms des virus détectés par EXTRA.DAT : Aucun

Record Number: 836
Source Name: McLogEvent
Time Written: 20071229101451.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

======Environment variables======

"CLASSPATH"=.;"C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip";C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=1
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;"C:\Program Files\Symantec\Norton Ghost 2003\";C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 4, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0204
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
>>>>>>>>>>>>>>>>>>>>>>>

Répondre à bobba_feet

Désinstalle Vuze Toolbar et pdfforge Toolbar.

Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

Double-clique sur AD-R situé sur ton Bureau pour le lancer.

(Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)

Choisis la langue F pour français.
Au menu principal, choisis l'option L.

/!\ Laisse travailler l'outil /!\

Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

Répondre à Destrio5

Et hop :
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_B | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 08.11.2009 à 14:49
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 20:52:51, 09/11/2009 | Mode Normal | Option: CLEAN
Exécuté de: "C:\Program Files\Ad-Remover\"
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: P-ONE | Utilisateur actuel: pascal
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
.
C:\DOCUME~1\pascal\LOCALS~1\TEMPOR~1\Content.IE5\LUH5QXBP\pdfforgeToolbar[1].msi
C:\DOCUME~1\pascal\Cookies\pascal@ask[2].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.5 [fr] *
.
Nom du profil: pxu5ebnu.default (pascal)
.
(pascal, prefs.js) Browser.download.lastDir, C:\Documents and Settings\pascal\Bureau
(pascal, prefs.js) Browser.search.selectedEngine, Google
(pascal, prefs.js) Browser.startup.homepage, hxxp://start.mozilla.org/firefox?client=firefox-a&rls=org.mozilla:fr-FRfficial
.
(pascal, prefs.js) EFFAC+ - Extensions.snipit.history_query, brendan%20et%20le%20secret%20de%20kells=ASKURL=hxxp://www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis||brendan%20et%20le%20secret%20de%20kells=ASKURL=//www.ask.com/web?q=brendan%20et%20le%20secret%20de%20kells&qsrc=2871&o=10611&l=dis
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\pascal\Bureau\TS_vers_DVD\DVDPatcher_V106\DVDPatcher_v106.exe
C:\Documents and Settings\pascal\Local Settings\Application Data\IM\Identities\{D5C95832-5BE2-49D8-BEF5-142D263AA197}\Message Store\Attachments\Farenheit (Crack).rar
.
===================================
.
38036 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
376 Fichier(s) - C:\DOCUME~1\pascal\LOCALS~1\Temp
319 Fichier(s) - C:\WINDOWS\Temp
.
17 Fichier(s) - "C:\Program Files\Ad-Remover\BACKUP"
2 Fichier(s) - "C:\Program Files\Ad-Remover\QUARANTINE"
.
Fin à: 21:10:45 | 09/11/2009 - CLEAN[1]
.
============== E.O.F ==============
.

Répondre à bobba_feet

Bien, désinstalle Ad-Remover.

Refais un scan RSIT et poste le rapport log.

Répondre à Destrio5

Il y a toujours b.exe au fait :

Logfile of random's system information tool 1.06 (written by random/random)
Run by pascal at 2009-11-09 21:31:22
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 6 GB (15%) free of 36 GB
Total RAM: 767 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:31:33, on 09/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\PROGRA~1\PHILIP~1\VProperty.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\pascal\LOCALS~1\Temp\b.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\pascal\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\pascal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [] C:\WINDOWS\Options\OEMReset.exe /Audit
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P and now I post my Hijack log] C:\WINDOWS\system32\warez.exe
O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [TurboNet] C:\DOCUME~1\pascal\LOCALS~1\Temp\b.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 9661708767
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/g [...] wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F87DE87-FD88-4C5F-9523-FD0BC006B619}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: bw+0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O24 - Desktop Component 1: FIP en direct - http://www.radiofrance.fr/chaines/fip/direct/popup.php

--
End of file - 21996 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{FFDE6A03-7A61-4531-81FD-01A9896D900C}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2006-02-07 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-27 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-07-11 342600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""=C:\WINDOWS\Options\OEMReset.exe [2002-02-22 294912]
"EPSON Stylus C42 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [2002-02-19 74240]
"CloneCDElbyCDFL"=C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe [2002-11-02 45056]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ToUcamVProperty"=C:\PROGRA~1\PHILIP~1\VProperty.exe [2003-04-02 131072]
"ShStatEXE"=C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE [2003-09-29 81990]
"McAfeeUpdaterUI"=C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe [2004-06-09 135224]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-08-02 7110656]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-08-02 86016]
"I downloaded pirated Software from P2P and now I post my Hijack log"=C:\WINDOWS\system32\warez.exe []
"eCarteBleue-CLEO"=C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe [2006-02-07 200704]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-10-15 198160]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LDM"=\Program\ []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-04 68856]
"TurboNet"=C:\DOCUME~1\pascal\LOCALS~1\Temp\b.exe [2009-11-09 152064]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\KEM.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\pascal\Menu Démarrer\Programmes\Démarrage
Démarrage d'Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
Microsoft Recherche accélérée.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\Program Files\DVD Region-Free\DVDShell.dll [2004-03-07 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*isabled:Logitech Desktop Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*isabled:@xpsp2res.dll,-22019"
"C:\Program Files\EA Games\Need For Speed Underground\speed.exe"="C:\Program Files\EA Games\Need For Speed Underground\speed.exe:*:Enabled:speed"
"C:\Program Files\Wizou\FreeXplorer\FreeXplorer.exe"="C:\Program Files\Wizou\FreeXplorer\FreeXplorer.exe:*:Enabled:FreeXplorer"
"C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*isabled:Firefox"
"C:\Program Files\Wizou\FreeXplorer\Freeplayer\vlc\vlc.exe"="C:\Program Files\Wizou\FreeXplorer\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\HomePlayer\bin\HomePlayer.exe"="C:\Program Files\HomePlayer\bin\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\adslTV\adslTV.exe"="C:\Program Files\adslTV\adslTV.exe:*:Enabled:adslTV"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Real\RealOne Player\realplay.exe"="C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player"
"C:\Program Files\EasyBox\apache\apache.exe"="C:\Program Files\EasyBox\apache\apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\EasyBox\vlc\vlc.exe"="C:\Program Files\EasyBox\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Java\jre1.6.0_02\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_02\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Network Associates\Common Framework\FrameworkService.exe"="C:\Program Files\Network Associates\Common Framework\FrameworkService.exe:*:Enabled:Framework Service"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe:*:Enabled:FileZilla"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\SYSTEM32\mmc.exe"="C:\WINDOWS\SYSTEM32\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\XBMC\XBMC.exe"="C:\Program Files\XBMC\XBMC.exe:*:Enabled:XBMC Media Center"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7dee97c1-6cc9-11d6-af79-806d6172696f}]
shell\play\command - C:\Program Files\InterVideo\WinDVD\WinDVD.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{accef6a0-ed06-11dd-98cd-000476f3090b}]
shell\AutoRun\command - I:\hpcc.exe

======List of files/folders created in the last 1 months======

2009-11-09 20:52:45 ----D---- C:\Program Files\Ad-Remover
2009-11-09 18:34:25 ----D---- C:\Program Files\trend micro
2009-11-09 18:34:23 ----D---- C:\rsit
2009-11-09 17:52:18 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-11-09 17:21:13 ----D---- C:\Documents and Settings\pascal\Application Data\Malwarebytes
2009-11-09 17:20:58 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-09 17:20:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-09 16:43:58 ----N---- C:\WINDOWS\UNNeroVision.exe
2009-11-09 16:43:07 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2009-11-08 18:45:29 ----A---- C:\WINDOWS\VobEdit.INI
2009-10-30 14:17:31 ----A---- C:\WINDOWS\system32\i420vfw.dll
2009-10-30 14:17:31 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2009-10-30 14:17:01 ----RSH---- C:\WINDOWS\system32\nbDX.dll
2009-10-30 14:17:01 ----RSH---- C:\WINDOWS\system32\msfDX.dll
2009-10-30 14:16:56 ----RSH---- C:\WINDOWS\system32\flvDX.dll
2009-10-30 14:16:34 ----D---- C:\Program Files\eRightSoft
2009-10-15 21:45:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 21:40:48 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 21:40:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 21:39:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 21:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 21:39:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 21:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 21:37:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 21:37:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-15 21:37:02 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-15 21:22:27 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-10-15 21:20:07 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-10-15 21:17:48 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-10-15 21:17:48 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-10-15 21:17:35 ----D---- C:\Program Files\Fichiers communs\xing shared

======List of files/folders modified in the last 1 months======

2009-11-09 21:31:33 ----D---- C:\WINDOWS\Prefetch
2009-11-09 21:25:49 ----SD---- C:\WINDOWS\Tasks
2009-11-09 21:20:20 ----D---- C:\Program Files\Mozilla Firefox
2009-11-09 21:11:03 ----D---- C:\WINDOWS\Temp
2009-11-09 20:52:45 ----AD---- C:\Program Files
2009-11-09 20:51:26 ----SHD---- C:\WINDOWS\Installer
2009-11-09 20:51:21 ----D---- C:\WINDOWS\WinSxS
2009-11-09 20:45:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-09 18:08:13 ----AH---- C:\WINDOWS\system32\ffastlog.txt
2009-11-09 18:08:12 ----D---- C:\WINDOWS\SYSTEM32
2009-11-09 18:05:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-09 18:04:29 ----D---- C:\WINDOWS
2009-11-09 18:04:29 ----D---- C:\Program Files\Media Gateway
2009-11-09 17:21:01 ----D---- C:\WINDOWS\system32\drivers
2009-11-09 16:45:39 ----D---- C:\Documents and Settings\pascal\Application Data\Ahead
2009-11-09 16:43:16 ----D---- C:\Program Files\ahead
2009-11-09 16:42:36 ----D---- C:\Program Files\Yahoo!
2009-11-09 12:52:38 ----A---- C:\WINDOWS\IfoEdit.INI
2009-11-09 10:14:24 ----A---- C:\WINDOWS\hpbafd.ini
2009-11-09 09:44:20 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-11-08 19:20:02 ----D---- C:\Documents and Settings\pascal\Application Data\XBMC
2009-11-08 19:18:28 ----D---- C:\Documents and Settings\pascal\Application Data\vlc
2009-11-08 19:16:32 ----D---- C:\A TRAVAILLER
2009-11-08 18:57:24 ----A---- C:\WINDOWS\winzip32.ini
2009-11-08 18:57:24 ----A---- C:\WINDOWS\win.ini
2009-11-08 10:06:31 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-11-07 23:18:06 ----D---- C:\Documents and Settings\pascal\Application Data\Azureus
2009-11-07 16:19:59 ----D---- C:\Program Files\Winamp
2009-11-07 09:30:50 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-05 03:02:42 ----D---- C:\WINDOWS\INF
2009-11-05 03:02:33 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-11-05 03:00:54 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-01 13:41:54 ----D---- C:\Documents and Settings\pascal\Application Data\dvdcss
2009-10-30 14:17:27 ----D---- C:\WINDOWS\FONTS
2009-10-30 11:34:20 ----D---- C:\temp
2009-10-29 09:31:07 ----D---- C:\WINDOWS\HELP
2009-10-25 07:19:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-24 15:53:21 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-24 15:51:13 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-17 13:29:38 ----D---- C:\Program Files\Azureus
2009-10-15 21:46:21 ----A---- C:\WINDOWS\imsins.BAK
2009-10-15 21:46:09 ----D---- C:\Program Files\Internet Explorer
2009-10-15 21:22:25 ----D---- C:\Documents and Settings\pascal\Application Data\Real
2009-10-15 21:20:17 ----D---- C:\Program Files\Fichiers communs\Real
2009-10-15 21:17:35 ----D---- C:\Program Files\Fichiers communs
2009-10-15 21:15:52 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-10-15 21:15:52 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-10-15 21:15:51 ----A---- C:\WINDOWS\system32\pncrt.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 GhPciScan;GhostPciScanner; \??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2003-10-10 52128]
R1 SSHDRV76;SSHDRV76; \??\C:\WINDOWS\System32\drivers\SSHDRV76.sys []
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-08-14 17005]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-11-10 165376]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-01-27 9728]
R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-11-10 18048]
R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 ALCXWDM;Service for Avance AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2001-09-19 285533]
R3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2002-11-28 15360]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HCWBT8xx;Hauppauge WinTV 848/9 WDM Video Driver; C:\WINDOWS\system32\drivers\HCWBT8XX.sys [2004-10-08 458820]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2004-06-08 13105]
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2004-06-08 54817]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2004-06-08 71533]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NaiAvFilter1;NaiAvFilter1; C:\WINDOWS\system32\drivers\naiavf5x.sys [2003-09-29 83008]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2005-08-02 3198560]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2003-05-14 10144]
R3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2003-05-14 21216]
R3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2003-05-14 13920]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2003-05-14 44288]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 46848]
S1 tvtool;tvtool; \??\C:\Program Files\TVTool 8\tvtool.sys []
S3 a6e3yx2h;a6e3yx2h; C:\WINDOWS\system32\drivers\a6e3yx2h.sys []
S3 camvid20;Philips ToUcam Camera; Video; C:\WINDOWS\System32\DRIVERS\camdrv21.sys [2001-08-17 223232]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\System32\drivers\CDANT.SYS []
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys []
S3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2004-08-04 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2004-08-04 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2004-08-04 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2004-08-04 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2004-08-04 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2004-08-04 19455]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2004-08-04 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2004-08-04 19551]
S3 iAimTV2;iAimTV2; C:\WINDOWS\System32\DRIVERS\wATV03nt.sys []
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2004-08-04 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615]
S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 msgame;Activateur de port HID vers manette de jeu Sidewinder; C:\WINDOWS\System32\DRIVERS\msgame.sys [2001-08-17 35200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2001-11-29 172708]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2001-11-29 2383460]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2001-11-29 607732]
S3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-11-22 47360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2001-12-05 322948]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2001-11-29 175160]
S3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2001-11-29 33028]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 V90drv;v90drv; C:\WINDOWS\System32\DRIVERS\v90drv.sys [2001-11-29 1432836]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 W8335XP;NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335); C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys []
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2003-05-14 5728]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 C-DillaSrv;C-DillaSrv; C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE [2003-04-01 46080]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2001-10-25 90112]
R2 GhostStartService;GhostStartService; C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE [2002-08-14 200704]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 McAfeeFramework;Service Framework McAfee; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe [2004-06-09 102463]
R2 McShield;Network Associates McShield; C:\Program Files\Network Associates\VirusScan\Mcshield.exe [2003-09-29 237657]
R2 McTaskManager;Network Associates Task Manager; C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe [2003-09-29 69706]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-08-02 127043]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-08-08 53520]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-28 183280]
S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2001-11-29 45056]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 ADSLAutoconnect;ADSLAutoconnect; C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe [2003-10-09 466944]

-----------------EOF-----------------

Répondre à bobba_feet

Télécharge OTM (OldTimer) sur ton Bureau.
Double-clique sur OTM.exe afin de le lancer.
Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"I downloaded pirated Software from P2P and now I post my Hijack log"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LDM"=-
"TurboNet"=-

:files
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
C:\DOCUME~1\pascal\LOCALS~1\Temp\b.exe

:commands
[purity]
[emptytemp]
[reboot]

Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
Clique maintenant sur le bouton MoveIt! puis ferme OTM.

---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\

---> Le nom du rapport correspond au moment de sa création : date_heure.log

Répondre à Destrio5

C'est fait :
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\I downloaded pirated Software from P2P and now I post my Hijack log deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\LDM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\TurboNet deleted successfully.
========== FILES ==========
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job moved successfully.
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job moved successfully.
C:\DOCUME~1\pascal\LOCALS~1\Temp\b.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 382464 bytes
->Temporary Internet Files folder emptied: 315829 bytes

User: LocalService
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
->Temp folder emptied: 115616 bytes
->Temporary Internet Files folder emptied: 1323622 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 21299033 bytes

User: pascal
->Temp folder emptied: 57031448 bytes
->Temporary Internet Files folder emptied: 352747084 bytes
->Java cache emptied: 57633296 bytes
->FireFox cache emptied: 47658461 bytes

User: Propriétaire
->Temp folder emptied: 382464 bytes
->Temporary Internet Files folder emptied: 315829 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1158232 bytes
%systemroot%\System32 .tmp files removed: 3891200 bytes
Windows Temp folder emptied: 679624521 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1167,18 mb

OTM by OldTimer - Version 3.0.0.6 log created on 11092009_214518

Files moved on Reboot...

Registry entries deleted on Reboot...

Répondre à bobba_feet

Désinstalle les programmes suivants :

- J2SE Runtime Environment 5.0 Update 2}
- J2SE Runtime Environment 5.0 Update 4
- J2SE Runtime Environment 5.0 Update 6
- Java 2 Runtime Environment Standard Edition v1.3.1_03
- Java 2 Runtime Environment, SE v1.4.2_05
- Java Runtime Environment 1.1-
- Java 6 Update 15
- Java 6 Update 2
- Java 6 Update 3
- Java 6 Update 5
- Java 6 Update 7
- Java SE Runtime Environment 6 Update 1

Mets à jour Java.

Refais un scan RSIT et poste le rapport log.

Répondre à Destrio5

C'est fait :
Logfile of random's system information tool 1.06 (written by random/random)
Run by pascal at 2009-11-10 07:28:45
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 7 GB (19%) free of 36 GB
Total RAM: 767 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:28:57, on 10/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\PROGRA~1\PHILIP~1\VProperty.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\pascal\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\pascal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [] C:\WINDOWS\Options\OEMReset.exe /Audit
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 9661708767
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/g [...] wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F87DE87-FD88-4C5F-9523-FD0BC006B619}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: bw+0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {623B16CC-287A-43D9-9640-A20EE1DD0521} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O24 - Desktop Component 1: FIP en direct - http://www.radiofrance.fr/chaines/fip/direct/popup.php

--
End of file - 21766 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{FFDE6A03-7A61-4531-81FD-01A9896D900C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2006-02-07 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-27 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-10 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-07-11 342600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""=C:\WINDOWS\Options\OEMReset.exe [2002-02-22 294912]
"EPSON Stylus C42 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [2002-02-19 74240]
"CloneCDElbyCDFL"=C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe [2002-11-02 45056]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ToUcamVProperty"=C:\PROGRA~1\PHILIP~1\VProperty.exe [2003-04-02 131072]
"ShStatEXE"=C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE [2003-09-29 81990]
"McAfeeUpdaterUI"=C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe [2004-06-09 135224]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-08-02 7110656]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-08-02 86016]
"eCarteBleue-CLEO"=C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe [2006-02-07 200704]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-10-15 198160]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-10 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-04 68856]
"LDM"=\Program\ []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\KEM.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\pascal\Menu Démarrer\Programmes\Démarrage
Démarrage d'Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
Microsoft Recherche accélérée.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\Program Files\DVD Region-Free\DVDShell.dll [2004-03-07 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*isabled:Logitech Desktop Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*isabled:@xpsp2res.dll,-22019"
"C:\Program Files\EA Games\Need For Speed Underground\speed.exe"="C:\Program Files\EA Games\Need For Speed Underground\speed.exe:*:Enabled:speed"
"C:\Program Files\Wizou\FreeXplorer\FreeXplorer.exe"="C:\Program Files\Wizou\FreeXplorer\FreeXplorer.exe:*:Enabled:FreeXplorer"
"C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*isabled:Firefox"
"C:\Program Files\Wizou\FreeXplorer\Freeplayer\vlc\vlc.exe"="C:\Program Files\Wizou\FreeXplorer\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\HomePlayer\bin\HomePlayer.exe"="C:\Program Files\HomePlayer\bin\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\adslTV\adslTV.exe"="C:\Program Files\adslTV\adslTV.exe:*:Enabled:adslTV"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Real\RealOne Player\realplay.exe"="C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player"
"C:\Program Files\EasyBox\apache\apache.exe"="C:\Program Files\EasyBox\apache\apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\EasyBox\vlc\vlc.exe"="C:\Program Files\EasyBox\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Java\jre1.6.0_02\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_02\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Network Associates\Common Framework\FrameworkService.exe"="C:\Program Files\Network Associates\Common Framework\FrameworkService.exe:*:Enabled:Framework Service"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe:*:Enabled:FileZilla"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\SYSTEM32\mmc.exe"="C:\WINDOWS\SYSTEM32\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\XBMC\XBMC.exe"="C:\Program Files\XBMC\XBMC.exe:*:Enabled:XBMC Media Center"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7dee97c1-6cc9-11d6-af79-806d6172696f}]
shell\play\command - C:\Program Files\InterVideo\WinDVD\WinDVD.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{accef6a0-ed06-11dd-98cd-000476f3090b}]
shell\AutoRun\command - I:\hpcc.exe

======List of files/folders created in the last 1 months======

2009-11-10 07:27:50 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-10 07:27:50 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-10 07:27:50 ----A---- C:\WINDOWS\system32\java.exe
2009-11-10 07:18:47 ----SHD---- C:\Config.Msi
2009-11-09 21:45:18 ----D---- C:\_OTM
2009-11-09 20:52:45 ----D---- C:\Program Files\Ad-Remover
2009-11-09 18:34:25 ----D---- C:\Program Files\trend micro
2009-11-09 18:34:23 ----D---- C:\rsit
2009-11-09 17:52:18 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-11-09 17:21:13 ----D---- C:\Documents and Settings\pascal\Application Data\Malwarebytes
2009-11-09 17:20:58 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-09 17:20:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-09 16:43:58 ----N---- C:\WINDOWS\UNNeroVision.exe
2009-11-09 16:43:07 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2009-11-08 18:45:29 ----A---- C:\WINDOWS\VobEdit.INI
2009-10-30 14:17:31 ----A---- C:\WINDOWS\system32\i420vfw.dll
2009-10-30 14:17:31 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2009-10-30 14:17:01 ----RSH---- C:\WINDOWS\system32\nbDX.dll
2009-10-30 14:17:01 ----RSH---- C:\WINDOWS\system32\msfDX.dll
2009-10-30 14:16:56 ----RSH---- C:\WINDOWS\system32\flvDX.dll
2009-10-30 14:16:34 ----D---- C:\Program Files\eRightSoft
2009-10-15 21:45:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 21:40:48 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 21:40:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 21:39:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 21:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 21:39:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 21:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 21:37:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 21:37:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-15 21:37:02 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-15 21:22:27 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-10-15 21:20:07 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-10-15 21:17:48 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-10-15 21:17:48 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-10-15 21:17:35 ----D---- C:\Program Files\Fichiers communs\xing shared

======List of files/folders modified in the last 1 months======

2009-11-10 07:28:14 ----D---- C:\WINDOWS\Prefetch
2009-11-10 07:27:53 ----D---- C:\WINDOWS\Temp
2009-11-10 07:27:51 ----D---- C:\WINDOWS\SYSTEM32
2009-11-10 07:27:17 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-11-10 07:27:14 ----SHD---- C:\WINDOWS\Installer
2009-11-10 07:25:06 ----D---- C:\Program Files\Java
2009-11-10 07:25:05 ----D---- C:\Program Files\Fichiers communs
2009-11-10 07:17:41 ----D---- C:\WINDOWS
2009-11-10 07:07:22 ----D---- C:\Program Files\Mozilla Firefox
2009-11-10 07:04:53 ----SD---- C:\WINDOWS\Tasks
2009-11-10 07:04:47 ----AH---- C:\WINDOWS\system32\ffastlog.txt
2009-11-09 22:22:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-09 20:52:45 ----AD---- C:\Program Files
2009-11-09 20:51:21 ----D---- C:\WINDOWS\WinSxS
2009-11-09 20:45:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-09 18:04:29 ----D---- C:\Program Files\Media Gateway
2009-11-09 17:21:01 ----D---- C:\WINDOWS\system32\drivers
2009-11-09 16:45:39 ----D---- C:\Documents and Settings\pascal\Application Data\Ahead
2009-11-09 16:43:16 ----D---- C:\Program Files\ahead
2009-11-09 16:42:36 ----D---- C:\Program Files\Yahoo!
2009-11-09 12:52:38 ----A---- C:\WINDOWS\IfoEdit.INI
2009-11-09 10:14:24 ----A---- C:\WINDOWS\hpbafd.ini
2009-11-09 09:44:20 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-11-08 19:20:02 ----D---- C:\Documents and Settings\pascal\Application Data\XBMC
2009-11-08 19:18:28 ----D---- C:\Documents and Settings\pascal\Application Data\vlc
2009-11-08 19:16:32 ----D---- C:\A TRAVAILLER
2009-11-08 18:57:24 ----A---- C:\WINDOWS\winzip32.ini
2009-11-08 18:57:24 ----A---- C:\WINDOWS\win.ini
2009-11-08 10:06:31 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-11-07 23:18:06 ----D---- C:\Documents and Settings\pascal\Application Data\Azureus
2009-11-07 16:19:59 ----D---- C:\Program Files\Winamp
2009-11-07 09:30:50 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-05 03:02:42 ----D---- C:\WINDOWS\INF
2009-11-05 03:02:33 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-11-05 03:00:54 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-01 13:41:54 ----D---- C:\Documents and Settings\pascal\Application Data\dvdcss
2009-10-30 14:17:27 ----D---- C:\WINDOWS\FONTS
2009-10-30 11:34:20 ----D---- C:\temp
2009-10-29 09:31:07 ----D---- C:\WINDOWS\HELP
2009-10-25 07:19:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-24 15:53:21 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-24 15:51:13 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-17 13:29:38 ----D---- C:\Program Files\Azureus
2009-10-15 21:46:21 ----A---- C:\WINDOWS\imsins.BAK
2009-10-15 21:46:09 ----D---- C:\Program Files\Internet Explorer
2009-10-15 21:22:25 ----D---- C:\Documents and Settings\pascal\Application Data\Real
2009-10-15 21:20:17 ----D---- C:\Program Files\Fichiers communs\Real
2009-10-15 21:15:52 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-10-15 21:15:52 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-10-15 21:15:51 ----A---- C:\WINDOWS\system32\pncrt.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 GhPciScan;GhostPciScanner; \??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2003-10-10 52128]
R1 SSHDRV76;SSHDRV76; \??\C:\WINDOWS\System32\drivers\SSHDRV76.sys []
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-08-14 17005]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-11-10 165376]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-01-27 9728]
R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-11-10 18048]
R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 ALCXWDM;Service for Avance AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2001-09-19 285533]
R3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2002-11-28 15360]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HCWBT8xx;Hauppauge WinTV 848/9 WDM Video Driver; C:\WINDOWS\system32\drivers\HCWBT8XX.sys [2004-10-08 458820]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2004-06-08 13105]
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2004-06-08 54817]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2004-06-08 71533]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NaiAvFilter1;NaiAvFilter1; C:\WINDOWS\system32\drivers\naiavf5x.sys [2003-09-29 83008]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2005-08-02 3198560]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2003-05-14 10144]
R3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2003-05-14 21216]
R3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2003-05-14 13920]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2003-05-14 44288]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 46848]
S1 tvtool;tvtool; \??\C:\Program Files\TVTool 8\tvtool.sys []
S3 amxzoa9s;amxzoa9s; C:\WINDOWS\system32\drivers\amxzoa9s.sys []
S3 camvid20;Philips ToUcam Camera; Video; C:\WINDOWS\System32\DRIVERS\camdrv21.sys [2001-08-17 223232]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\System32\drivers\CDANT.SYS []
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys []
S3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2004-08-04 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2004-08-04 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2004-08-04 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2004-08-04 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2004-08-04 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2004-08-04 19455]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2004-08-04 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2004-08-04 19551]
S3 iAimTV2;iAimTV2; C:\WINDOWS\System32\DRIVERS\wATV03nt.sys []
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2004-08-04 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615]
S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 msgame;Activateur de port HID vers manette de jeu Sidewinder; C:\WINDOWS\System32\DRIVERS\msgame.sys [2001-08-17 35200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2001-11-29 172708]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2001-11-29 2383460]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2001-11-29 607732]
S3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-11-22 47360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2001-12-05 322948]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2001-11-29 175160]
S3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2001-11-29 33028]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 V90drv;v90drv; C:\WINDOWS\System32\DRIVERS\v90drv.sys [2001-11-29 1432836]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 W8335XP;NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335); C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys []
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2003-05-14 5728]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 C-DillaSrv;C-DillaSrv; C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE [2003-04-01 46080]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2001-10-25 90112]
R2 GhostStartService;GhostStartService; C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE [2002-08-14 200704]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-10 153376]
R2 McAfeeFramework;Service Framework McAfee; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe [2004-06-09 102463]
R2 McShield;Network Associates McShield; C:\Program Files\Network Associates\VirusScan\Mcshield.exe [2003-09-29 237657]
R2 McTaskManager;Network Associates Task Manager; C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe [2003-09-29 69706]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-08-02 127043]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-08-08 53520]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-28 183280]
S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2001-11-29 45056]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 ADSLAutoconnect;ADSLAutoconnect; C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe [2003-10-09 466944]

-----------------EOF-----------------

Répondre à bobba_feet

Plus de souci ?

Répondre à Destrio5

Non çà à l'air nickel. Merci énormément pour le temps passé, les instructions précises, la disponibilité, bref tout quoi.
Chapeau bas !
Amitiés
Pascal

Répondre à bobba_feet

Désinstalle HijackThis.

Télécharge ToolsCleaner2 sur ton Bureau.
Double-clique sur ToolsCleaner2.exe pour le lancer.
Clique sur Recherche et laisse le scan agir.
Clique sur Suppression pour finaliser.
Tu peux, si tu le souhaites, te servir des Options Facultatives.
Clique sur Quitter pour obtenir le rapport.
Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

Télécharge et installe CCleaner Slim.
Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.

Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.

==Prévention==

Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

Par rapport au P2P : Lien

Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien

==Problème résolu ?==

--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :

Clique, dans ton premier message, sur le bouton Editer .
Ajoute la mention [Résolu] devant le titre.
Clique ensuite sur Valider votre message.

Sois plus vigilant(e) sur Internet

Répondre à Destrio5

Merci !!!!!!!!!!!!!!!

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\_OTM: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\pascal\Mes documents\Téléchargements\OTM.exe: trouvé !
C:\Documents and Settings\pascal\Mes documents\Téléchargements\Ad-R.exe: trouvé !
C:\Documents and Settings\pascal\Mes documents\Téléchargements\Rsit.exe: trouvé !
C:\Program Files\Ad-remover: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\pascal\Mes documents\Téléchargements\OTM.exe: supprimé !
C:\Documents and Settings\pascal\Mes documents\Téléchargements\Ad-R.exe: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\Documents and Settings\pascal\Mes documents\Téléchargements\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\_OTM: supprimé !
C:\Rsit: supprimé !
C:\Program Files\Ad-remover: supprimé !

Répondre à bobba_feet

Tu peux supprimer ToolsCleaner.

Bonne soirée

Répondre à Destrio5

Créer un nouveau sujet Répondre

Tom's Guide > Forum > Sécurité - Virus > [Résolu] Pc infecté avec b.exe et msa.exe

Aller à :

Aide |
Règles du forum

Il y a 2105 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Page générée en 0,466 secondes

Liens